extern/django-helpdesk
1
0
Fork 1
mirror of https://github.com/django-helpdesk/django-helpdesk.git synced 2025-05-30 22:45:48 +02:00
Code Issues Packages Projects Releases Wiki Activity

replace all explicit uses of HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE in helpdesk.views.staff

Browse Source
This commit is contained in:
Stefano Brentegani 2014-07-30 06:58:57 +02:00
parent 14d7279844
commit b1b89d1d6f
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/settings.rst
View File

@ -86,12 +86,11 @@ These options only change display of items on public-facing pages, not staff pag
Options that change ticket updates Options that change ticket updates
---------------------------------- ----------------------------------
- **HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE** Allow non-staff users to interact with tickets? This will also change how 'staff_member_required' - **HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE** Allow non-staff users to interact with tickets?
in staff.py will be defined.
**Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False`` **Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False``
- **HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK** Apply a custom authorisation logic when defining 'staff_member_required' in staff.py. - **HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK** Apply a custom authorisation logic for identifying helpdesk staff members.
If set, `HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE` will be ignored when determining staff access. If set, `HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE` will be ignored when determining staff access.
The value should be a function accepting the active user as a parameter and returning True if the user is considered helpdesk The value should be a function accepting the active user as a parameter and returning True if the user is considered helpdesk
staff, e.g. staff, e.g.

11
helpdesk/views/staff.py
View File

@ -32,7 +32,7 @@ try:
except ImportError: except ImportError:
from datetime import datetime as timezone from datetime import datetime as timezone
from helpdesk.decorators import helpdesk_staff_member_required, helpdesk_superuser_required from helpdesk.decorators import helpdesk_staff_member_required, helpdesk_superuser_required, is_helpdesk_staff
from helpdesk.forms import TicketForm, UserSettingsForm, EmailIgnoreForm, EditTicketForm, TicketCCForm, EditFollowUpForm, TicketDependencyForm from helpdesk.forms import TicketForm, UserSettingsForm, EmailIgnoreForm, EditTicketForm, TicketCCForm, EditFollowUpForm, TicketDependencyForm
from helpdesk.lib import send_templated_mail, query_to_dict, apply_query, safe_template_context from helpdesk.lib import send_templated_mail, query_to_dict, apply_query, safe_template_context
from helpdesk.models import Ticket, Queue, FollowUp, TicketChange, PreSetReply, Attachment, SavedSearch, IgnoreEmail, TicketCC, TicketDependency from helpdesk.models import Ticket, Queue, FollowUp, TicketChange, PreSetReply, Attachment, SavedSearch, IgnoreEmail, TicketCC, TicketDependency
@ -292,8 +292,7 @@ def subscribe_staff_member_to_ticket(ticket, user):
def update_ticket(request, ticket_id, public=False): def update_ticket(request, ticket_id, public=False):
if not (public or (request.user.is_authenticated() and request.user.is_active and ( if not (public or is_helpdesk_staff(request.user)):
request.user.is_staff or helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE))):
return HttpResponseRedirect('%s?next=%s' % (reverse('login'), request.path)) return HttpResponseRedirect('%s?next=%s' % (reverse('login'), request.path))
ticket = get_object_or_404(Ticket, id=ticket_id) ticket = get_object_or_404(Ticket, id=ticket_id)
@ -344,7 +343,7 @@ def update_ticket(request, ticket_id, public=False):
f = FollowUp(ticket=ticket, date=timezone.now(), comment=comment) f = FollowUp(ticket=ticket, date=timezone.now(), comment=comment)
if request.user.is_staff or helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE: if is_helpdesk_staff(request.user):
f.user = request.user f.user = request.user
f.public = public f.public = public
@ -535,9 +534,9 @@ def update_ticket(request, ticket_id, public=False):
def return_to_ticket(user, helpdesk_settings, ticket): def return_to_ticket(user, helpdesk_settings, ticket):
''' Helpder function for update_ticket ''' """ Helper function for update_ticket """
if user.is_staff or helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE: if is_helpdesk_staff(user):
return HttpResponseRedirect(ticket.get_absolute_url()) return HttpResponseRedirect(ticket.get_absolute_url())
else: else:
return HttpResponseRedirect(ticket.ticket_url) return HttpResponseRedirect(ticket.ticket_url)