entrouvert
/
welco
17
0
Fork 0
Code Issues Pull Requests 2 Releases Activity

kb: let all knowledge database managers upload files (#9894)

This commit is contained in:
Frédéric Péters 2016-02-06 15:39:11 +01:00
parent 52fcd1626a
commit 5a7127ce03
2 changed files with 25 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
welco/kb/views.py
View File

@ -18,7 +18,7 @@ import json
from django import template from django import template
from django.conf import settings from django.conf import settings
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required, user_passes_test
from django.core.exceptions import PermissionDenied from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import reverse_lazy from django.core.urlresolvers import reverse_lazy
from django.db.models import Count from django.db.models import Count
@ -38,11 +38,14 @@ from taggit.models import Tag
from .models import Page from .models import Page
from .forms import PageForm from .forms import PageForm
def check_user_perms(request): def check_user_perms(user):
if not settings.KB_ROLE: if not settings.KB_ROLE:
raise PermissionDenied() return False
user_groups = set([x.name for x in request.user.groups.all()]) user_groups = set([x.name for x in user.groups.all()])
if not settings.KB_ROLE in user_groups: return settings.KB_ROLE in user_groups
def check_request_perms(request):
if not check_user_perms(request.user):
raise PermissionDenied() raise PermissionDenied()
@ -50,7 +53,7 @@ class PageListView(ListView):
model = Page model = Page
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageListView, self).dispatch(request, *args, **kwargs) return super(PageListView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
@ -66,7 +69,7 @@ class PageAddView(CreateView):
form_class = PageForm form_class = PageForm
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageAddView, self).dispatch(request, *args, **kwargs) return super(PageAddView, self).dispatch(request, *args, **kwargs)
page_add = login_required(PageAddView.as_view()) page_add = login_required(PageAddView.as_view())
@ -77,7 +80,7 @@ class PageEditView(UpdateView):
form_class = PageForm form_class = PageForm
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageEditView, self).dispatch(request, *args, **kwargs) return super(PageEditView, self).dispatch(request, *args, **kwargs)
page_edit = login_required(PageEditView.as_view()) page_edit = login_required(PageEditView.as_view())
@ -87,7 +90,7 @@ class PageDetailView(DetailView):
model = Page model = Page
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageDetailView, self).dispatch(request, *args, **kwargs) return super(PageDetailView, self).dispatch(request, *args, **kwargs)
page_detail = login_required(PageDetailView.as_view()) page_detail = login_required(PageDetailView.as_view())
@ -105,7 +108,7 @@ class PageDeleteView(DeleteView):
success_url = reverse_lazy('kb-home') success_url = reverse_lazy('kb-home')
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageDeleteView, self).dispatch(request, *args, **kwargs) return super(PageDeleteView, self).dispatch(request, *args, **kwargs)
page_delete = login_required(PageDeleteView.as_view()) page_delete = login_required(PageDeleteView.as_view())
@ -116,7 +119,7 @@ class PageSearchView(SearchView):
form_class = SearchForm form_class = SearchForm
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageSearchView, self).dispatch(request, *args, **kwargs) return super(PageSearchView, self).dispatch(request, *args, **kwargs)
page_search = login_required(PageSearchView.as_view()) page_search = login_required(PageSearchView.as_view())
@ -127,7 +130,7 @@ class PageHistoryView(DetailView):
template_name = 'kb/page_history.html' template_name = 'kb/page_history.html'
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageHistoryView, self).dispatch(request, *args, **kwargs) return super(PageHistoryView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
@ -143,7 +146,7 @@ class PageVersionView(DetailView):
template_name = 'kb/page_version.html' template_name = 'kb/page_version.html'
def dispatch(self, request, *args, **kwargs): def dispatch(self, request, *args, **kwargs):
check_user_perms(request) check_request_perms(request)
return super(PageVersionView, self).dispatch(request, *args, **kwargs) return super(PageVersionView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
@ -216,3 +219,7 @@ class HomeZone(object):
context = RequestContext(self.request) context = RequestContext(self.request)
tmpl = template.loader.get_template('kb/zone.html') tmpl = template.loader.get_template('kb/zone.html')
return tmpl.render(context) return tmpl.render(context)
def kb_manager_required(view_func):
return user_passes_test(check_user_perms)(view_func)

6
welco/urls.py
View File

@ -17,9 +17,12 @@
from django.conf.urls import patterns, include, url from django.conf.urls import patterns, include, url
from django.conf import settings from django.conf import settings
from django.contrib import admin from django.contrib import admin
from django.views.decorators.cache import never_cache
from ckeditor import views as ckeditor_views
from . import apps from . import apps
from .kb.views import kb_manager_required
urlpatterns = patterns('', urlpatterns = patterns('',
url(r'^$', 'welco.views.home', name='home'), url(r'^$', 'welco.views.home', name='home'),
@ -61,7 +64,8 @@ urlpatterns = patterns('',
url(r'^login/$', 'welco.views.login', name='auth_login'), url(r'^login/$', 'welco.views.login', name='auth_login'),
url(r'^menu.json$', 'welco.views.menu_json', name='menu_json'), url(r'^menu.json$', 'welco.views.menu_json', name='menu_json'),
(r'^ckeditor/', include('ckeditor.urls')), url(r'^ckeditor/upload/', kb_manager_required(ckeditor_views.upload), name='ckeditor_upload'),
url(r'^ckeditor/browse/', never_cache(kb_manager_required(ckeditor_views.browse)), name='ckeditor_browse'),
) )
if 'mellon' in settings.INSTALLED_APPS: if 'mellon' in settings.INSTALLED_APPS: