middlewares: intercepte les agents utilisant le SSO CUT ou accédant à /accounts/
This commit is contained in:
parent
8ac0e043e2
commit
b42082d71a
|
@ -1,7 +1,8 @@
|
|||
from django.conf import settings
|
||||
import urlparse
|
||||
|
||||
from authentic2.utils import same_domain
|
||||
from django.conf import settings
|
||||
|
||||
from authentic2.utils import same_domain, redirect
|
||||
|
||||
|
||||
class CUTMiddleware(object):
|
||||
|
@ -83,6 +84,18 @@ class CUTMiddleware(object):
|
|||
request.partner = None
|
||||
request.domain = None
|
||||
|
||||
# interception des agents
|
||||
if hasattr(request.user, 'ou') and request.user.ou and request.user.ou.slug != 'usagers':
|
||||
from django.shortcuts import render
|
||||
|
||||
# interdit d'utiliser les IdP sur moncompte
|
||||
if 'admin-cut' not in request.get_host() and request.path.startswith('/idp/'):
|
||||
return render(request, 'authentic2/cut-agents-forbidden.html')
|
||||
|
||||
# pas de pages /accounts/ sur moncompte
|
||||
if request.path.startswith('/accounts/'):
|
||||
return redirect(request, 'a2-manager-homepage')
|
||||
|
||||
def process_response(self, request, response):
|
||||
if hasattr(request, 'session'):
|
||||
request.session['service_slug'] = getattr(request, 'service_slug', None)
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
{% extends "authentic2/base-page.html" %}
|
||||
|
||||
{% block content %}
|
||||
<p>Vous accédez au CUT via votre compte agent actuellement, vous ne pouvez pas vous authentifier via le CUT usager, vous devez utiliser le CUT agent. Merci de vous déconnecter si vous souhaitez utiliser votre compte usager.</p>
|
||||
{% endblock %}
|
||||
|
Loading…
Reference in New Issue