limit channel pages to authorised roles
This commit is contained in:
parent
86e808d1f2
commit
bd7a4aff27
|
@ -30,7 +30,7 @@ from welco.sources.mail.models import Mail
|
|||
from welco.sources.mail.views import Home as MailHome
|
||||
from welco.qualif.models import Association
|
||||
from welco.utils import get_wcs_data, get_wcs_options, response_for_json
|
||||
from welco.views import Home as HomeScreen
|
||||
from welco.views import HomeMail as HomeScreen
|
||||
|
||||
|
||||
class DgsMailHome(MailHome):
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
|
||||
"""
|
||||
Django settings for welco project.
|
||||
|
||||
|
@ -170,6 +172,11 @@ VALIDATION_STEPS = {
|
|||
|
||||
AUTHENTIC_AUTH_TUPLE = ('username', 'password')
|
||||
|
||||
# mapping of channel to group/role *names*
|
||||
CHANNEL_ROLES = {
|
||||
'mail': [],
|
||||
'phone': [],
|
||||
}
|
||||
|
||||
local_settings_file = os.environ.get('WELCO_SETTINGS_FILE',
|
||||
os.path.join(os.path.dirname(__file__), 'local_settings.py'))
|
||||
|
|
|
@ -3,8 +3,12 @@
|
|||
|
||||
{% block subheader %}
|
||||
<div id="subheader">
|
||||
<a class="icon-mail" href="{% url 'home' %}">{% trans 'Mail' %}</a>
|
||||
{% if 'mail' in channels %}
|
||||
<a class="icon-mail" href="{% url 'home-mail' %}">{% trans 'Mail' %}</a>
|
||||
{% endif %}
|
||||
{% if 'phone' in channels %}
|
||||
<a class="icon-phone" href="{% url 'home-phone' %}">{% trans 'Phone' %}</a>
|
||||
{% endif %}
|
||||
</div>
|
||||
{% endblock %}
|
||||
|
||||
|
|
|
@ -23,6 +23,7 @@ from . import apps
|
|||
|
||||
urlpatterns = patterns('',
|
||||
url(r'^$', 'welco.views.home', name='home'),
|
||||
url(r'^mail/$', 'welco.views.home_mail', name='home-mail'),
|
||||
url(r'^phone/$', 'welco.views.home_phone', name='home-phone'),
|
||||
url(r'^', include('welco.sources.phone.urls')),
|
||||
url(r'^ajax/qualification$', 'welco.views.qualification', name='qualif-zone'),
|
||||
|
|
|
@ -99,31 +99,54 @@ class Qualification(TemplateView):
|
|||
qualification = csrf_exempt(Qualification.as_view())
|
||||
|
||||
|
||||
class Home(TemplateView):
|
||||
class ChannelHome(TemplateView):
|
||||
template_name = 'welco/home.html'
|
||||
source_klass = MailHome
|
||||
|
||||
def check_user_ok(self):
|
||||
return True
|
||||
user_groups = set([x.name for x in self.request.user.groups.all()])
|
||||
channel_groups = set(settings.CHANNEL_ROLES[self.source_klass.source_key])
|
||||
return user_groups.intersection(channel_groups)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
if not self.check_user_ok():
|
||||
raise PermissionDenied()
|
||||
context = super(Home, self).get_context_data(**kwargs)
|
||||
context = super(ChannelHome, self).get_context_data(**kwargs)
|
||||
context['source'] = self.source_klass(self.request)
|
||||
context['kb'] = KbHomeZone(self.request)
|
||||
context['contacts'] = ContactsHomeZone(self.request)
|
||||
context['channels'] = []
|
||||
|
||||
user_groups = set([x.name for x in self.request.user.groups.all()])
|
||||
for channel in settings.CHANNEL_ROLES:
|
||||
channel_groups = set(settings.CHANNEL_ROLES[channel])
|
||||
if user_groups.intersection(channel_groups):
|
||||
context['channels'].append(channel)
|
||||
return context
|
||||
|
||||
home = login_required(Home.as_view())
|
||||
|
||||
@login_required
|
||||
def home(request):
|
||||
user_groups = set([x.name for x in request.user.groups.all()])
|
||||
for channel in settings.CHANNEL_ROLES:
|
||||
channel_groups = set(settings.CHANNEL_ROLES[channel])
|
||||
if user_groups.intersection(channel_groups):
|
||||
return HttpResponseRedirect('%s/' % channel)
|
||||
raise PermissionDenied()
|
||||
|
||||
class HomePhone(Home):
|
||||
class HomePhone(ChannelHome):
|
||||
source_klass = PhoneHome
|
||||
|
||||
home_phone = login_required(HomePhone.as_view())
|
||||
|
||||
|
||||
class HomeMail(ChannelHome):
|
||||
source_klass = MailHome
|
||||
|
||||
home_mail = login_required(HomeMail.as_view())
|
||||
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
def qualification_done(request):
|
||||
source_class = ContentType.objects.get(
|
||||
|
|
Loading…
Reference in New Issue