2 files changed, 30 insertions, 4 deletions

diff --git a/ishtar_common/templatetags/window_header.py b/ishtar_common/templatetags/window_header.py
index e215426e1..3c77ccf43 100644
--- a/ishtar_common/templatetags/window_header.py
+++ b/ishtar_common/templatetags/window_header.py
@@ -65,9 +65,16 @@ def window_file_nav(context, item, window_id, previous=None, nxt=None):
     histo_url = 'show-historized-file'
     revert_url = 'revert-file'
     add_operation = ""
+    modify_url_value, delete_url = None, None
+    can_edit = hasattr(item, 'can_do') and  \
+               item.can_do(context['request'], 'change_file')
+    if can_edit:
+        modify_url_value = modify_url
+        delete_url = getattr(item, "DELETE_URL", False)
     return {
         'show_url': show_url,
-        'modify_url': modify_url,
+        'modify_url': modify_url_value,
+        'delete_url': delete_url,
         'histo_url': histo_url,
         'revert_url': revert_url,
         'item': item,
diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index 5a4abdc38..abd2b79d8 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -65,7 +65,7 @@ from ishtar_common.models import get_current_profile
 from ishtar_common.templatetags.link_to_window import simple_link_to_window
 from ishtar_common.utils import clean_session_cache, CSV_OPTIONS, \
     get_field_labels_from_path, get_random_item_image_link, shortify, \
-    dict_to_tuple
+    dict_to_tuple, put_session_message
 from ishtar_common.widgets import JQueryAutoComplete
 
 from .views_item import CURRENT_ITEM_KEYS, CURRENT_ITEM_KEYS_DICT, \
@@ -78,6 +78,25 @@ def status(request):
     return HttpResponse('OK')
 
 
+def wizard_is_available(wizard, request, model, pk):
+    try:
+        wizard(request)
+    except IndexError:  # no step available
+        put_session_message(
+            request.session.session_key,
+            _(u"You don't have sufficient permissions to do this action."),
+            'warning'
+        )
+        return
+    q = model.objects.filter(pk=pk)
+    if not q.count():
+        raise Http404()
+    obj = q.all()[0]
+    if hasattr(obj, "locked") and obj.locked:
+        raise Http404()
+    return obj
+
+
 def tiny_redirect(request, url_id):
     db_id = models.TinyUrl.decode_id(url_id)
     link_db = get_object_or_404(models.TinyUrl, id=db_id)
@@ -96,8 +115,8 @@ def index(request):
     profile = get_current_profile()
     if profile.slug == 'default':
         dct['warnings'].append(_(
-            u"The slug of your current profile is set to \"default\". Change it "
-            u"on the administration page (or ask your admin to do it)."))
+            "The slug of your current profile is set to \"default\". Change it "
+            "on the administration page (or ask your admin to do it)."))
     image = get_random_item_image_link(request)
     if hasattr(profile, 'homepage') and profile.homepage:
         dct['homepage'] = markdown(profile.homepage)