def dispatch(self, *args, **kwargs): """ checks permissions, requires a login and because we are using a generic view approach to the data-models in django BMF, we can ditch a middleware (less configuration) and add the functionality we need for the framework to work properly to this function. """ # add the site object to every request setattr(self.request, 'djangobmf_appconfig', apps.get_app_config(bmfsettings.APP_LABEL)) setattr(self.request, 'djangobmf_site', self.request.djangobmf_appconfig.site) # add the authenticated user and employee to the request (as a lazy queryset) self.request.user.djangobmf = Employee(self.request.user) # TODO ... call check_object_permission instead when objects have a model try: if not self.check_permissions(self.request): return permission_denied(self.request) except Http404: return page_not_found(self.request) # TODO MOVE THIS CHECK TO PERMISSIONS # check if bmf has a employee model and if so do a validation of the # employee instance (users, who are not employees are not allowed to access) if self.request.user.djangobmf.has_employee and not self.request.user.djangobmf.employee: logger.debug("User %s does not have permission to access djangobmf" % self.request.user) if self.request.user.is_superuser: return redirect('djangobmf:wizard', permanent=False) else: return permission_denied(self.request) response = super(BaseMixin, self).dispatch(*args, **kwargs) # Catch HTTP error codes and redirect to a bmf-specific template if response.status_code in [400, 403, 404, 500] and not settings.DEBUG: if response.status_code == 400: return bad_request(self.request) if response.status_code == 403: return permission_denied(self.request) if response.status_code == 404: return page_not_found(self.request) if response.status_code == 500: return server_error(self.request) return response
def test_server_error(self): request = self.factory.get('/500/') response = server_error(request) self.assertEqual(response.status_code, 500)