def test_custom_staff_fail(self): from helpdesk.decorators import is_helpdesk_staff user = User.objects.create_user(username='******', password='******', email='*****@*****.**') self.assertFalse(is_helpdesk_staff(user)) self.client.login(username=user.username, password='******') response = self.client.get(reverse('helpdesk:dashboard'), follow=True) self.assertTemplateUsed(response, 'helpdesk/registration/login.html')
def view_ticket(request): ticket_req = request.GET.get('ticket', None) email = request.GET.get('email', None) key = request.GET.get('key', '') if not (ticket_req and email): if ticket_req is None and email is None: return search_for_ticket(request) else: return search_for_ticket(request, _('Missing ticket ID or e-mail address. Please try again.')) queue, ticket_id = Ticket.queue_and_id_from_query(ticket_req) try: if hasattr(settings, 'HELPDESK_VIEW_A_TICKET_PUBLIC') and settings.HELPDESK_VIEW_A_TICKET_PUBLIC: ticket = Ticket.objects.get(id=ticket_id, submitter_email__iexact=email) else: ticket = Ticket.objects.get(id=ticket_id, submitter_email__iexact=email, secret_key__iexact=key) except (ObjectDoesNotExist, ValueError): return search_for_ticket(request, _('Invalid ticket ID or e-mail address. Please try again.')) if is_helpdesk_staff(request.user): redirect_url = reverse('helpdesk:view', args=[ticket_id]) if 'close' in request.GET: redirect_url += '?close' return HttpResponseRedirect(redirect_url) if 'close' in request.GET and ticket.status == Ticket.RESOLVED_STATUS: from helpdesk.views.staff import update_ticket # Trick the update_ticket() view into thinking it's being called with # a valid POST. request.POST = { 'new_status': Ticket.CLOSED_STATUS, 'public': 1, 'title': ticket.title, 'comment': _('Submitter accepted resolution and closed ticket'), } if ticket.assigned_to: request.POST['owner'] = ticket.assigned_to.id request.GET = {} return update_ticket(request, ticket_id, public=True) # redirect user back to this ticket if possible. redirect_url = '' if helpdesk_settings.HELPDESK_NAVIGATION_ENABLED: redirect_url = reverse('helpdesk:view', args=[ticket_id]) return render(request, 'helpdesk/public_view_ticket.html', { 'key': key, 'mail': email, 'ticket': ticket, 'helpdesk_settings': helpdesk_settings, 'next': redirect_url, })
def test_custom_staff_pass(self): """If HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE is callable, a custom access rule is applied. """ from helpdesk.decorators import is_helpdesk_staff user = User.objects.create_user(username='******', password='******', email='*****@*****.**') self.assertTrue(is_helpdesk_staff(user)) self.client.login(username=user.username, password='******') response = self.client.get(reverse('helpdesk:dashboard'), follow=True) self.assertTemplateUsed(response, 'helpdesk/dashboard.html')
def test_non_staff_allowed(self): """If HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE is True, authenticated, non-staff users should be able to access the dashboard. """ from helpdesk.decorators import is_helpdesk_staff user = User.objects.create_user(username='******', password='******', email='*****@*****.**') self.assertTrue(is_helpdesk_staff(user)) self.client.login(username=user.username, password='******') response = self.client.get(reverse('helpdesk:dashboard'), follow=True) self.assertTemplateUsed(response, 'helpdesk/dashboard.html')
def dispatch(self, *args, **kwargs): request = self.request if not request.user.is_authenticated and helpdesk_settings.HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT: return HttpResponseRedirect(reverse('login')) if is_helpdesk_staff(request.user) or \ (request.user.is_authenticated and helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE): try: if request.user.usersettings_helpdesk.login_view_ticketlist: return HttpResponseRedirect(reverse('helpdesk:list')) else: return HttpResponseRedirect(reverse('helpdesk:dashboard')) except UserSettings.DoesNotExist: return HttpResponseRedirect(reverse('helpdesk:dashboard')) return super().dispatch(*args, **kwargs)
def create_ticket(request, *args, **kwargs): if is_helpdesk_staff(request.user): return staff.CreateTicketView.as_view()(request, *args, **kwargs) else: return CreateTicketView.as_view()(request, *args, **kwargs)
def test_staff_user_detection(self): """Staff and non-staff users are correctly identified""" from helpdesk.decorators import is_helpdesk_staff self.assertFalse(is_helpdesk_staff(self.non_staff_user)) self.assertTrue(is_helpdesk_staff(get_staff_user()))
def helpdesk_staff(user): try: return is_helpdesk_staff(user) except Exception as e: logger.exception( "'helpdesk_staff' template tag (django-helpdesk) crashed")