From 2fb01f40276746bce6d5a6879570b5b631e4f7f0 Mon Sep 17 00:00:00 2001
From: Todd Dembrey <todd.dembrey@torchbox.com>
Date: Thu, 6 Sep 2018 14:38:47 +0100
Subject: [PATCH] Make sure the applicant can only see the determinations

---
 .../templates/activity/include/listing_base.html  |  2 +-
 .../apply/activity/templatetags/activity_tags.py  | 15 +++++++++++++++
 opentech/apply/activity/views.py                  |  4 ++++
 .../src/sass/apply/components/_feed.scss          |  2 +-
 4 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/opentech/apply/activity/templates/activity/include/listing_base.html b/opentech/apply/activity/templates/activity/include/listing_base.html
index 4c9cc090c..5f567ffe2 100644
--- a/opentech/apply/activity/templates/activity/include/listing_base.html
+++ b/opentech/apply/activity/templates/activity/include/listing_base.html
@@ -23,7 +23,7 @@
 
             - {{ activity.message }}
 
-            {% if not submission_title and activity.related_object %}
+            {% if not submission_title and activity|user_can_see_related:request.user %}
                 {% with url=activity.related_object.get_absolute_url %}
                     {% if url %}
                     <a href="{{ url }}" class="feed__related-item">
diff --git a/opentech/apply/activity/templatetags/activity_tags.py b/opentech/apply/activity/templatetags/activity_tags.py
index a16d91342..bb73ac11f 100644
--- a/opentech/apply/activity/templatetags/activity_tags.py
+++ b/opentech/apply/activity/templatetags/activity_tags.py
@@ -1,5 +1,6 @@
 from django import template
 
+from opentech.apply.determinations.models import Determination
 from opentech.apply.review.models import Review
 
 register = template.Library()
@@ -14,3 +15,17 @@ def display_author(activity, user):
     ):
         return 'Reviewer'
     return activity.user
+
+
+@register.filter
+def user_can_see_related(activity, user):
+    if not activity.related_object:
+        return False
+
+    if user.is_apply_staff:
+        return True
+
+    if isinstance(activity.related_object, Determination):
+        return True
+
+    return False
diff --git a/opentech/apply/activity/views.py b/opentech/apply/activity/views.py
index ad90ea369..6a801ea77 100644
--- a/opentech/apply/activity/views.py
+++ b/opentech/apply/activity/views.py
@@ -34,9 +34,13 @@ class ActivityContextMixin:
         extra = {
             'actions': Activity.actions.filter(submission=self.object).select_related(
                 'user',
+            ).prefetch_related(
+                'related_object',
             ).visible_to(self.request.user),
             'comments': Activity.comments.filter(submission=self.object).select_related(
                 'user',
+            ).prefetch_related(
+                'related_object',
             ).visible_to(self.request.user),
         }
 
diff --git a/opentech/static_src/src/sass/apply/components/_feed.scss b/opentech/static_src/src/sass/apply/components/_feed.scss
index 246f10e3b..8852c1926 100644
--- a/opentech/static_src/src/sass/apply/components/_feed.scss
+++ b/opentech/static_src/src/sass/apply/components/_feed.scss
@@ -115,7 +115,7 @@
             width: 10px;
             height: 14px;
             margin-left: 10px;
-            margin-top: 0.25em;
+            margin-top: 0.35em;
             fill: $color--dark-blue;
         }
     }
-- 
GitLab