Ejemplo n.º 1
0
 def process_request(self, request):
     if not request.user.is_authenticated:
         if not any([
                 request.path.startswith(prefix)
                 for prefix in LOGIN_URLS + ['/signup/', '/captcha/']
         ]):
             return redirect_to_not_logged_in(request)
Ejemplo n.º 2
0
 def dispatch(self, request, *args, **kwargs):
     try:
         ret = super(RequireReadMixin,
                     self).dispatch(request, *args, **kwargs)
     except CosinnusPermissionDeniedException:
         return redirect_to_not_logged_in(request, view=self)
     return ret
Ejemplo n.º 3
0
 def dispatch(self, request, *args, **kwargs):
     if not getattr(settings, 'COSINNUS_MICROSITES_ENABLED', False):
         raise Http404
     # if microsite access is limited, only allow invite-links, but nothing else
     if not self.request.user.is_authenticated and getattr(settings, 'COSINNUS_MICROSITES_DISABLE_ANONYMOUS_ACCESS', False) \
             and not request.GET.get('invited', None) == '1':
         return redirect_to_not_logged_in(self.request, view=self)
     return super(GroupMicrositeView, self).dispatch(request, *args, **kwargs)
Ejemplo n.º 4
0
    def dispatch(self, request, *args, **kwargs):
        self.request = request
        """ Check if the user can access the targeted user profile. """
        target_user_profile = self.get_object(self.get_queryset())
        if not target_user_profile:
            return redirect_to_not_logged_in(request)
        target_user_visibility = target_user_profile.media_tag.visibility
        user = request.user
        # VISIBILITY_ALL users can always be seen, so skip the check
        if not target_user_visibility == BaseTagObject.VISIBILITY_ALL:
            # all other views require at least to be logged in
            if not user.is_authenticated:
                return redirect_to_not_logged_in(request)
            if not check_user_can_see_user(user, target_user_profile.user):
                raise PermissionDenied

        return super(UserProfileDetailView,
                     self).dispatch(request, *args, **kwargs)
Ejemplo n.º 5
0
def _check_user_approval_permissions(request, user_id):
    """ Permission checks for user approval/denial views """
    if not request.method=='GET':
        return HttpResponseNotAllowed(['GET'])
    
    if not request.user.is_authenticated():
        return redirect_to_not_logged_in(request)
    elif not request.user.id in CosinnusPortal.get_current().admins:
        return redirect_to_403(request)
    return None
Ejemplo n.º 6
0
 def on_error(self, request, *args, **kwargs):
     """ Called when the require-read permission is not met """
     if not request.user.is_authenticated:
         return redirect_to_not_logged_in(request, view=self)
     messages.warning(
         request,
         _('You are not currently a member of %s! If you wish you can request to become a member below.'
           ) % self.group.name)
     return redirect(
         group_aware_reverse('cosinnus:group-list-filtered',
                             kwargs={'group': kwargs.get('group')}))
Ejemplo n.º 7
0
 def dispatch(self, request, *args, **kwargs):
     """ Only allow owners to see inactive offers """
     try:
         self.group = get_group_for_request(kwargs.get('group'), request)
         offer = self.get_object()
         if not offer.is_active and not check_object_write_access(
                 offer, request.user):
             messages.error(
                 request,
                 _('The offer you requested is no longer active. Sorry!'))
             return redirect(
                 group_aware_reverse('cosinnus:marketplace:list',
                                     kwargs={'group': self.group}))
         return super(OfferDetailView,
                      self).dispatch(request, *args, **kwargs)
     except CosinnusPermissionDeniedException:
         return redirect_to_not_logged_in(request, view=self)
Ejemplo n.º 8
0
 def dispatch(self, request, *args, **kwargs):
     self.offer_view = kwargs.get('offer_view', 'all')
     if self.offer_view == 'mine' and not self.request.user.is_authenticated:
         return redirect_to_not_logged_in(view=self)
     return super(OfferListView, self).dispatch(request, *args, **kwargs)