From 916865ab956731c59cb177d4a27e0666bfec3738 Mon Sep 17 00:00:00 2001
From: Piotr Gawron <piotr.gawron@uni.lu>
Date: Thu, 19 Mar 2020 16:13:03 +0100
Subject: [PATCH] modify_mailtemplate permission implemented
---
smash/web/templates/sidebar.html | 15 +++++++++------
smash/web/tests/view/test_mail.py | 11 ++++++++++-
smash/web/views/mails.py | 10 +++++++++-
3 files changed, 28 insertions(+), 8 deletions(-)
diff --git a/smash/web/templates/sidebar.html b/smash/web/templates/sidebar.html
index 00aa8ca8..5aceea8b 100644
--- a/smash/web/templates/sidebar.html
+++ b/smash/web/templates/sidebar.html
@@ -73,12 +73,15 @@
</li>
{% endif %}
- <li data-desc="mail_templates">
- <a href="{% url 'web.views.mail_templates' %}">
- <i class="fa fa-envelope-o"></i>
- <span>Mail templates</span>
- </a>
- </li>
+
+ {% if "change_mailtemplate" in permissions %}
+ <li data-desc="mail_templates">
+ <a href="{% url 'web.views.mail_templates' %}">
+ <i class="fa fa-envelope-o"></i>
+ <span>Mail templates</span>
+ </a>
+ </li>
+ {% endif %}
<li data-desc="export">
<a href="{% url 'web.views.export' %}">
diff --git a/smash/web/tests/view/test_mail.py b/smash/web/tests/view/test_mail.py
index 900c84a7..1f11340a 100644
--- a/smash/web/tests/view/test_mail.py
+++ b/smash/web/tests/view/test_mail.py
@@ -4,8 +4,8 @@ from django.urls import reverse
from web.models import MailTemplate
from web.models.constants import MAIL_TEMPLATE_CONTEXT_VOUCHER
-from web.tests.functions import create_voucher, get_resource_path
from web.tests import LoggedInTestCase
+from web.tests.functions import create_voucher, get_resource_path
logger = logging.getLogger(__name__)
@@ -20,3 +20,12 @@ class MailTests(LoggedInTestCase):
page = reverse('web.views.mail_template_generate_for_vouchers') + "?voucher_id=" + str(voucher.id)
response = self.client.get(page)
self.assertEqual(response.status_code, 200)
+
+ def test_list_mail_templates(self):
+ self.login_as_admin()
+ response = self.client.get(reverse("web.views.mail_templates"))
+ self.assertEqual(response.status_code, 200)
+
+ def test_list_mail_templates_without_permission(self):
+ response = self.client.get(reverse("web.views.mail_templates"))
+ self.assertEqual(response.status_code, 302)
diff --git a/smash/web/views/mails.py b/smash/web/views/mails.py
index ef4cf0b3..7b49409c 100644
--- a/smash/web/views/mails.py
+++ b/smash/web/views/mails.py
@@ -9,6 +9,7 @@ from django.urls import reverse_lazy
from django.views.generic import DeleteView
from django.views.generic import ListView
+from web.decorators import PermissionDecorator
from web.docx_helper import merge_files
from . import WrappedView
from . import wrap_response
@@ -32,7 +33,11 @@ class MailTemplatesListView(ListView, WrappedView):
context_object_name = "mail_templates"
template_name = 'mail_templates/list.html'
- def get_context_data(self, **kwargs):
+ @PermissionDecorator('change_mailtemplate', 'mailtemplate')
+ def dispatch(self, *args, **kwargs):
+ return super(MailTemplatesListView, self).dispatch(*args, **kwargs)
+
+ def get_context_data(self, *args, **kwargs):
context = super(MailTemplatesListView, self).get_context_data()
context['explanations'] = {"generic": MailTemplate.MAILS_TEMPLATE_GENERIC_TAGS,
"subject": MailTemplate.MAILS_TEMPLATE_SUBJECT_TAGS,
@@ -43,6 +48,7 @@ class MailTemplatesListView(ListView, WrappedView):
return context
+@PermissionDecorator('change_mailtemplate', 'mailtemplate')
def mail_template_add(request):
if request.method == 'POST':
form = MailTemplateForm(request.POST, request.FILES)
@@ -59,6 +65,7 @@ def mail_template_add(request):
return wrap_response(request, 'mail_templates/add.html', {'form': form})
+@PermissionDecorator('change_mailtemplate', 'mailtemplate')
def mail_template_edit(request, pk):
template = get_object_or_404(MailTemplate, pk=pk)
if request.method == 'POST':
@@ -82,6 +89,7 @@ class MailTemplatesDeleteView(DeleteView, WrappedView):
success_url = reverse_lazy('web.views.mail_templates')
template_name = 'mail_templates/confirm_delete.html'
+ @PermissionDecorator('change_mailtemplate', 'mailtemplate')
def delete(self, request, *args, **kwargs):
messages.success(request, "Template deleted")
try:
--
GitLab