Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
AE UTBM
Sith
Commits
90e47c9d
Commit
90e47c9d
authored
Sep 09, 2016
by
Skia
🤘
Browse files
Add a restriction on the counter login view to authorize only the sellers
parent
4c2bf9cb
Pipeline
#206
failed with stage
in 2 minutes and 45 seconds
Changes
4
Pipelines
1
Expand all
Hide whitespace changes
Inline
Side-by-side
core/views/user.py
View file @
90e47c9d
...
...
@@ -151,6 +151,7 @@ class UserTabsMixin(TabedViewMixin):
try
:
if
(
self
.
object
.
customer
and
(
self
.
object
==
self
.
request
.
user
or
self
.
request
.
user
.
is_in_group
(
settings
.
SITH_GROUPS
[
'accounting-admin'
][
'name'
])
or
self
.
request
.
user
.
is_in_group
(
settings
.
SITH_BAR_MANAGER
[
'unix_name'
]
+
settings
.
SITH_BOARD_SUFFIX
)
or
self
.
request
.
user
.
is_root
)):
tab_list
.
append
({
'url'
:
reverse
(
'core:user_account'
,
kwargs
=
{
'user_id'
:
self
.
object
.
id
}),
...
...
@@ -312,6 +313,7 @@ class UserAccountView(UserTabsMixin, DetailView):
res
=
super
(
UserAccountView
,
self
).
dispatch
(
request
,
*
arg
,
**
kwargs
)
if
(
self
.
object
==
request
.
user
or
request
.
user
.
is_in_group
(
settings
.
SITH_GROUPS
[
'accounting-admin'
][
'name'
])
or
request
.
user
.
is_in_group
(
settings
.
SITH_BAR_MANAGER
[
'unix_name'
]
+
settings
.
SITH_BOARD_SUFFIX
)
or
request
.
user
.
is_root
):
return
res
raise
PermissionDenied
...
...
counter/views.py
View file @
90e47c9d
...
...
@@ -81,8 +81,8 @@ class CounterMain(DetailView, ProcessFormView, FormMixin):
kwargs
[
'login_form'
].
cleaned_data
=
{}
# add_error fails if there are no cleaned_data
if
"credentials"
in
self
.
request
.
GET
:
kwargs
[
'login_form'
].
add_error
(
None
,
_
(
"Bad credentials"
))
if
"s
ubscription
"
in
self
.
request
.
GET
:
kwargs
[
'login_form'
].
add_error
(
None
,
_
(
"User is not
subscriber
"
))
if
"s
ellers
"
in
self
.
request
.
GET
:
kwargs
[
'login_form'
].
add_error
(
None
,
_
(
"User is not
barman
"
))
kwargs
[
'form'
]
=
self
.
get_form
()
if
self
.
object
.
type
==
'BAR'
:
kwargs
[
'barmen'
]
=
self
.
object
.
get_barmen_list
()
...
...
@@ -356,10 +356,10 @@ class CounterLogin(RedirectView):
self
.
errors
=
[]
if
form
.
is_valid
():
user
=
User
.
objects
.
filter
(
username
=
form
.
cleaned_data
[
'username'
]).
first
()
if
user
.
is_in_group
(
settings
.
SITH_MAIN_MEMBERS_GROUP
)
and
not
user
in
self
.
counter
.
get_barmen_list
():
if
user
in
self
.
counter
.
sellers
.
all
(
)
and
not
user
in
self
.
counter
.
get_barmen_list
():
self
.
counter
.
add_barman
(
user
)
else
:
self
.
errors
+=
[
"s
ubscription
"
]
self
.
errors
+=
[
"s
ellers
"
]
else
:
self
.
errors
+=
[
"credentials"
]
return
super
(
CounterLogin
,
self
).
post
(
request
,
*
args
,
**
kwargs
)
...
...
locale/fr/LC_MESSAGES/django.mo
View file @
90e47c9d
No preview for this file type
locale/fr/LC_MESSAGES/django.po
View file @
90e47c9d
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
