forked from extern/django-helpdesk
Merge pull request #558 from msaelices/feat-raise-404-if-anon
Feat raise 404 if anon
This commit is contained in:
commit
004478f6e4
23
helpdesk/decorators.py
Normal file
23
helpdesk/decorators.py
Normal file
@ -0,0 +1,23 @@
|
||||
from functools import wraps
|
||||
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.http import HttpResponseRedirect, Http404
|
||||
from django.utils.decorators import available_attrs
|
||||
|
||||
from helpdesk import settings as helpdesk_settings
|
||||
|
||||
|
||||
def protect_view(view_func):
|
||||
"""
|
||||
Decorator for protecting the views checking user, redirecting
|
||||
to the log-in page if necessary or returning 404 status code
|
||||
"""
|
||||
@wraps(view_func, assigned=available_attrs(view_func))
|
||||
def _wrapped_view(request, *args, **kwargs):
|
||||
if not request.user.is_authenticated() and helpdesk_settings.HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT:
|
||||
return HttpResponseRedirect(reverse('helpdesk:login'))
|
||||
elif not request.user.is_authenticated() and helpdesk_settings.HELPDESK_ANON_ACCESS_RAISES_404:
|
||||
raise Http404
|
||||
return view_func(request, *args, **kwargs)
|
||||
|
||||
return _wrapped_view
|
@ -32,6 +32,11 @@ HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT = getattr(settings,
|
||||
'HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT',
|
||||
False)
|
||||
|
||||
# raises a 404 to anon users. It's like it was invisible
|
||||
HELPDESK_ANON_ACCESS_RAISES_404 = getattr(settings,
|
||||
'HELPDESK_ANON_ACCESS_RAISES_404',
|
||||
False)
|
||||
|
||||
# show knowledgebase links?
|
||||
HELPDESK_KB_ENABLED = getattr(settings, 'HELPDESK_KB_ENABLED', True)
|
||||
|
||||
|
@ -14,15 +14,14 @@ from django.utils.http import urlquote
|
||||
from django.utils.translation import ugettext as _
|
||||
|
||||
from helpdesk import settings as helpdesk_settings
|
||||
from helpdesk.decorators import protect_view
|
||||
from helpdesk.forms import PublicTicketForm
|
||||
from helpdesk.lib import text_is_spam
|
||||
from helpdesk.models import Ticket, Queue, UserSettings, KBCategory
|
||||
|
||||
|
||||
@protect_view
|
||||
def homepage(request):
|
||||
if not request.user.is_authenticated() and helpdesk_settings.HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT:
|
||||
return HttpResponseRedirect(reverse('helpdesk:login'))
|
||||
|
||||
if request.user.is_staff or \
|
||||
(request.user.is_authenticated() and
|
||||
helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE):
|
||||
@ -74,6 +73,7 @@ def homepage(request):
|
||||
})
|
||||
|
||||
|
||||
@protect_view
|
||||
def view_ticket(request):
|
||||
ticket_req = request.GET.get('ticket', None)
|
||||
email = request.GET.get('email', None)
|
||||
|
@ -14,7 +14,6 @@ from django.contrib.auth import get_user_model
|
||||
from django.contrib.auth.decorators import user_passes_test
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.core.exceptions import ValidationError, PermissionDenied
|
||||
from django.core import paginator
|
||||
from django.db import connection
|
||||
from django.db.models import Q
|
||||
from django.http import HttpResponseRedirect, Http404, HttpResponse
|
||||
@ -93,7 +92,6 @@ def dashboard(request):
|
||||
showing ticket counts by queue/status, and a list of unassigned tickets
|
||||
with options for them to 'Take' ownership of said tickets.
|
||||
"""
|
||||
|
||||
# open & reopened tickets, assigned to current user
|
||||
tickets = Ticket.objects.select_related('queue').filter(
|
||||
assigned_to=request.user,
|
||||
|
Loading…
Reference in New Issue
Block a user