def inner(request, *args, **kwargs): if not request.user.is_superuser: raise PermissionDenied("Admins must be Superusers") elif not (request.user.is_verified() or settings.DEBUG): # OTP has a decorator for this, but it bounces the user back to the # login page - which will fail because the user is already logged in raise PermissionDenied( "Admins must have Two Factor Authentication enabled") elif not request.is_sudo(): return redirect_to_sudo(request.get_full_path()) return func(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): if self.auth_required and not request.user.is_authenticated(): request.session['_next'] = request.get_full_path() return self.redirect(get_login_url()) if self.sudo_required and not request.is_sudo(): return redirect_to_sudo(request.get_full_path()) args, kwargs = self.convert_args(request, *args, **kwargs) if not self.has_permission(request, *args, **kwargs): redirect_uri = self.get_no_permission_url(request, *args, **kwargs) return self.redirect(redirect_uri) self.request = request self.default_context = self.get_context_data(request, *args, **kwargs) return self.handle(request, *args, **kwargs)
def test_redirect_to_sudo_custom_url(self): response = redirect_to_sudo('/foo', '/lolsudo/') self.assertEqual(response.status_code, 302) self.assertEqual(response['Location'], '/lolsudo/?next=/foo')
def test_redirect_to_sudo_with_querystring(self): response = redirect_to_sudo('/foo?foo=bar') self.assertEqual(response.status_code, 302) self.assertEqual(response['Location'], '/sudo/?next=/foo%3Ffoo%3Dbar')
def test_redirect_to_sudo_simple(self): response = redirect_to_sudo('/foo') self.assertEqual(response.status_code, 302) self.assertEqual(response['Location'], '/sudo/?next=/foo')
def test_redirect_to_sudo_simple(self): response = redirect_to_sudo("/foo") self.assertEqual(response.status_code, 302) self.assertEqual(response["Location"], "/sudo/?next=/foo")
def test_redirect_to_sudo_custom_url(self): response = redirect_to_sudo("/foo", "/lolsudo/") self.assertEqual(response.status_code, 302) self.assertEqual(response["Location"], "/lolsudo/?next=/foo")
def inner(request, *args, **kwargs): if not request.is_sudo(): return redirect_to_sudo(request.get_full_path()) return func(request, *args, **kwargs)
def test_redirect_to_sudo_with_querystring(self): response = redirect_to_sudo("/foo?foo=bar") self.assertEqual(response.status_code, 302) self.assertEqual(response["Location"], "/account/sudo/?next=/foo%3Ffoo%3Dbar")
def handle_sudo_required(self, request, *args, **kwargs): return redirect_to_sudo(request.get_full_path())
def process_request(self, request): if request.path.startswith(reverse("admin:index")): if request.is_sudo(): return else: return redirect_to_sudo(request.get_full_path())