Fix přístup orgů do Moje řešení

3 years ago · e5c0878c7f
3 changed files with 19 additions and 4 deletions
--- a/seminar/urls.py
+++ b/seminar/urls.py
@ -1,7 +1,7 @@
 from django.urls import path, include, re_path
 from django.contrib.auth.decorators import login_required
 from . import views, export
-from .utils import org_required, resitel_required, viewMethodSwitch
+from .utils import org_required, resitel_required, viewMethodSwitch, resitel_or_org_required
 from django.views.generic.base import RedirectView

 urlpatterns = [
@ -138,7 +138,7 @@ urlpatterns = [
 	path('odhlasit/', views.LogoutView.as_view(), name='logout'),
 	path('logout/', RedirectView.as_view(pattern_name='logout', permanent=True, query_string=True)),
 	path('resitel/', resitel_required(views.ResitelView.as_view()), name='seminar_resitel'),
-	path('resitel/odevzdana_reseni/', resitel_required(views.PrehledOdevzdanychReseni.as_view()), name='seminar_resitel_odevzdana_reseni'),
+	path('resitel/odevzdana_reseni/', resitel_or_org_required(views.PrehledOdevzdanychReseni.as_view()), name='seminar_resitel_odevzdana_reseni'),
 	path('reset-hesla/', views.PasswordResetView.as_view(), name='reset_password'),
 	path('zmena-hesla/', views.PasswordChangeView.as_view(), name='change_password'),
 	path('reset-hesla/2/', views.PasswordResetDoneView.as_view(), name='reset_password_done'),
--- a/seminar/utils.py
+++ b/seminar/utils.py
@ -3,7 +3,8 @@
 import datetime

 from django.contrib.auth import get_user_model
-from django.contrib.auth.decorators import permission_required
+from django.contrib.auth.decorators import permission_required, \
+	user_passes_test
 from html.parser import HTMLParser
 from django import views as DjangoViews

@ -23,6 +24,19 @@ logger = logging.getLogger(__name__)

 org_required = permission_required('auth.org')
 resitel_required = permission_required('auth.resitel')
+
+
+# inspirováno django.contrib.auth.decorators permission_required
+def check_perms(user):
+	if user.has_perms(('auth.resitel',)):
+		return True
+	if user.has_perms(('auth.org',)):
+		return True
+	return False
+
+
+resitel_or_org_required = user_passes_test(check_perms)
+
 User = get_user_model()
 # Není to úplně hezké, ale budeme doufat, že to je funkční...
 User.je_org = property(lambda self: self.has_perm('auth.org'))
--- a/seminar/views/odevzdavatko.py
+++ b/seminar/views/odevzdavatko.py
@ -260,7 +260,8 @@ class PrehledOdevzdanychReseni(ListView):
 	def get_queryset(self):
 		if not self.request.user.is_authenticated:
 			raise RuntimeError("Uživatel měl být přihlášený!")
-		resitel = m.Resitel.objects.get(osoba__user=self.request.user)
+		# get_or_none, aby neexistence řešitele (např. u orgů) neházela chybu
+		resitel = m.Resitel.objects.filter(osoba__user=self.request.user).first()
 		qs = super().get_queryset()
 		qs = qs.filter(reseni__resitele__in=[resitel])
 		return qs