Skip to content

Commit

Permalink
Merge pull request #1899 from T-CAIREM/au/event/fix/limit_edit_event_…
Browse files Browse the repository at this point in the history 
…to_event_host_who_created_event

limit update event to the event host(Instructor) who created the event
  • Loading branch information
@tompollard
tompollard authored Feb 24, 2023
2 parents 252e8e3 + b9c57e5 commit 9750547
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions physionet-django/events/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,9 +21,12 @@ def update_event(request, event_slug, **kwargs):
if request.method == 'POST':
event = Event.objects.get(slug=event_slug)
event_form = AddEventForm(user=user, data=request.POST, instance=event)
if event_form.is_valid() and can_change_event:
event_form.save()
messages.success(request, "Updated Event Successfully")
if event_form.is_valid():
if can_change_event and event.host == user:
event_form.save()
messages.success(request, "Updated Event Successfully")
else:
messages.error(request, "You don't have permission to edit this event")
else:
messages.error(request, event_form.errors)
else:
Expand Down

0 comments on commit 9750547

Please sign in to comment.