fix: disable removing liaison attachments pending reimplementation (#9555)

rjsparks · web-flow · commit e1c75d461619 · 2025-09-18T12:32:26.000-03:00
diff --git a/ietf/liaisons/tests.py b/ietf/liaisons/tests.py
@@ -971,14 +971,14 @@ def test_liaison_edit_attachment(self):
         r = self.client.post(url, dict(title="New Title"))
         self.assertEqual(r.status_code, 404)
 
-    def test_liaison_delete_attachment(self):
-        attachment = LiaisonStatementAttachmentFactory(document__name='liaiatt-1')
-        liaison = attachment.statement
-        url = urlreverse('ietf.liaisons.views.liaison_delete_attachment', kwargs=dict(object_id=liaison.pk,attach_id=attachment.pk))
-        login_testing_unauthorized(self, "secretary", url)
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 302)
-        self.assertEqual(liaison.liaisonstatementattachment_set.filter(removed=False).count(),0)
+    # def test_liaison_delete_attachment(self):
+    #     attachment = LiaisonStatementAttachmentFactory(document__name='liaiatt-1')
+    #     liaison = attachment.statement
+    #     url = urlreverse('ietf.liaisons.views.liaison_delete_attachment', kwargs=dict(object_id=liaison.pk,attach_id=attachment.pk))
+    #     login_testing_unauthorized(self, "secretary", url)
+    #     r = self.client.get(url)
+    #     self.assertEqual(r.status_code, 302)
+    #     self.assertEqual(liaison.liaisonstatementattachment_set.filter(removed=False).count(),0)
 
     def test_in_response(self):
         '''A statement with purpose=in_response must have related statement specified'''
diff --git a/ietf/liaisons/views.py b/ietf/liaisons/views.py
@@ -17,8 +17,7 @@
 
 from ietf.ietfauth.utils import role_required, has_role
 from ietf.group.models import Group, Role
-from ietf.liaisons.models import (LiaisonStatement,LiaisonStatementEvent,
-    LiaisonStatementAttachment)
+from ietf.liaisons.models import LiaisonStatement,LiaisonStatementEvent
 from ietf.liaisons.utils import (get_person_for_user, can_add_outgoing_liaison,
     can_add_incoming_liaison, can_edit_liaison,can_submit_liaison_required,
     can_add_liaison)
@@ -377,23 +376,29 @@ def liaison_history(request, object_id):
 
 def liaison_delete_attachment(request, object_id, attach_id):
     liaison = get_object_or_404(LiaisonStatement, pk=object_id)
-    attach = get_object_or_404(LiaisonStatementAttachment, pk=attach_id)
+
     if not can_edit_liaison(request.user, liaison):
         permission_denied(request, "You are not authorized for this action.")
-
-    # FIXME: this view should use POST instead of GET when deleting
-    attach.removed = True
-    attach.save()
-
-    # create event
-    LiaisonStatementEvent.objects.create(
-        type_id='modified',
-        by=get_person_for_user(request.user),
-        statement=liaison,
-        desc='Attachment Removed: {}'.format(attach.document.title)
-    )
-    messages.success(request, 'Attachment Deleted')
-    return redirect('ietf.liaisons.views.liaison_detail', object_id=liaison.pk)
+    else:
+        permission_denied(request, "This operation is temporarily unavailable. Ask the secretariat to mark the attachment as removed using the admin.")
+
+    # The following will be replaced with a different approach in the next generation of the liaison tool
+    # attach = get_object_or_404(LiaisonStatementAttachment, pk=attach_id)
+
+    # # FIXME: this view should use POST instead of GET when deleting
+    # attach.removed = True
+    # debug.say("Got here")
+    # attach.save()
+
+    # # create event
+    # LiaisonStatementEvent.objects.create(
+    #     type_id='modified',
+    #     by=get_person_for_user(request.user),
+    #     statement=liaison,
+    #     desc='Attachment Removed: {}'.format(attach.document.title)
+    # )
+    # messages.success(request, 'Attachment Deleted')
+    # return redirect('ietf.liaisons.views.liaison_detail', object_id=liaison.pk)
 
 def liaison_detail(request, object_id):
     liaison = get_object_or_404(LiaisonStatement, pk=object_id)
