From 95f6e1cb995130066534f461fae257f516bfe835 Mon Sep 17 00:00:00 2001
From: Munyoki Kilyungi
Date: Fri, 22 Mar 2024 23:46:30 +0300
Subject: Only display the "edit" link when a user has edit permissions.

Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com>
---
 gn2/wqflask/views.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'gn2/wqflask/views.py')

diff --git a/gn2/wqflask/views.py b/gn2/wqflask/views.py
index 81cacecf..25c4ee1b 100644
--- a/gn2/wqflask/views.py
+++ b/gn2/wqflask/views.py
@@ -1150,11 +1150,23 @@ def display_generif_page(symbol):
 
 @app.route("/datasets/<name>", methods=('GET',))
 def get_dataset(name):
+    from gn2.wqflask.oauth2.client import oauth2_get
+    from gn2.wqflask.oauth2.client import user_logged_in
+    from gn2.wqflask.oauth2.request_utils import user_details
+    from gn2.wqflask.oauth2.request_utils import process_error
+
+    result = oauth2_get(
+        f"auth/resource/authorisation/{name}"
+    ).either(
+        lambda err: {"roles": []},
+        lambda val: val
+    )
     metadata = requests.get(
         urljoin(
             GN3_LOCAL_URL,
             f"/api/metadata/datasets/{name}")
     ).json()
+    metadata["editable"] = "group:resource:edit-resource" in result["roles"]
     return render_template(
         "dataset.html",
         name=name,
-- 
cgit v1.2.3