def _get_unauth_reason(self, request):
"""
Figure out if there's any reason not to allow the user access to this view via the given request.
:type request: Request.
:param request: HttpRequest
:rtype: str|None
"""
if self.require_authentication:
if not is_authenticated(request.user):
return _("Sign in to continue.")
elif not getattr(request.user, "is_staff", False):
return _(
"Your account must have `Access to Admin Panel` permissions to access this page."
)
elif not get_shop(request):
return _(
"There is no active shop available. Contact support for more details."
)
missing_permissions = get_missing_permissions(request.user,
self.permissions)
if missing_permissions:
return _("You do not have the required permissions: %s"
) % ", ".join(missing_permissions)
def _get_unauth_response(self, request, reason):
"""
Get an error response (or raise a Problem) for a given request and reason message.
:type request: Request.
:param request: HttpRequest
:type reason: Reason string.
:param reason: str
"""
if request.is_ajax():
return HttpResponseForbidden(
json.dumps({"error": force_text(reason)}))
error_params = urlencode({"error": force_text(reason)})
login_url = force_str(
reverse("shuup_admin:login") + "?" + error_params)
resp = redirect_to_login(next=request.path, login_url=login_url)
if is_authenticated(request.user):
# Instead of redirecting to the login page, let the user know what's wrong with
# a helpful link.
raise (Problem(
_("Can't view this page. %(reason)s") % {
"reason": escape(reason)
}).with_link(url=resp.url,
title=_("Log in with different credentials...")))
return resp
def get_fields(self, **kwargs):
request = kwargs.get("request", None)
gdpr_settings = get_gdpr_settings(request)
if not gdpr_settings:
return []
user_consent = None
if is_authenticated(request.user):
user_consent = GDPRUserConsent.get_for_user(
request.user, request.shop)
fields = []
for page in get_active_consent_pages(request.shop):
# user already has consented to this page, ignore it
if user_consent and not user_consent.should_reconsent_to_page(
page):
continue
key = "accept_{}".format(page.id)
field = forms.BooleanField(label=mark_safe(
ugettext(
"I have read and accept the <a href='{}' target='_blank' class='gdpr_consent_doc_check'>{}</a>"
).format(reverse("shuup:cms_page", kwargs=dict(url=page.url)),
page.title)),
required=True,
error_messages=dict(
required=self.error_message))
definition = FormFieldDefinition(name=key, field=field)
fields.append(definition)
return fields
def dispatch(self, request, *args, **kwargs):
if is_authenticated(request.user):
logout(request)
return super(LogoutView, self).dispatch(request, *args, **kwargs)
def handle_set_customer(request,
basket,
customer,
orderer=None): # noqa (C901)
if isinstance(customer, AnonymousContact):
basket.orderer = AnonymousContact()
else:
if not customer.is_active:
raise ValidationError(_("Customer is not active."),
code="invalid_customer")
if customer.pk:
customer_shops = customer.shops.all()
if customer_shops and basket.shop not in customer_shops:
raise ValidationError(_(
"Shop does not have all the necessary permissions for this customer."
),
code="invalid_customer_shop")
if is_authenticated(request.user):
request_contact = PersonContact.objects.filter(
user=request.user).first() or AnonymousContact()
else:
request_contact = AnonymousContact()
is_superuser = getattr(request.user, "is_superuser", False)
is_staff = getattr(
request.user, "is_staff",
False) and request.user in basket.shop.staff_members.all()
if isinstance(customer, PersonContact):
# to set a customer different from the current one
# he must be a super user or at least staff
# but allow to set a customer when the current one is not authenticated
if customer != request_contact and is_authenticated(request.user):
if not (is_superuser or is_staff):
raise ValidationError(_(
"You don't have the required permission to assign this customer."
),
code="no_permission")
basket.orderer = customer
elif isinstance(customer, CompanyContact):
if not orderer:
raise ValidationError(_(
"You must specify the order, in which customer is a company."
),
code="invalid_orderer")
# make sure the company is saved in db
valid_customer = (customer and customer.pk)
if not valid_customer:
raise ValidationError(_("Invalid customer."),
code="invalid_customer")
company_members = customer.members.all()
if orderer not in company_members:
raise ValidationError(
_("Orderer is not a member of the company."),
code="orderer_not_company_member")
elif not (is_superuser
or is_staff) and request_contact not in company_members:
raise ValidationError(
_("You are not a member of the company."),
code="not_company_member")
basket.orderer = orderer
basket.customer = customer
return {"ok": True}
def is_authenticated(user):
return django_compat.is_authenticated(user)
