From 863a7e3c0e2580ae8c713b04dac23700debe9a92 Mon Sep 17 00:00:00 2001
From: Simon Brooke <simon@journeyman.cc>
Date: Thu, 6 Sep 2018 16:08:51 +0100
Subject: [PATCH] OK, I'm now happy with the issue experts' workflow.

---
 .../sql/youyesyet.postgres.overrides.sql      | 19 +++++++++++++++++++
 resources/templates/issue-expert/request.html | 13 +++++++++++--
 2 files changed, 30 insertions(+), 2 deletions(-)

diff --git a/resources/sql/youyesyet.postgres.overrides.sql b/resources/sql/youyesyet.postgres.overrides.sql
index dad6bce..146a2db 100644
--- a/resources/sql/youyesyet.postgres.overrides.sql
+++ b/resources/sql/youyesyet.postgres.overrides.sql
@@ -1,3 +1,22 @@
+------------------------------------------------------------------------
+--	User `youyesyet` (the app, and less secure parts of the site)
+--  must have the permissions of `canvassers`.
+------------------------------------------------------------------------
+DO
+$do$
+BEGIN
+   IF NOT EXISTS (
+      SELECT                       -- SELECT list can stay empty for this
+      FROM   pg_catalog.pg_roles
+      WHERE  rolname = 'youyesyet') THEN
+
+      CREATE ROLE youyesyet LOGIN PASSWORD 'thisisnotsecure';
+   END IF;
+END
+$do$;
+
+grant canvassers to youyesyet;
+
 ------------------------------------------------------------------------
 --	convenience view lv_followupactions of entity followupactions for
 --	lists, et cetera
diff --git a/resources/templates/issue-expert/request.html b/resources/templates/issue-expert/request.html
index 295ba19..6207c25 100644
--- a/resources/templates/issue-expert/request.html
+++ b/resources/templates/issue-expert/request.html
@@ -36,7 +36,7 @@
       </label>
       {% ifmemberof issueexperts analysts issueeditors admin %}
       <span id='visit' name='visit' class='pseudo-widget disabled'>
-        by {{visit.canvasser_id_expanded}} at {{visit.date}}
+        by {{visit.canvasser_id_expanded}} on {{visit.date}}
       </span>
       {% else %}
       <span id='visit_id' name='visit_id' class='pseudo-widget not-authorised'>
@@ -46,8 +46,17 @@
     </p>
     <p class='widget'>
       <label for='issue_id'>
-        {{issue.id}}
+        Issue
       </label>
+      {% ifmemberof issueexperts analysts issueeditors admin %}
+      <span id='visit' name='visit' class='pseudo-widget disabled'>
+        {{issue.id}}
+      </span>
+      {% else %}
+      <span id='visit_id' name='visit_id' class='pseudo-widget not-authorised'>
+        You are not permitted to view visit of followuprequests
+      </span>
+      {% endifmemberof %}
       {% ifmemberof issueexperts admin %}
       <div id="issue-brief">
         {{issue.brief|safe}}