rename some method and add some decorator
This commit is contained in:
virusdefender
@@ -4,7 +4,7 @@ from django.utils.translation import ugettext as _
|
||||
|
||||
from utils.api import JSONResponse
|
||||
|
||||
from .models import AdminType
|
||||
from .models import ProblemPermission
|
||||
|
||||
|
||||
class BasePermissionDecorator(object):
|
||||
@@ -38,11 +38,20 @@ class login_required(BasePermissionDecorator):
|
||||
|
||||
class super_admin_required(BasePermissionDecorator):
|
||||
def check_permission(self):
|
||||
return self.request.user.is_authenticated() and \
|
||||
self.request.user.admin_type == AdminType.SUPER_ADMIN
|
||||
user = self.request.user
|
||||
return user.is_authenticated() and user.is_super_admin()
|
||||
|
||||
|
||||
class admin_required(BasePermissionDecorator):
|
||||
class admin_role_required(BasePermissionDecorator):
|
||||
def check_permission(self):
|
||||
return self.request.user.is_authenticated() and \
|
||||
self.request.user.admin_type in [AdminType.SUPER_ADMIN, AdminType.ADMIN]
|
||||
user = self.request.user
|
||||
return user.is_authenticated() and user.is_admin_role()
|
||||
|
||||
|
||||
class problem_permission_required(admin_role_required):
|
||||
def check_permission(self):
|
||||
if not super(problem_permission_required, self).check_permission():
|
||||
return False
|
||||
if self.request.user.problem_permission == ProblemPermission.NONE:
|
||||
return False
|
||||
return True
|
||||
|
||||
@@ -22,11 +22,11 @@ class SessionSecurityMiddleware(object):
|
||||
request.session["last_activity"] = time.time()
|
||||
|
||||
|
||||
class AdminRequiredMiddleware(object):
|
||||
class AdminRoleRequiredMiddleware(object):
|
||||
def process_request(self, request):
|
||||
path = request.path_info
|
||||
if path.startswith("/admin/") or path.startswith("/api/admin/"):
|
||||
if not(request.user.is_authenticated() and request.user.is_admin()):
|
||||
if not(request.user.is_authenticated() and request.user.is_admin_role()):
|
||||
return JSONResponse.response({"error": "login-required", "data": _("Please login in first")})
|
||||
|
||||
|
||||
|
||||
@@ -51,14 +51,14 @@ class User(AbstractBaseUser):
|
||||
|
||||
objects = UserManager()
|
||||
|
||||
def is_admin(self):
|
||||
return self.admin_type in [AdminType.ADMIN, AdminType.SUPER_ADMIN]
|
||||
def is_super_admin(self):
|
||||
return self.admin_type == AdminType.SUPER_ADMIN
|
||||
|
||||
def is_admin_role(self):
|
||||
return self.admin_type == AdminType.ADMIN
|
||||
return self.admin_type in [AdminType.ADMIN, AdminType.SUPER_ADMIN]
|
||||
|
||||
def is_super_admin_role(self):
|
||||
return self.admin_type == AdminType.SUPER_ADMIN
|
||||
def can_mgmt_all_problem(self):
|
||||
return self.problem_permission == ProblemPermission.ALL
|
||||
|
||||
class Meta:
|
||||
db_table = "user"
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
from utils.api import DateTimeTZField, serializers
|
||||
|
||||
from .models import AdminType, User, ProblemPermission
|
||||
from .models import AdminType, ProblemPermission, User
|
||||
|
||||
|
||||
class UserLoginSerializer(serializers.Serializer):
|
||||
|
||||
@@ -8,7 +8,7 @@ from otpauth import OtpAuth
|
||||
from utils.api.tests import APIClient, APITestCase
|
||||
from utils.shortcuts import rand_str
|
||||
|
||||
from .models import AdminType, User, ProblemPermission
|
||||
from .models import AdminType, ProblemPermission, User
|
||||
|
||||
|
||||
class PermissionDecoratorTest(APITestCase):
|
||||
|
||||
@@ -6,7 +6,7 @@ from utils.api import APIView, validate_serializer
|
||||
from utils.shortcuts import rand_str
|
||||
|
||||
from ..decorators import super_admin_required
|
||||
from ..models import User, AdminType, ProblemPermission
|
||||
from ..models import AdminType, ProblemPermission, User
|
||||
from ..serializers import EditUserSerializer, UserSerializer
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user