From 0a5f81410f1d7bd621d370f4ab4c2b0dd8d7cc10 Mon Sep 17 00:00:00 2001
From: Ben Adida <ben@adida.net>
Date: Thu, 22 Dec 2011 07:26:04 -0800
Subject: [PATCH] if logged in as a trustee of an election, allow viewing of
 the election, fixes #23

---
 helios/security.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/helios/security.py b/helios/security.py
index 0eb218c..f946052 100644
--- a/helios/security.py
+++ b/helios/security.py
@@ -133,6 +133,11 @@ def user_can_see_election(request, election):
   if user_can_admin_election(user, election):
     return True
 
+  # or maybe this is a trustee of the election?
+  trustee = get_logged_in_trustee(request)
+  if trustee and trustee.election.uuid == election.uuid:
+    return True
+
   # then this user has to be a voter
   return (get_voter(request, user, election) != None)
 
-- 
GitLab