Merge commit 'd31c1d0fbf02bde5d4dc2be24762d872da64935f'

* commit 'd31c1d0fbf02bde5d4dc2be24762d872da64935f':
  add new route 'web' for web server configuration
  implement viewmixins.StaffOrSelfLoginRequiredMixin
This commit is contained in:
Jan Dittberner 2015-01-26 17:54:56 +01:00
commit 0752570078
2 changed files with 43 additions and 1 deletions

View file

@ -5,7 +5,7 @@ from __future__ import unicode_literals
class GvaRouter(object): class GvaRouter(object):
def route_for_task(self, task, args=None, kwargs=None): def route_for_task(self, task, args=None, kwargs=None):
for route in ['ldap', 'file', 'mysql', 'pgsql']: for route in ['ldap', 'file', 'mysql', 'pgsql', 'web']:
if route in task: if route in task:
return { return {
'exchange': route, 'exchange': route,

View file

@ -0,0 +1,42 @@
"""
This module defines mixins for gnuviechadmin views.
"""
from __future__ import unicode_literals
from django.http import HttpResponseForbidden
from django.utils.translation import ugettext as _
from braces.views import LoginRequiredMixin
class StaffOrSelfLoginRequiredMixin(LoginRequiredMixin):
"""
Mixin that makes sure that a user is logged in and matches the current
customer or is a staff user.
"""
def dispatch(self, request, *args, **kwargs):
if (
request.user.is_staff or
request.user == self.get_customer_object()
):
return super(StaffOrSelfLoginRequiredMixin, self).dispatch(
request, *args, **kwargs
)
return HttpResponseForbidden(
_('You are not allowed to view this page.')
)
def get_customer_object(self):
"""
Views based on this mixin have to implement this method to return
the customer that must be an object of the same class as the
django.contrib.auth user type.
:return: customer
:rtype: settings.AUTH_USER_MODEL
"""
raise NotImplemented("subclass has to implement get_customer_object")