Add ENABLE_SUBMISSION_WITHDRAWAL to allow enabling withdrawals

This only affects about enabling them, not whether they are in the system. That means that if the configuration is changed over the lifetime of a system, things that were withdrawn when it was enabled retain that status. Issue #3296
HyphaApp · Aug 7, 2024 · 1c012de · 1c012de
1 parent 2d093c7
commit 1c012de
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 2 deletions.
diff --git a/docs/setup/administrators/configuration.md b/docs/setup/administrators/configuration.md
@@ -112,7 +112,11 @@ If applicants should be forced to preview their application before submitting
 
 ----
 
-Set the allowed file extension for all uploads fields.
+### Allow Withdrawing of Submissions
+
+    ENABLE_SUBMISSION_WITHDRAWAL = env.bool('ENABLE_SUBMISSION_WITHDRAWAL', False)
+
+### Set the allowed file extension for all uploads fields.
 
     FILE_ALLOWED_EXTENSIONS = ['doc', 'docx', 'odp', 'ods', 'odt', 'pdf', 'ppt', 'pptx', 'rtf', 'txt', 'xls', 'xlsx']
     FILE_ACCEPT_ATTR_VALUE = ', '.join(['.' + ext for ext in FILE_ALLOWED_EXTENSIONS])

diff --git a/hypha/apply/funds/views.py b/hypha/apply/funds/views.py
@@ -1591,6 +1591,9 @@ def post(self, request, *args, **kwargs):
         return self.withdraw(request, *args, **kwargs)
 
     def withdraw(self, request, *args, **kwargs):
+        if not settings.ENABLE_SUBMISSION_WITHDRAWAL:
+            raise PermissionDenied
+
         obj = self.get_object()
 
         if not obj.phase.permissions.can_edit(request.user):

diff --git a/hypha/apply/funds/workflow.py b/hypha/apply/funds/workflow.py
@@ -407,7 +407,7 @@ def make_permissions(edit=None, review=None, view=None):
             "display": _("Need screening"),
             "public": _("Application Received"),
             "stage": RequestExt,
-            "permissions": default_permissions,
+            "permissions": applicant_edit_permissions,
         },
         "ext_more_info": {
             "transitions": {

diff --git a/hypha/core/context_processors.py b/hypha/core/context_processors.py
@@ -20,4 +20,5 @@ def global_vars(request):
         "SENTRY_DENY_URLS": settings.SENTRY_DENY_URLS,
         "SENTRY_DEBUG": settings.SENTRY_DEBUG,
         "SENTRY_PUBLIC_KEY": settings.SENTRY_PUBLIC_KEY,
+        "ENABLE_SUBMISSION_WITHDRAWAL": settings.ENABLE_SUBMISSION_WITHDRAWAL,
     }
diff --git a/hypha/settings/base.py b/hypha/settings/base.py
@@ -158,6 +158,9 @@
 # Require an applicant to view their rendered application before submitting
 SUBMISSION_PREVIEW_REQUIRED = env.bool("SUBMISSION_PREVIEW_REQUIRED", True)
 
+# Allow Withdrawing of Submissions
+ENABLE_SUBMISSION_WITHDRAWAL = env.bool('ENABLE_SUBMISSION_WITHDRAWAL', False)
+
 # Project settings.
 
 # SECRET_KEY is required