From 9fd5dc27bf3da0e8d0c13c44d7dc7d71eb61bc78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Wed, 15 Aug 2018 23:47:25 +0200 Subject: [PATCH] User should be superuser to access complete backoffice. --- src/backoffice/mixins.py | 10 ---------- src/backoffice/templates/index.html | 2 +- src/backoffice/views.py | 15 +++++++++++---- 3 files changed, 12 insertions(+), 15 deletions(-) delete mode 100644 src/backoffice/mixins.py diff --git a/src/backoffice/mixins.py b/src/backoffice/mixins.py deleted file mode 100644 index 6ad36dfd..00000000 --- a/src/backoffice/mixins.py +++ /dev/null @@ -1,10 +0,0 @@ -from camps.mixins import CampViewMixin -from utils.mixins import StaffMemberRequiredMixin - - -class BackofficeViewMixin(CampViewMixin, StaffMemberRequiredMixin): - """ - Mixin used by all backoffice views. For now just uses CampViewMixin and StaffMemberRequiredMixin. - """ - pass - diff --git a/src/backoffice/templates/index.html b/src/backoffice/templates/index.html index b3c7489d..d331cf63 100644 --- a/src/backoffice/templates/index.html +++ b/src/backoffice/templates/index.html @@ -29,7 +29,7 @@ {% endif %} - {% if user.is_staff %} + {% if user.is_superuser %}

Approve Public Credit Names

Use this view to check and approve users Public Credit Names

diff --git a/src/backoffice/views.py b/src/backoffice/views.py index f2f0a551..d9afd05b 100644 --- a/src/backoffice/views.py +++ b/src/backoffice/views.py @@ -1,7 +1,7 @@ import logging from itertools import chain -from django.contrib.auth.mixins import PermissionRequiredMixin +from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin from django.views.generic import TemplateView, ListView from django.views.generic.edit import UpdateView from django.shortcuts import redirect @@ -15,8 +15,6 @@ from tickets.models import ShopTicket, SponsorTicket, DiscountTicket from profiles.models import Profile from program.models import SpeakerProposal, EventProposal -from .mixins import BackofficeViewMixin - logger = logging.getLogger("bornhack.%s" % __name__) @@ -52,7 +50,7 @@ class BadgeHandoutView(InfodeskMixin, ListView): return list(chain(shoptickets, sponsortickets, discounttickets)) -class TicketCheckinView(InfodeskMixin, BackofficeViewMixin, ListView): +class TicketCheckinView(InfodeskMixin, ListView): template_name = "ticket_checkin.html" context_object_name = 'tickets' @@ -63,6 +61,15 @@ class TicketCheckinView(InfodeskMixin, BackofficeViewMixin, ListView): return list(chain(shoptickets, sponsortickets, discounttickets)) +class BackofficeViewMixin(CampViewMixin, UserPassesTestMixin): + """ + Mixin used by all backoffice views. For now just uses CampViewMixin and StaffMemberRequiredMixin. + """ + + def test_func(self): + return self.request.user.is_superuser + + class ApproveNamesView(BackofficeViewMixin, ListView): template_name = "approve_public_credit_names.html" context_object_name = 'profiles'