From 0a5f81410f1d7bd621d370f4ab4c2b0dd8d7cc10 Mon Sep 17 00:00:00 2001 From: Ben Adida <ben@adida.net> Date: Thu, 22 Dec 2011 07:26:04 -0800 Subject: [PATCH] if logged in as a trustee of an election, allow viewing of the election, fixes #23 --- helios/security.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/helios/security.py b/helios/security.py index 0eb218c..f946052 100644 --- a/helios/security.py +++ b/helios/security.py @@ -133,6 +133,11 @@ def user_can_see_election(request, election): if user_can_admin_election(user, election): return True + # or maybe this is a trustee of the election? + trustee = get_logged_in_trustee(request) + if trustee and trustee.election.uuid == election.uuid: + return True + # then this user has to be a voter return (get_voter(request, user, election) != None) -- GitLab