From 1fc21c7298153c4ac2d68c186f1576071d509b05 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Apr 13 2015 16:38:16 +0000
Subject: Check in the code as well that deleting comments is only allowed on open items


Here as well that is unless you're an admin

---

diff --git a/pagure/ui/fork.py b/pagure/ui/fork.py
index b62d71d..a7f8412 100644
--- a/pagure/ui/fork.py
+++ b/pagure/ui/fork.py
@@ -359,7 +359,8 @@ def pull_request_drop_comment(repo, requestid, username=None):
             if comment is None or comment.pull_request.repo != repo:
                 flask.abort(404, 'Comment not found')
 
-            if flask.g.fas_user.username != comment.user.username \
+            if (flask.g.fas_user.username != comment.user.username
+                    and comment.parent.status == True) \
                     or not is_repo_admin(repo):
                 flask.abort(
                     403,
diff --git a/pagure/ui/issues.py b/pagure/ui/issues.py
index 05617a9..f1584b1 100644
--- a/pagure/ui/issues.py
+++ b/pagure/ui/issues.py
@@ -77,7 +77,8 @@ def update_issue(repo, issueid, username=None):
             if comment is None or comment.issue.project != repo:
                 flask.abort(404, 'Comment not found')
 
-            if flask.g.fas_user.username != comment.user.username \
+            if (flask.g.fas_user.username != comment.user.username
+                    and comment.parent.status == True) \
                     or not is_repo_admin(repo):
                 flask.abort(
                     403,