From cf945719cb82bfa9cefcd46b0dad3b7272759df1 Mon Sep 17 00:00:00 2001
From: Carlos Vega <carlos.vega@uni.lu>
Date: Thu, 22 Nov 2018 19:10:24 +0100
Subject: [PATCH] added support for class-based views
---
smash/web/decorators.py | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/smash/web/decorators.py b/smash/web/decorators.py
index 62fd8143..fed40f38 100644
--- a/smash/web/decorators.py
+++ b/smash/web/decorators.py
@@ -8,6 +8,7 @@ from django.http import HttpResponseForbidden
from django.contrib.auth.models import Permission
import functools
from collections import defaultdict
+from django.views.generic.base import ContextMixin
logger = logging.getLogger(__name__)
@@ -84,19 +85,24 @@ class PermissionDecorator:
'''
This method is also called when the function is decorated
'''
- def func_wrapper(request, **kwargs):
+ def func_wrapper(thing, *args, **kwargs):
'''
This method is called when the decorated function is called
'''
+ if isinstance(thing, ContextMixin):
+ request = thing.request
+ else:
+ request = thing
+
if request.user.is_superuser:
- return func(request, **kwargs)
+ return func(thing, *args, **kwargs)
else:
worker = Worker.get_by_user(request.user)
roles = WorkerStudyRole.objects.filter(worker=worker, study_id=GLOBAL_STUDY_ID)
if roles.count() > 0:
permissions = roles[0].permissions.filter(codename=self.perm_codename)
if len(permissions) > 0:
- return func(request, **kwargs)
+ return func(thing, *args, **kwargs)
messages.error(request, 'You are not authorized to view this page. Request permissions to the system administrator.')
#avoid loops if the HTTP_REFERER header is set to the visited URL
http_referer = request.META.get('HTTP_REFERER', 'web.views.index')
--
GitLab