Make sure the applicant can only see the determinations

opentech/apply/activity/templates/activity/include/listing_base.html

@@ -23,7 +23,7 @@
 
             - {{ activity.message }}
 
-            {% if not submission_title and activity.related_object %}
+            {% if not submission_title and activity|user_can_see_related:request.user %}
                 {% with url=activity.related_object.get_absolute_url %}
                     {% if url %}
                     <a href="{{ url }}" class="feed__related-item">

opentech/apply/activity/templatetags/activity_tags.py

 from django import template
 
+from opentech.apply.determinations.models import Determination
 from opentech.apply.review.models import Review
 
 register = template.Library()
@@ -14,3 +15,17 @@ def display_author(activity, user):
     ):
         return 'Reviewer'
     return activity.user
+
+
+@register.filter
+def user_can_see_related(activity, user):
+    if not activity.related_object:
+        return False
+
+    if user.is_apply_staff:
+        return True
+
+    if isinstance(activity.related_object, Determination):
+        return True
+
+    return False

opentech/apply/activity/views.py

@@ -34,9 +34,13 @@ class ActivityContextMixin:
         extra = {
             'actions': Activity.actions.filter(submission=self.object).select_related(
                 'user',
+            ).prefetch_related(
+                'related_object',
             ).visible_to(self.request.user),
             'comments': Activity.comments.filter(submission=self.object).select_related(
                 'user',
+            ).prefetch_related(
+                'related_object',
             ).visible_to(self.request.user),
         }
 

opentech/static_src/src/sass/apply/components/_feed.scss

@@ -115,7 +115,7 @@
             width: 10px;
             height: 14px;
             margin-left: 10px;
-            margin-top: 0.25em;
+            margin-top: 0.35em;
             fill: $color--dark-blue;
         }
     }