bornhack-website/src/utils/mixins.py

28 lines
939 B
Python
Raw Normal View History

from django.contrib import messages
from django.contrib.auth.mixins import PermissionRequiredMixin
from django.http import HttpResponseForbidden
class StaffMemberRequiredMixin(object):
"""
A CBV mixin for when a view should only be permitted for staff users
"""
2019-06-16 12:32:24 +00:00
def dispatch(self, request, *args, **kwargs):
# only permit staff users
if not request.user.is_staff:
messages.error(request, "No thanks")
return HttpResponseForbidden()
# continue with the request
return super().dispatch(request, *args, **kwargs)
class RaisePermissionRequiredMixin(PermissionRequiredMixin):
"""
A subclass of PermissionRequiredMixin which raises an exception to return 403 rather than a redirect to the login page
We use this to avoid a redirect loop since our login page redirects back to the ?next= url when a user is logged in...
"""
2019-06-16 12:32:24 +00:00
raise_exception = True