def showDismissKUser(request):
print('dismiss users')
if request.method == 'GET':
kusers = users.models.KUser.objects.all()
print('send page for get method')
return render(request, 'user/show-dismiss-user.html', addUserInfoContext(request, {
'page_title': 'Dismiss',
'kusers': kusers,
}))
elif request.method == 'POST':
success_mes = '<div class="form-success">کاربران اخراج شدند.</div>'
print(request.POST)
ids = json.loads(request.POST['ids'])
print('ids:')
print(ids)
print(type(ids))
kusers = users.models.KUser.objects.filter(pk__in=ids)
print(kusers)
man = getRequestKUser(request)
for kuser in kusers:
if kuser.privilege > man.privilege:
print('insufficient access')
return JsonResponse({'message': '<div class="form-error">دسترسی مجاز نیست.</div>', 'success': False})
for kuser in kusers:
kuser.fire()
Log.log_action(request,'کاربر ' + kuser.user.username + ' اخراج شد.')
return JsonResponse({'message': success_mes, 'success': True})
return None
def _wrapped_view_func(request, *args, **kwargs):
if getRequestKUser(request).privilege < access:
return HttpResponseForbidden('access denied.')
return view_func(request, *args, **kwargs)
def _wrapped_view_func(request, *args, **kwargs):
if not getRequestKUser(request).isManager:
return HttpResponseForbidden('access denied.')
return view_func(request, *args, **kwargs)
