def get_context_data(self, *args, object_list=None, **kwargs): context = super().get_context_data(*args, object_list=object_list, **kwargs) context['fields'] = self.get_fields() # if the url is not None, use the value specified by the url variable. # if the url is None, create a url using the views key # this way if no URL, say details_url, is provided it's assumed the default RUL will be 'whalesdb:details_key' # if the details_url = False in the extending view then False will be passed to the context['detials_url'] # variable and in the template where the variable is used for buttons and links the button and/or links can # be left out without causing URL Not Found issues. context['create_url'] = self.get_create_url() context['details_url'] = self.get_details_url() context['update_url'] = self.get_update_url() # for the most part if the user is authorized then the content is editable # but extending classes can choose to make content not editable even if the user is authorized context['auth'] = utils.whales_authorized(self.request.user) context['editable'] = context['auth'] and self.editable if self.creation_form_height: context['height'] = self.creation_form_height return context
def get_context_data(self, *args, **kwargs): context = super().get_context_data() # for the most part if the user is authorized then the content is editable # but extending classes can choose to make content not editable even if the user is authorized context['auth'] = context['editable'] = utils.whales_authorized(self.request.user) return context
def rst_delete(request, pk): rst = models.RstRecordingStage.objects.get(pk=pk) if utils.whales_authorized(request.user): rst.delete() messages.success( request, _("The recording stage has been successfully deleted.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) else: return HttpResponseRedirect(reverse_lazy('accounts:denied_access'))
def dep_delete(request, pk): dep = models.DepDeployment.objects.get(pk=pk) if utils.whales_authorized(request.user): dep.delete() messages.success(request, _("The deployment has been successfully deleted.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) else: return HttpResponseRedirect(reverse_lazy('accounts:denied_access'))
def eda_delete(request, pk): eda = models.EdaEquipmentAttachment.objects.get(pk=pk) if utils.whales_authorized(request.user): eda.delete() messages.success(request, _("The attachment has been successfully removed.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) else: return HttpResponseRedirect(reverse_lazy('accounts:denied_access'))
def ecc_delete(request, pk): ecc = models.EccCalibrationValue.objects.get(pk=pk) if utils.whales_authorized(request.user): ecc.delete() messages.success(request, _("The value curve has been successfully deleted.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) else: return HttpResponseRedirect(reverse_lazy('accounts:denied_access'))
def test_auth_whaleadmin_granted(self): user = User.objects.create_user(username='******', email="*****@*****.**", password="******") whale_group = Group(name="whalesdb_admin") whale_group.save() user.groups.add(whale_group) authorized = utils.whales_authorized(user) self.assertTrue(authorized)
def tea_delete(request, pk): user_test_result = utils.whales_authorized(request.user) if user_test_result and request.user.is_authenticated: tea = models.TeaTeamMember.objects.get(pk=pk) tea.delete() messages.success(request, _("The team member has been successfully removed.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) elif not request.user.is_authenticated: return HttpResponseRedirect('/accounts/login/?next={}'.format(reverse_lazy("whalesdb:delete_tea", args=[pk, ]))) else: return HttpResponseRedirect('/accounts/denied/')
def delete_managed(request, key, pk): if utils.whales_authorized(request.user): if key == 'eqt': models.EqtEquipmentTypeCode.objects.get(pk=pk).delete() messages.success(request, _("The recording stage has been successfully deleted.")) elif key == 'rtt': models.EqtEquipmentTypeCode.objects.get(pk=pk).delete() messages.success(request, _("The recording stage has been successfully deleted.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER')) else: return HttpResponseRedirect(reverse_lazy('accounts:denied_access'))
def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) if self.title: context['title'] = self.title if self.fields: context['fields'] = self.fields context['list_url'] = self.list_url if self.list_url else "whalesdb:list_{}".format(self.key) context['update_url'] = self.update_url if self.update_url else "whalesdb:update_{}".format(self.key) if self.delete_url: context['delete_url'] = self.delete_url # for the most part if the user is authorized then the content is editable # but extending classes can choose to make content not editable even if the user is authorized context['auth'] = utils.whales_authorized(self.request.user) context['editable'] = context['auth'] and self.editable return context
def test_func(self): return utils.whales_authorized(self.request.user)
def test_auth_regular_denied(self): user = User.objects.create_user(username='******', email="*****@*****.**", password="******") authorized = utils.whales_authorized(user) self.assertFalse(authorized)
def test_auth_anon_denied(self): authorized = utils.whales_authorized(AnonymousUser()) self.assertFalse(authorized)