Should probably limit system settings to admins
This commit is contained in:
parent
1b52acdb56
commit
9d97fc92d8
@ -1,5 +1,6 @@
|
|||||||
from functools import wraps
|
from functools import wraps
|
||||||
|
|
||||||
|
from django.contrib.auth.decorators import user_passes_test
|
||||||
from django.contrib.auth.views import redirect_to_login
|
from django.contrib.auth.views import redirect_to_login
|
||||||
from django.http import HttpResponseRedirect
|
from django.http import HttpResponseRedirect
|
||||||
|
|
||||||
@ -26,3 +27,7 @@ def identity_required(function):
|
|||||||
return function(request, *args, **kwargs)
|
return function(request, *args, **kwargs)
|
||||||
|
|
||||||
return inner
|
return inner
|
||||||
|
|
||||||
|
|
||||||
|
def admin_required(function):
|
||||||
|
return user_passes_test(lambda user: user.admin)(function)
|
||||||
|
@ -9,16 +9,16 @@ from django.utils.decorators import method_decorator
|
|||||||
from django.views.generic import FormView, RedirectView, TemplateView
|
from django.views.generic import FormView, RedirectView, TemplateView
|
||||||
|
|
||||||
from core.models import Config
|
from core.models import Config
|
||||||
from users.decorators import identity_required
|
from users.decorators import admin_required
|
||||||
from users.models import Domain
|
from users.models import Domain
|
||||||
|
|
||||||
|
|
||||||
@method_decorator(identity_required, name="dispatch")
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class SystemSettingsRoot(RedirectView):
|
class SystemSettingsRoot(RedirectView):
|
||||||
url = "/settings/system/basic/"
|
url = "/settings/system/basic/"
|
||||||
|
|
||||||
|
|
||||||
@method_decorator(identity_required, name="dispatch")
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class SystemSettingsPage(FormView):
|
class SystemSettingsPage(FormView):
|
||||||
"""
|
"""
|
||||||
Shows a settings page dynamically created from our settings layout
|
Shows a settings page dynamically created from our settings layout
|
||||||
@ -100,6 +100,7 @@ class BasicPage(SystemSettingsPage):
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class DomainsPage(TemplateView):
|
class DomainsPage(TemplateView):
|
||||||
|
|
||||||
template_name = "settings/settings_system_domains.html"
|
template_name = "settings/settings_system_domains.html"
|
||||||
@ -111,6 +112,7 @@ class DomainsPage(TemplateView):
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class DomainCreatePage(FormView):
|
class DomainCreatePage(FormView):
|
||||||
|
|
||||||
template_name = "settings/settings_system_domain_create.html"
|
template_name = "settings/settings_system_domain_create.html"
|
||||||
@ -170,6 +172,7 @@ class DomainCreatePage(FormView):
|
|||||||
return redirect(Domain.urls.root)
|
return redirect(Domain.urls.root)
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class DomainEditPage(FormView):
|
class DomainEditPage(FormView):
|
||||||
|
|
||||||
template_name = "settings/settings_system_domain_edit.html"
|
template_name = "settings/settings_system_domain_edit.html"
|
||||||
@ -215,6 +218,7 @@ class DomainEditPage(FormView):
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(admin_required, name="dispatch")
|
||||||
class DomainDeletePage(TemplateView):
|
class DomainDeletePage(TemplateView):
|
||||||
|
|
||||||
template_name = "settings/settings_system_domain_delete.html"
|
template_name = "settings/settings_system_domain_delete.html"
|
||||||
|
Reference in New Issue
Block a user