mam/mamweb
13
1
Fork 0
Code Issues Pull requests 12 Projects Wiki Activity Actions

Fix přístup orgů do Moje řešení

Browse source
This commit is contained in:
Jonas Havelka 2021-09-16 14:34:00 +02:00
parent c58217ccaa
commit e5c0878c7f
3 changed files with 19 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
seminar/urls.py
View file

@ -1,7 +1,7 @@
from django.urls import path, include, re_path from django.urls import path, include, re_path
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from . import views, export from . import views, export
from .utils import org_required, resitel_required, viewMethodSwitch from .utils import org_required, resitel_required, viewMethodSwitch, resitel_or_org_required
from django.views.generic.base import RedirectView from django.views.generic.base import RedirectView
urlpatterns = [ urlpatterns = [
@ -138,7 +138,7 @@ urlpatterns = [
path('odhlasit/', views.LogoutView.as_view(), name='logout'), path('odhlasit/', views.LogoutView.as_view(), name='logout'),
path('logout/', RedirectView.as_view(pattern_name='logout', permanent=True, query_string=True)), path('logout/', RedirectView.as_view(pattern_name='logout', permanent=True, query_string=True)),
path('resitel/', resitel_required(views.ResitelView.as_view()), name='seminar_resitel'), path('resitel/', resitel_required(views.ResitelView.as_view()), name='seminar_resitel'),
path('resitel/odevzdana_reseni/', resitel_required(views.PrehledOdevzdanychReseni.as_view()), name='seminar_resitel_odevzdana_reseni'), path('resitel/odevzdana_reseni/', resitel_or_org_required(views.PrehledOdevzdanychReseni.as_view()), name='seminar_resitel_odevzdana_reseni'),
path('reset-hesla/', views.PasswordResetView.as_view(), name='reset_password'), path('reset-hesla/', views.PasswordResetView.as_view(), name='reset_password'),
path('zmena-hesla/', views.PasswordChangeView.as_view(), name='change_password'), path('zmena-hesla/', views.PasswordChangeView.as_view(), name='change_password'),
path('reset-hesla/2/', views.PasswordResetDoneView.as_view(), name='reset_password_done'), path('reset-hesla/2/', views.PasswordResetDoneView.as_view(), name='reset_password_done'),

16
seminar/utils.py
View file

@ -3,7 +3,8 @@
import datetime import datetime
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from django.contrib.auth.decorators import permission_required from django.contrib.auth.decorators import permission_required, \
user_passes_test
from html.parser import HTMLParser from html.parser import HTMLParser
from django import views as DjangoViews from django import views as DjangoViews
@ -23,6 +24,19 @@ logger = logging.getLogger(__name__)
org_required = permission_required('auth.org') org_required = permission_required('auth.org')
resitel_required = permission_required('auth.resitel') resitel_required = permission_required('auth.resitel')
# inspirováno django.contrib.auth.decorators permission_required
def check_perms(user):
if user.has_perms(('auth.resitel',)):
return True
if user.has_perms(('auth.org',)):
return True
return False
resitel_or_org_required = user_passes_test(check_perms)
User = get_user_model() User = get_user_model()
# Není to úplně hezké, ale budeme doufat, že to je funkční... # Není to úplně hezké, ale budeme doufat, že to je funkční...
User.je_org = property(lambda self: self.has_perm('auth.org')) User.je_org = property(lambda self: self.has_perm('auth.org'))

3
seminar/views/odevzdavatko.py
View file

@ -260,7 +260,8 @@ class PrehledOdevzdanychReseni(ListView):
def get_queryset(self): def get_queryset(self):
if not self.request.user.is_authenticated: if not self.request.user.is_authenticated:
raise RuntimeError("Uživatel měl být přihlášený!") raise RuntimeError("Uživatel měl být přihlášený!")
resitel = m.Resitel.objects.get(osoba__user=self.request.user) # get_or_none, aby neexistence řešitele (např. u orgů) neházela chybu
resitel = m.Resitel.objects.filter(osoba__user=self.request.user).first()
qs = super().get_queryset() qs = super().get_queryset()
qs = qs.filter(reseni__resitele__in=[resitel]) qs = qs.filter(reseni__resitele__in=[resitel])
return qs return qs