`has_access(self.page, 'edit')` I think should work. The implementation of
has_access has a lot going on, so might be hard to understand all of it. One
thing you can try is passing `c.user` as the user parameter, it can be good to
be explicit but has_access should be defaulting to that anyway.
I tried your commit and it works, so that is a good start for sure :) I see in
the wiki page history that the edits are done by "Anonymous" so that's probably
related to why the permission check fails.
All form POSTs must include a CSRF token called session id, for security.
Without it, they are treated as anonymous, so I think that is what is
happening. If you search our codebase for `$.cookie('_session_id')` you can
find examples of JS form submits using it.
The Checklists JS code could be moved to a more specific location. I believe
it can be in page_view.html instead of master.html since it only needs to be
used when a page is shown. And if there are comments on a page, then each
comment has its own class="markdown_content" so the `.markdown_content`
selector may have issues if it is matching multiple things. It seems ok now
but something to keep in mind as this expands into other things, including
handling comments themselves.
---
** [tickets:#8230] Make checklists interactive**
**Status:** open
**Milestone:** unreleased
**Created:** Mon Sep 17, 2018 08:59 PM UTC by Dave Brondsema
**Last Updated:** Wed Oct 03, 2018 06:18 PM UTC
**Owner:** nobody
It would be nice if the new checklists from [#8085] were interactive too for
people that have edit access. The markdown-checklist package has some helper
JS for it, but would take custom code to handle the ajax and do the update.
Maybe use existing rest APIs for some artifact types, but everything (wiki
page, ticket, blog post, comment, etc) will need to be handled specifically to
hit the right endpoint and with the right data format.
---
Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed
to https://forge-allura.apache.org/p/allura/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is
a mailing list, you can unsubscribe from the mailing list.
