bornhack-website/src/utils/mixins.py
Thomas Steen Rasmussen c52bf300ff
Phonebook (#465)
* first version of dect registration and phonebook functionality, missing export functionality for dect phone system, the rest should more or less work

* add a missing button and message

* fix typo

* add django-oauth-toolkit to implement oauth2 auth for the DECT csv export

* remove unused HMAC code

* add logger

* only show buttons when user is logged in

* remove unneeded enctype
2020-03-05 12:31:11 +01:00

37 lines
1.1 KiB
Python

import logging
from django.contrib import messages
from django.contrib.auth.mixins import PermissionRequiredMixin, UserPassesTestMixin
from django.core.exceptions import PermissionDenied
logger = logging.getLogger("bornhack.%s" % __name__)
class StaffMemberRequiredMixin(object):
"""
A CBV mixin for when a view should only be permitted for staff users
"""
def dispatch(self, request, *args, **kwargs):
# only permit staff users
if not request.user.is_staff:
messages.error(request, "No thanks")
raise PermissionDenied()
# continue with the request
return super().dispatch(request, *args, **kwargs)
class RaisePermissionRequiredMixin(PermissionRequiredMixin):
"""
A subclass of PermissionRequiredMixin which raises an exception to return 403 rather than a redirect to the login page
We use this to avoid a redirect loop since our login page redirects back to the ?next= url when a user is logged in...
"""
raise_exception = True
class UserIsObjectOwnerMixin(UserPassesTestMixin):
def test_func(self):
return self.get_object().user == self.request.user