holm/django-helpdesk
1
0
Fork 0
forked from extern/django-helpdesk
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merge HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK into HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE

Browse Source
This commit is contained in:
Stefano Brentegani 2014-08-01 07:20:43 +02:00
parent 05647d75ad
commit 4ed8f11754
4 changed files with 18 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/settings.rst
View File

@ -87,17 +87,13 @@ Options that change ticket updates
---------------------------------- ----------------------------------
- **HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE** Allow non-staff users to interact with tickets? - **HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE** Allow non-staff users to interact with tickets?
Set to True to allow any authenticated user to manage tickets.
**Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False`` You can also apply a custom authorisation logic for identifying helpdesk staff members, by setting this to a callable.
In that case, the value should be a function accepting the active user as a parameter and returning True if the user is considered helpdesk staff, e.g.
- **HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK** Apply a custom authorisation logic for identifying helpdesk staff members.
If set, `HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE` will be ignored when determining staff access.
The value should be a function accepting the active user as a parameter and returning True if the user is considered helpdesk
staff, e.g.
lambda u: u.is_authenticated() and u.is_active and u.groups.filter(name='helpdesk_staff').exists())) lambda u: u.is_authenticated() and u.is_active and u.groups.filter(name='helpdesk_staff').exists()))
**Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = None`` **Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False``
- **HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP** Show edit buttons in ticket follow ups? - **HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP** Show edit buttons in ticket follow ups?

4
helpdesk/decorators.py
View File

@ -2,9 +2,9 @@
from django.contrib.auth.decorators import user_passes_test from django.contrib.auth.decorators import user_passes_test
from helpdesk import settings from helpdesk import settings
if settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK: if callable(settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE):
# apply a custom user validation condition # apply a custom user validation condition
is_helpdesk_staff = settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK is_helpdesk_staff = settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE
elif settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE: elif settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE:
# treat 'normal' users like 'staff' # treat 'normal' users like 'staff'
is_helpdesk_staff = lambda u: u.is_authenticated() and u.is_active is_helpdesk_staff = lambda u: u.is_authenticated() and u.is_active

15
helpdesk/settings.py
View File

@ -61,18 +61,11 @@ HELPDESK_SUBMIT_A_TICKET_PUBLIC = getattr(settings, 'HELPDESK_SUBMIT_A_TICKET_PU
''' options for update_ticket views ''' ''' options for update_ticket views '''
# allow non-staff users to interact with tickets? this will also change how 'helpdesk_staff_member_required' # allow non-staff users to interact with tickets?
# in staff.py will be defined. # can be True/False or a callable accepting the active user and returning True if they must be considered helpdesk staff
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = getattr(settings, 'HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE', False) HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = getattr(settings, 'HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE', False)
if not (HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE in (True, False) or callable(HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE)):
# apply a custom authorisation logic when defining 'helpdesk_staff_member_required' in staff.py. warnings.warn("HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE should be set to either True/False or a callable.", RuntimeWarning)
HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = getattr(settings, 'HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK', None)
if not (HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK is None or callable(HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK)):
raise ImproperlyConfigured("HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK must be a callable or None")
if HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK and HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE:
warnings.warn(
"The HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE and HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK settings cannot be both defined. "
"Only HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK will be considered in determining staff access.", RuntimeWarning)
# show edit buttons in ticket follow ups. # show edit buttons in ticket follow ups.
HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP = getattr(settings, 'HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP', True) HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP = getattr(settings, 'HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP', True)

21
helpdesk/tests/navigation.py
View File

@ -39,16 +39,14 @@ class KBDisabledTestCase(TestCase):
class StaffUserTestCaseMixin(object): class StaffUserTestCaseMixin(object):
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False
HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = None
def setUp(self): def setUp(self):
self.old_settings = settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE, settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK self.original_setting = settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE
settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = self.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = self.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE
settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = self.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK
self.reload_views() self.reload_views()
def tearDown(self): def tearDown(self):
settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE, settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = self.old_settings settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = self.original_setting
self.reload_views() self.reload_views()
def reload_views(self): def reload_views(self):
@ -67,7 +65,6 @@ class StaffUserTestCaseMixin(object):
class NonStaffUsersAllowedTestCase(StaffUserTestCaseMixin, TestCase): class NonStaffUsersAllowedTestCase(StaffUserTestCaseMixin, TestCase):
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = True HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = True
HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = None
def test_non_staff_allowed(self): def test_non_staff_allowed(self):
"""If HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE is True, """If HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE is True,
@ -88,7 +85,6 @@ class NonStaffUsersAllowedTestCase(StaffUserTestCaseMixin, TestCase):
class StaffUsersOnlyTestCase(StaffUserTestCaseMixin, TestCase): class StaffUsersOnlyTestCase(StaffUserTestCaseMixin, TestCase):
# Use default values # Use default values
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False
HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = None
def test_non_staff(self): def test_non_staff(self):
"""Non-staff users are correctly identified""" """Non-staff users are correctly identified"""
@ -114,15 +110,15 @@ class StaffUsersOnlyTestCase(StaffUserTestCaseMixin, TestCase):
class CustomStaffUserTestCase(StaffUserTestCaseMixin, TestCase): class CustomStaffUserTestCase(StaffUserTestCaseMixin, TestCase):
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False
@staticmethod @staticmethod
def HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK(user): def custom_staff_filter(user):
"""Arbitrary user validation function""" """Arbitrary user validation function"""
return user.is_authenticated() and user.is_active and user.username.lower().endswith('wensleydale') return user.is_authenticated() and user.is_active and user.username.lower().endswith('wensleydale')
HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = custom_staff_filter
def test_custom_staff_pass(self): def test_custom_staff_pass(self):
"""If HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK is not None, """If HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE is callable,
a custom access rule is applied. a custom access rule is applied.
""" """
from helpdesk.decorators import is_helpdesk_staff from helpdesk.decorators import is_helpdesk_staff
@ -168,16 +164,15 @@ class HomePageAnonymousUserTestCase(TestCase):
class HomePageTestCase(TestCase): class HomePageTestCase(TestCase):
def setUp(self): def setUp(self):
self.previous = settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE, settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK self.original_setting = settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE
settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False
settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = None
try: try:
reload(sys.modules['helpdesk.views.public']) reload(sys.modules['helpdesk.views.public'])
except KeyError: except KeyError:
pass pass
def tearDown(self): def tearDown(self):
settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE, settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = self.previous settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = self.original_setting
reload(sys.modules['helpdesk.views.public']) reload(sys.modules['helpdesk.views.public'])
def assertUserRedirectedToView(self, user, view_name): def assertUserRedirectedToView(self, user, view_name):