added support for class-based views

smash/web/decorators.py

@@ -8,6 +8,7 @@ from django.http import HttpResponseForbidden
 from django.contrib.auth.models import Permission
 import functools
 from collections import defaultdict
+from django.views.generic.base import ContextMixin
 
 logger = logging.getLogger(__name__)
 
@@ -84,19 +85,24 @@ class PermissionDecorator:
         '''
         This method is also called when the function is decorated
         '''
-        def func_wrapper(request, **kwargs):
+        def func_wrapper(thing, *args, **kwargs):
             '''
             This method is called when the decorated function is called
             '''
+            if isinstance(thing, ContextMixin):
+                request = thing.request
+            else:
+                request = thing
+
             if request.user.is_superuser:
-                return func(request, **kwargs)
+                return func(thing, *args, **kwargs)
             else:
                 worker = Worker.get_by_user(request.user)
                 roles = WorkerStudyRole.objects.filter(worker=worker, study_id=GLOBAL_STUDY_ID)
                 if roles.count() > 0:
                     permissions = roles[0].permissions.filter(codename=self.perm_codename)
                     if len(permissions) > 0:
-                        return func(request, **kwargs)
+                        return func(thing, *args, **kwargs)
                 messages.error(request, 'You are not authorized to view this page. Request permissions to the system administrator.')
                 #avoid loops if the HTTP_REFERER header is set to the visited URL
                 http_referer = request.META.get('HTTP_REFERER', 'web.views.index')