Exemplo n.º 1
0
def handle404(request, *args, **kwargs):
    if utils.is_platform(request):
        return render_to_response("ppd/404.html",
                                  None,
                                  context_instance=RequestContext(request))
    return render_to_response("404.html",
                              None,
                              context_instance=RequestContext(request))
Exemplo n.º 2
0
Arquivo: home.py Projeto: daasara/riba
def login(request,
          template_name='registration/login.html',
          redirect_field_name=REDIRECT_FIELD_NAME,
          authentication_form=AuthenticationForm):
    """Displays the login form and handles the login action."""
    redirect_to = request.REQUEST.get(redirect_field_name, '')

    error = ''
    if request.method == "POST":
        form = authentication_form(data=request.POST)
        if form.is_valid():
            #Franchise-network e.g. Itz
            if utils.is_franchise(request):
                profile = utils.get_user_profile(form.get_user())
                if not profile:
                    error = "No profile found related to this email"
                elif not is_valid_franchise(profile):
                    error = "You do not have rights to access this interface. Please request your manager to get the rights."
                #else:
                #    perm = 'auth.access_franchise'
                #    if profile and not profile.user.has_perm(perm):
                #        error = 'You do not have rights to access Franchise interface. Please request your manager to get the rights OR Add permissions through admin to this user but dont make superuser.'
            elif utils.is_cc(request):
                #profile = utils.get_profile_by_email_or_phone(form.get_user())
                profile = utils.get_user_profile(form.get_user())
                perm = (request.client.type == 'store'
                        ) and 'auth.access_store' or 'auth.access_callcenter'
                if profile and not profile.user.has_perm(perm):
                    error = 'You do not have rights to access this interface. Please request your manager to get the rights.'
            #Sellers Hub:
            elif utils.is_platform(request):
                profile = utils.get_user_profile(form.get_user())
                perm1 = 'users.access_ppd'
                perm2 = 'users.access_ifs'
                if profile and not (profile.user.has_perm(perm1)
                                    or profile.user.has_perm(perm2)):
                    error = 'You do not have rights to access this interface. Please request your manager to get the rights.'
            if not error:
                if utils.is_platform(request) and profile:
                    redirect_to = "/home"
                # Light security check -- make sure redirect_to isn't garbage.
                if not redirect_to or ' ' in redirect_to:
                    redirect_to = settings.LOGIN_REDIRECT_URL

                # Heavier security check -- redirects to http://example.com should
                # not be allowed, but things like /view/?param=http://example.com
                # should be allowed. This regex checks if there is a '//' *before* a
                # question mark.
                elif '//' in redirect_to and re.match(r'[^\?]*//',
                                                      redirect_to):
                    redirect_to = settings.LOGIN_REDIRECT_URL
                # Okay, security checks complete. Log the user in.
                auth_login(request, form.get_user())
                if utils.is_platform(request):
                    profile = utils.get_user_profile(request.user)
                    sellers = profile.managed_accounts.filter(
                        client=request.client.client)
                    request.session['all_sellers'] = sellers
                    request.session['seller'] = [sellers[0]]

                if request.session.test_cookie_worked():
                    request.session.delete_test_cookie()
                return HttpResponseRedirect(redirect_to)

    else:
        form = authentication_form(request)

    request.session.set_test_cookie()
    if Site._meta.installed:
        current_site = Site.objects.get_current()
    else:
        current_site = RequestSite(request)
    return render_to_response(template_name, {
        'error': error,
        'form': form,
        'redirect_field_name': redirect_to,
        'site': current_site,
        'site_name': current_site.name,
    },
                              context_instance=RequestContext(request))
Exemplo n.º 3
0
def handle404(request, *args, **kwargs):
    if utils.is_platform(request):
        return render_to_response("ppd/404.html", None, context_instance=RequestContext(request))
    return render_to_response("404.html", None, context_instance=RequestContext(request))
Exemplo n.º 4
0
def login(request, template_name='registration/login.html',
          redirect_field_name=REDIRECT_FIELD_NAME,
          authentication_form=AuthenticationForm):
    """Displays the login form and handles the login action."""
    redirect_to = request.REQUEST.get(redirect_field_name, '')

    error = ''
    if request.method == "POST":
        form = authentication_form(data=request.POST)
        if form.is_valid():
            #Franchise-network e.g. Itz
            if utils.is_franchise(request):
                profile = utils.get_user_profile(form.get_user())
                if not profile:
                    error = "No profile found related to this email"
                elif not is_valid_franchise(profile):
                    error = "You do not have rights to access this interface. Please request your manager to get the rights."
                #else:
                #    perm = 'auth.access_franchise'
                #    if profile and not profile.user.has_perm(perm):
                #        error = 'You do not have rights to access Franchise interface. Please request your manager to get the rights OR Add permissions through admin to this user but dont make superuser.'
            elif utils.is_cc(request):
                #profile = utils.get_profile_by_email_or_phone(form.get_user())
                profile = utils.get_user_profile(form.get_user())
                perm = (request.client.type == 'store') and 'auth.access_store' or 'auth.access_callcenter'
                if profile and not profile.user.has_perm(perm):
                    error = 'You do not have rights to access this interface. Please request your manager to get the rights.'
            #Sellers Hub:
            elif utils.is_platform(request):
                profile = utils.get_user_profile(form.get_user())
                perm1 = 'users.access_ppd'
                perm2 = 'users.access_ifs'
                if profile and not (profile.user.has_perm(perm1) or profile.user.has_perm(perm2)):
                    error = 'You do not have rights to access this interface. Please request your manager to get the rights.'
            if not error:
                if utils.is_platform(request) and profile:
                    redirect_to = "/home"
                # Light security check -- make sure redirect_to isn't garbage.
                if not redirect_to or ' ' in redirect_to:
                    redirect_to = settings.LOGIN_REDIRECT_URL

                # Heavier security check -- redirects to http://example.com should
                # not be allowed, but things like /view/?param=http://example.com
                # should be allowed. This regex checks if there is a '//' *before* a
                # question mark.
                elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
                    redirect_to = settings.LOGIN_REDIRECT_URL
                # Okay, security checks complete. Log the user in.
                auth_login(request, form.get_user())
                if utils.is_platform(request):
                    profile = utils.get_user_profile(request.user)
                    sellers = profile.managed_accounts.filter(client = request.client.client)
                    request.session['all_sellers'] = sellers
                    request.session['seller'] = [sellers[0]]

                if request.session.test_cookie_worked():
                    request.session.delete_test_cookie()
                return HttpResponseRedirect(redirect_to)

    else:
        form = authentication_form(request)

    request.session.set_test_cookie()
    if Site._meta.installed:
        current_site = Site.objects.get_current()
    else:
        current_site = RequestSite(request)
    return render_to_response(template_name, {
        'error': error,
        'form': form,
        'redirect_field_name': redirect_to,
        'site': current_site,
        'site_name': current_site.name,
    }, context_instance=RequestContext(request))