Skip to content

Commit

Permalink
HOT: add login security to accounts/ view, now need django 1.4
Browse files Browse the repository at this point in the history
  • Loading branch information
@yomguy
yomguy committed Apr 12, 2012
1 parent c676291 commit 39e17d4
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 5 deletions.
2 changes: 1 addition & 1 deletion setup.py
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
author_email = "yomguy@parisson.com", author_email = "yomguy@parisson.com",
version = telemeta.__version__, version = telemeta.__version__,
install_requires = [ install_requires = [
'django>=1.3.1', 'django>=1.4',
'django-registration', 'django-registration',
'django-json-rpc', 'django-json-rpc',
'timeside', 'timeside',
Expand Down
10 changes: 6 additions & 4 deletions telemeta/views/base.py
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -422,6 +422,7 @@ def complete_location(self, request, with_items=True):


return HttpResponse("\n".join(data)) return HttpResponse("\n".join(data))


@method_decorator(login_required)
def users(self, request): def users(self, request):
users = User.objects.all() users = User.objects.all()
return render(request, 'telemeta/users.html', {'users': users}) return render(request, 'telemeta/users.html', {'users': users})
Expand Down Expand Up @@ -1037,19 +1038,19 @@ def item_keywords_edit(self, request, public_id, template):
class AdminView(object): class AdminView(object):
"""Provide Admin web UI methods""" """Provide Admin web UI methods"""


@method_decorator(permission_required('sites.change_site')) @method_decorator(permission_required('is_superuser'))
def admin_index(self, request): def admin_index(self, request):
return render(request, 'telemeta/admin.html', self.__get_admin_context_vars()) return render(request, 'telemeta/admin.html', self.__get_admin_context_vars())


@method_decorator(permission_required('sites.change_site')) @method_decorator(permission_required('is_superuser'))
def admin_general(self, request): def admin_general(self, request):
return render(request, 'telemeta/admin_general.html', self.__get_admin_context_vars()) return render(request, 'telemeta/admin_general.html', self.__get_admin_context_vars())


@method_decorator(permission_required('sites.change_site')) @method_decorator(permission_required('is_superuser'))
def admin_enumerations(self, request): def admin_enumerations(self, request):
return render(request, 'telemeta/admin_enumerations.html', self.__get_admin_context_vars()) return render(request, 'telemeta/admin_enumerations.html', self.__get_admin_context_vars())


@method_decorator(permission_required('sites.change_site')) @method_decorator(permission_required('is_superuser'))
def admin_users(self, request): def admin_users(self, request):
users = User.objects.all() users = User.objects.all()
return render(request, 'telemeta/admin_users.html', {'users': users}) return render(request, 'telemeta/admin_users.html', {'users': users})
Expand Down Expand Up @@ -1398,6 +1399,7 @@ def profile_detail(self, request, username, template='telemeta/profile_detail.ht
return render(request, template, {'profile' : profile, 'usr': user, 'playlists': playlists, return render(request, template, {'profile' : profile, 'usr': user, 'playlists': playlists,
'user_revisions': user_revisions}) 'user_revisions': user_revisions})


@method_decorator(login_required)
def profile_edit(self, request, username, template='telemeta/profile_edit.html'): def profile_edit(self, request, username, template='telemeta/profile_edit.html'):
if request.user.is_superuser: if request.user.is_superuser:
user_hidden_fields = ['profile-user', 'user-password', 'user-last_login', 'user-date_joined'] user_hidden_fields = ['profile-user', 'user-password', 'user-last_login', 'user-date_joined']
Expand Down

0 comments on commit 39e17d4

Please sign in to comment.