示例#1
0
def motd(request):

    try:
        motd = Motd.objects.latest()
    except Motd.DoesNotExist:
        motd = None
    can_edit = request.user.is_superuser or UrlPermission.user_has_access(
        request.user, '/editmotd/')

    #{{motd|safe}} to escape html markup
    return {'motd': motd, 'can_edit_motd': can_edit}
示例#2
0
def motd(request):
    
    try:
        motd = Motd.objects.latest()
    except Motd.DoesNotExist:
        motd = None
    can_edit = request.user.is_superuser or UrlPermission.user_has_access(request.user, '/editmotd/')
        
    #{{motd|safe}} to escape html markup
    return {'motd': motd, 'can_edit_motd': can_edit}

    
示例#3
0
def menu(request):
    """
    Adds the variable {{ user_menu }} to all the templates.

    The menu is composed with items from each ECM app/plugin (see the menu.py files)
    The items are dynamically displayed according to user accesses.
    """
    user_menus = []
    for menu in ECM_MENUS:
        if request.user.is_superuser or UrlPermission.user_has_access(request.user, menu['url']):
            user_menus.append(menu)
    data = {
        'menus': user_menus, 
        'path': str(request.get_full_path())
    }
    return {'user_menu': render_to_string('ecm/menu.html', data), 'request_path': data['path']}
示例#4
0
def menu(request):
    """
    Adds the variable {{ user_menu }} to all the templates.

    The menu is composed with items from each ECM app/plugin (see the menu.py files)
    The items are dynamically displayed according to user accesses.
    """
    user_menus = []
    for menu in ECM_MENUS:
        if request.user.is_superuser or UrlPermission.user_has_access(
                request.user, menu['url']):
            user_menus.append(menu)
    data = {'menus': user_menus, 'path': str(request.get_full_path())}
    return {
        'user_menu': render_to_string('ecm/menu.html', data),
        'request_path': data['path']
    }
示例#5
0
def is_cyno_alt(request, characterID):
    """
    Serves /hr/members/<characterID>/is_cyno_alt/
    """
    member = get_object_or_404(Member, characterID=int(characterID))
    if not (request.user.is_superuser or request.user == member.owner
            or UrlPermission.user_has_access(request.user,
                                             request.get_full_path())):
        return HttpResponseForbidden(request)
    if request.method == 'POST':
        try:
            is_cyno_alt = bool(json.loads(request.POST.get('is_cyno_alt')))
        except (ValueError, TypeError), e:
            return HttpResponseBadRequest(str(e))
        member.is_cyno_alt = is_cyno_alt
        member.save()
        logger.info('"%s" Changed cyno alt status of "%s" -> %s' %
                    (request.user, member, is_cyno_alt))
示例#6
0
 def _wrapped_view(request, *args, **kwargs):
     if request.user.is_authenticated():
         access_ok = UrlPermission.user_has_access(request.user, request.get_full_path())
         if not access_ok:
             try:
                 url_re = re.compile("^/members/\d+.*$")
                 if url_re.match(request.get_full_path()):
                     characterID = int(args[0])
                     access_ok = (Member.objects.get(characterID=characterID).owner == request.user)
             except:
                 pass
         if request.user.is_superuser or access_ok:
             return view_function(request, *args, **kwargs)
         else:
             return forbidden(request)
     else:
         from django.contrib.auth.views import redirect_to_login
         return redirect_to_login(request.get_full_path())
示例#7
0
def is_cyno_alt(request, characterID):
    """
    Serves /hr/members/<characterID>/is_cyno_alt/
    """
    member = get_object_or_404(Member, characterID=int(characterID))
    if not (
        request.user.is_superuser
        or request.user == member.owner
        or UrlPermission.user_has_access(request.user, request.get_full_path())
    ):
        return HttpResponseForbidden(request)
    if request.method == "POST":
        try:
            is_cyno_alt = bool(json.loads(request.POST.get("is_cyno_alt")))
        except (ValueError, TypeError), e:
            return HttpResponseBadRequest(str(e))
        member.is_cyno_alt = is_cyno_alt
        member.save()
        logger.info('"%s" Changed cyno alt status of "%s" -> %s' % (request.user, member, is_cyno_alt))