From 35aae85c8d723d338309fc14d5846eba4e0c36c2 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Fri, 14 Apr 2023 19:16:30 +0200 Subject: [PATCH 1/3] Move dashboard templates to dashboard app --- gnuviechadmin/{ => dashboard}/templates/dashboard/index.html | 0 .../{ => dashboard}/templates/dashboard/user_dashboard.html | 0 2 files changed, 0 insertions(+), 0 deletions(-) rename gnuviechadmin/{ => dashboard}/templates/dashboard/index.html (100%) rename gnuviechadmin/{ => dashboard}/templates/dashboard/user_dashboard.html (100%) diff --git a/gnuviechadmin/templates/dashboard/index.html b/gnuviechadmin/dashboard/templates/dashboard/index.html similarity index 100% rename from gnuviechadmin/templates/dashboard/index.html rename to gnuviechadmin/dashboard/templates/dashboard/index.html diff --git a/gnuviechadmin/templates/dashboard/user_dashboard.html b/gnuviechadmin/dashboard/templates/dashboard/user_dashboard.html similarity index 100% rename from gnuviechadmin/templates/dashboard/user_dashboard.html rename to gnuviechadmin/dashboard/templates/dashboard/user_dashboard.html From a5b65974fb16c4b8febd3e884db56ef2b809ad47 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Fri, 14 Apr 2023 19:16:58 +0200 Subject: [PATCH 2/3] Remove django-braces requirement --- gnuviechadmin/domains/views.py | 5 +++-- gnuviechadmin/hostingpackages/views.py | 22 +++++++++++++++------- poetry.lock | 17 +---------------- pyproject.toml | 1 - 4 files changed, 19 insertions(+), 26 deletions(-) diff --git a/gnuviechadmin/domains/views.py b/gnuviechadmin/domains/views.py index c81e3b4..ac387ec 100644 --- a/gnuviechadmin/domains/views.py +++ b/gnuviechadmin/domains/views.py @@ -4,8 +4,8 @@ This module defines views related to domains. """ from __future__ import absolute_import -from braces.views import StaffuserRequiredMixin from django.contrib import messages +from django.contrib.auth.mixins import PermissionRequiredMixin from django.shortcuts import get_object_or_404, redirect from django.utils.translation import gettext as _ from django.views.generic.edit import CreateView @@ -16,7 +16,7 @@ from .forms import CreateHostingDomainForm from .models import HostingDomain -class CreateHostingDomain(StaffuserRequiredMixin, CreateView): +class CreateHostingDomain(PermissionRequiredMixin, CreateView): """ This view is used for creating a new HostingDomain instance for an existing hosting package. @@ -24,6 +24,7 @@ class CreateHostingDomain(StaffuserRequiredMixin, CreateView): model = HostingDomain raise_exception = True + permission_required = 'domains.add_hostingdomain' template_name_suffix = "_create" form_class = CreateHostingDomainForm diff --git a/gnuviechadmin/hostingpackages/views.py b/gnuviechadmin/hostingpackages/views.py index 82dffac..038acb2 100644 --- a/gnuviechadmin/hostingpackages/views.py +++ b/gnuviechadmin/hostingpackages/views.py @@ -4,10 +4,10 @@ This module defines views related to hosting packages. """ from __future__ import absolute_import -from braces.views import LoginRequiredMixin, StaffuserRequiredMixin from django.conf import settings from django.contrib import messages from django.contrib.auth import get_user_model +from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin from django.http import Http404 from django.shortcuts import get_object_or_404, redirect from django.utils.translation import gettext as _ @@ -30,7 +30,7 @@ from .models import ( ) -class CreateHostingPackage(LoginRequiredMixin, StaffuserRequiredMixin, CreateView): +class CreateHostingPackage(PermissionRequiredMixin, CreateView): """ Create a hosting package. @@ -38,6 +38,7 @@ class CreateHostingPackage(LoginRequiredMixin, StaffuserRequiredMixin, CreateVie model = CustomerHostingPackage raise_exception = True + permission_required = 'domains.add_customerhostingpackage' template_name_suffix = "_create" form_class = CreateHostingPackageForm @@ -120,9 +121,16 @@ class CustomerHostingPackageDetails(StaffOrSelfLoginRequiredMixin, DetailView): return context -class AllCustomerHostingPackageList( - LoginRequiredMixin, StaffuserRequiredMixin, ListView -): +class StaffUserRequiredMixin(UserPassesTestMixin): + """ + Mixin to make views available to staff members only. + + """ + def test_func(self): + return self.request.user.is_staff + + +class AllCustomerHostingPackageList(StaffUserRequiredMixin, ListView): """ This view is used for showing a list of all hosting packages. @@ -161,7 +169,7 @@ class CustomerHostingPackageList(StaffOrSelfLoginRequiredMixin, ListView): ) -class HostingOptionChoices(LoginRequiredMixin, StaffuserRequiredMixin, DetailView): +class HostingOptionChoices(StaffUserRequiredMixin, DetailView): """ This view displays choices of hosting options for a customer hosting package. @@ -205,7 +213,7 @@ class HostingOptionChoices(LoginRequiredMixin, StaffuserRequiredMixin, DetailVie return context -class AddHostingOption(LoginRequiredMixin, StaffuserRequiredMixin, FormView): +class AddHostingOption(StaffUserRequiredMixin, FormView): template_name = "hostingpackages/add_hosting_option.html" def get_form_class(self): diff --git a/poetry.lock b/poetry.lock index 876312e..720f7ea 100644 --- a/poetry.lock +++ b/poetry.lock @@ -638,21 +638,6 @@ python3-openid = ">=3.0.8" requests = "*" requests-oauthlib = ">=0.3.0" -[[package]] -name = "django-braces" -version = "1.15.0" -description = "Reusable, generic mixins for Django" -category = "main" -optional = false -python-versions = "*" -files = [ - {file = "django-braces-1.15.0.tar.gz", hash = "sha256:f451d08ffc1078d81209a2e17f2219bce20196928853c82405451b18a46875e0"}, - {file = "django_braces-1.15.0-py2.py3-none-any.whl", hash = "sha256:28f00b0f98368c9a37f30cce6087fc57127f0a24c5b8b449f9e1245bded6405d"}, -] - -[package.dependencies] -Django = ">=2.2" - [[package]] name = "django-crispy-forms" version = "1.14.0" @@ -1757,4 +1742,4 @@ testing = ["big-O", "flake8 (<5)", "jaraco.functools", "jaraco.itertools", "more [metadata] lock-version = "2.0" python-versions = "^3.7" -content-hash = "c11eec493daca3a228f3c99300d0ebf0fa35060624c93649e2dce4c71cdf67f2" +content-hash = "6041c8bb49cd1df098f1948f8ad2cbd48fd8f42ff44e410f3fecb61be7e80a18" diff --git a/pyproject.toml b/pyproject.toml index 12fc1af..3f3b448 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,7 +12,6 @@ django = "<4" psycopg2-binary = "^2.9" celery = "^5.2.7" django-allauth = "^0.52.0" -django-braces = "^1.15.0" django-crispy-forms = "<2" django-debug-toolbar = "^3.8" django-model-utils = "^4.1" From dd67ee91da68e563e9ffeac6c4345bd4163ca889 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Fri, 14 Apr 2023 19:33:44 +0200 Subject: [PATCH 3/3] Require login for index view --- gnuviechadmin/dashboard/tests/test_views.py | 10 ++++++++++ gnuviechadmin/dashboard/views.py | 3 ++- .../gnuviechadmin/tests/test_contextprocessors.py | 13 +++++++++++-- 3 files changed, 23 insertions(+), 3 deletions(-) diff --git a/gnuviechadmin/dashboard/tests/test_views.py b/gnuviechadmin/dashboard/tests/test_views.py index 2ff835b..dc1dde5 100644 --- a/gnuviechadmin/dashboard/tests/test_views.py +++ b/gnuviechadmin/dashboard/tests/test_views.py @@ -14,7 +14,17 @@ TEST_PASSWORD = "secret" class IndexViewTest(TestCase): + def test_index_view_anonymous(self): + response = self.client.get(reverse("dashboard")) + self.assertRedirects(response, "/accounts/login/?next=/") + def test_index_view(self): + user = User.objects.create(username=TEST_USER) + user.set_password(TEST_PASSWORD) + user.save() + + self.client.login(username=TEST_USER, password=TEST_PASSWORD) + response = self.client.get(reverse("dashboard")) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, "dashboard/index.html") diff --git a/gnuviechadmin/dashboard/views.py b/gnuviechadmin/dashboard/views.py index af9d7e0..7f30316 100644 --- a/gnuviechadmin/dashboard/views.py +++ b/gnuviechadmin/dashboard/views.py @@ -3,13 +3,14 @@ This module defines the views for the gnuviechadmin customer dashboard. """ from django.contrib.auth import get_user_model +from django.contrib.auth.mixins import LoginRequiredMixin from django.views.generic import DetailView, TemplateView from gvacommon.viewmixins import StaffOrSelfLoginRequiredMixin from hostingpackages.models import CustomerHostingPackage -class IndexView(TemplateView): +class IndexView(LoginRequiredMixin, TemplateView): """ This is the dashboard view. diff --git a/gnuviechadmin/gnuviechadmin/tests/test_contextprocessors.py b/gnuviechadmin/gnuviechadmin/tests/test_contextprocessors.py index 664e8d2..94578cd 100644 --- a/gnuviechadmin/gnuviechadmin/tests/test_contextprocessors.py +++ b/gnuviechadmin/gnuviechadmin/tests/test_contextprocessors.py @@ -18,13 +18,16 @@ from gnuviechadmin.context_processors import navigation User = get_user_model() +TEST_USER = "test" +TEST_PASSWORD = "secret" + class NavigationContextProcessorTest(TestCase): EXPECTED_ITEMS = ("webmail_url", "phpmyadmin_url", "phppgadmin_url", "active_item") def test_ajax_request(self): - response = self.client.get("/", HTTP_X_REQUESTED_WITH="XMLHttpRequest") + response = self.client.get("/accounts/login/", HTTP_X_REQUESTED_WITH="XMLHttpRequest") for item in self.EXPECTED_ITEMS: self.assertNotIn(item, response.context) @@ -34,6 +37,12 @@ class NavigationContextProcessorTest(TestCase): self.assertEqual(context["phppgadmin_url"], settings.GVA_LINK_PHPPGADMIN) def test_index_page_context(self): + user = User.objects.create(username=TEST_USER) + user.set_password(TEST_PASSWORD) + user.save() + + self.client.login(username=TEST_USER, password=TEST_PASSWORD) + response = self.client.get("/") for item in self.EXPECTED_ITEMS: self.assertIn(item, response.context) @@ -106,6 +115,6 @@ class NavigationContextProcessorTest(TestCase): class VersionInfoContextProcessorTest(TestCase): def test_version_info_in_context(self): - response = self.client.get("/") + response = self.client.get("/accounts/login/") self.assertIn("gnuviechadmin_version", response.context) self.assertEqual(response.context["gnuviechadmin_version"], gvaversion)