Permalink
Browse files

auth handling fixes.

  • Loading branch information...
1 parent 59c4fff commit 7d247259784cfc40d3981e78fa440bbbf408027f @alexsdutton alexsdutton committed Jan 15, 2012
Showing with 15 additions and 9 deletions.
  1. +3 −0 openorg_timeseries/tests/settings.py
  2. +12 −9 openorg_timeseries/views/admin.py
@@ -8,7 +8,9 @@
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
+ 'django_conneg',
'openorg_timeseries',
+ 'openorg_timeseries.tests',
)
MIDDLEWARE_CLASSES = (
@@ -18,6 +20,7 @@
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.RemoteUserMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
+ 'django_conneg.middleware.BasicAuthMiddleware',
# 'django.middleware.http.ConditionalGetMiddleware',
# 'django.middleware.gzip.GZipMiddleware',
)
@@ -32,6 +32,7 @@ class ErrorView(HTMLView, JSONPView, TextView):
_force_fallback_format = 'json'
def dispatch(self, request, context, template_name):
+ request.renderers = self.get_renderers(request)
template_name = (template_name, 'timeseries-admin/error')
return self.render(request, context, template_name)
@@ -101,9 +102,6 @@ def filtered_dict(self, d, keys):
class ListView(TimeSeriesView, HTMLView, JSONPView):
@method_decorator(login_required)
- def dispatch(self, request):
- return super(ListView, self).dispatch(request)
-
def get(self, request):
series = TimeSeries.objects.all().order_by('slug')
series = [s for s in series if self.has_perm('view', s)]
@@ -114,6 +112,7 @@ def get(self, request):
}
return self.render(request, context, 'timeseries-admin/index')
+ @method_decorator(login_required)
def post(self, request):
if not self.has_perm('add'):
return self.lacking_privilege('create a new time-series')
@@ -157,15 +156,17 @@ def common(self, request):
}
@method_decorator(login_required)
- def dispatch(self, request):
+ def get(self, request):
+ context = self.common(request)
if not request.user.has_perm('openorg_timeseries.add_timeseries'):
return self.lacking_privilege('create a new time-series')
- return super(CreateView, self).dispatch(request, self.common(request))
-
- def get(self, request, context):
return self.render(request, context, 'timeseries-admin/create')
- def post(self, request, context):
+ @method_decorator(login_required)
+ def post(self, request):
+ context = self.common(request)
+ if not request.user.has_perm('openorg_timeseries.add_timeseries'):
+ return self.lacking_privilege('create a new time-series')
form, archive_formset = context['form'], context['archive_formset']
if not (form.is_valid() and archive_formset.is_valid()):
return self.render(request, context, 'timeseries-admin/create')
@@ -204,12 +205,14 @@ def common(self, request, slug):
'form': form}
return context
+ @method_decorator(login_required)
def get(self, request, slug):
context = self.common(request, slug)
if not self.has_perm('view', context['series']):
return self.lacking_privilege('view this time-series')
- return self.render(request, context, 'timeseries/admin-detail')
+ return self.render(request, context, 'timeseries-admin/detail')
+ @method_decorator(login_required)
def post(self, request, slug):
context = self.common(request, slug)
series, form = context['series'], context['form']

0 comments on commit 7d24725

Please sign in to comment.