Merge commit 'd31c1d0fbf02bde5d4dc2be24762d872da64935f'

* commit 'd31c1d0fbf02bde5d4dc2be24762d872da64935f':
  add new route 'web' for web server configuration
  implement viewmixins.StaffOrSelfLoginRequiredMixin

gvafile/gvacommon/celeryrouters.py

@@ -5,7 +5,7 @@ from __future__ import unicode_literals
 class GvaRouter(object):
 
     def route_for_task(self, task, args=None, kwargs=None):
-        for route in ['ldap', 'file', 'mysql', 'pgsql']:
+        for route in ['ldap', 'file', 'mysql', 'pgsql', 'web']:
             if route in task:
                 return {
                     'exchange': route,

gvafile/gvacommon/viewmixins.py

@@ -0,0 +1,42 @@
+"""
+This module defines mixins for gnuviechadmin views.
+
+"""
+from __future__ import unicode_literals
+
+from django.http import HttpResponseForbidden
+from django.utils.translation import ugettext as _
+
+from braces.views import LoginRequiredMixin
+
+
+class StaffOrSelfLoginRequiredMixin(LoginRequiredMixin):
+    """
+    Mixin that makes sure that a user is logged in and matches the current
+    customer or is a staff user.
+
+    """
+
+    def dispatch(self, request, *args, **kwargs):
+        if (
+            request.user.is_staff or
+            request.user == self.get_customer_object()
+        ):
+            return super(StaffOrSelfLoginRequiredMixin, self).dispatch(
+                request, *args, **kwargs
+            )
+        return HttpResponseForbidden(
+            _('You are not allowed to view this page.')
+        )
+
+    def get_customer_object(self):
+        """
+        Views based on this mixin have to implement this method to return
+        the customer that must be an object of the same class as the
+        django.contrib.auth user type.
+
+        :return: customer
+        :rtype: settings.AUTH_USER_MODEL
+
+        """
+        raise NotImplemented("subclass has to implement get_customer_object")