entrouvert/wcs
entrouvert
/
wcs
14
1
Fork 0
Code Issues Pull Requests 45 Releases Activity

do not allow access to anonymised forms from frontoffice (#4665)

This commit is contained in:
Frédéric Péters 2014-04-28 16:03:24 +02:00
parent fae6c97f22
commit 8273aecd64
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wcs/forms/root.py
View File

@ -1154,6 +1154,11 @@ class RootDirectory(AccessControlled, Directory):
class PublicFormStatusPage(FormStatusPage):
_q_exports = ['', 'download', 'status', 'wfedit']
def __init__(self, *args, **kwargs):
FormStatusPage.__init__(self, *args, **kwargs)
if self.filled.anonymised:
raise errors.TraversalError()
def status(self):
return redirect('%sbackoffice/%s/%s/' % (
get_publisher().get_root_url(),