Custom logic for determining if the user is considered helpdesk staff.

2024-12-26 16:48:50 +01:00 · 2014-07-20 10:36:24 +02:00 · 2014-07-20 10:36:24 +02:00 · 13830a84e5
commit 13830a84e5
parent 3bd2d67193
3 changed files with 49 additions and 33 deletions
--- a/docs/settings.rst
+++ b/docs/settings.rst
@ -117,6 +117,13 @@ Options that change ticket updates

  **Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = False``

+- **HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK** Apply a custom authorisation logic when defining 'staff_member_required' in staff.py.
+  If set, `HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE` will be ignored when determining staff access.
+  The value should be a function accepting the active user as a parameter and returning True if the user is considered helpdesk
+  staff.
+
+  **Default:** ``HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = None``
+
 - **HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP** Show edit buttons in ticket follow ups?

  **Default:** ``HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP = True``
--- a/helpdesk/settings.py
+++ b/helpdesk/settings.py
@ -2,7 +2,7 @@
 Default settings for django-helpdesk.

 """
-
+import warnings
 from django.conf import settings


@ -64,6 +64,13 @@ HELPDESK_SUBMIT_A_TICKET_PUBLIC = getattr(settings, 'HELPDESK_SUBMIT_A_TICKET_PU
 # in staff.py will be defined.
 HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE = getattr(settings, 'HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE', False)

+# apply a custom authorisation logic when defining 'staff_member_required' in staff.py.
+HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK = getattr(settings, 'HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK', None)
+if HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK and HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE:
+    warnings.warn(
+        "The HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE and HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK settings cannot be both defined. "
+        "Only HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK will be considered in determining staff access.", RuntimeWarning)
+
 # show edit buttons in ticket follow ups.
 HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP = getattr(settings, 'HELPDESK_SHOW_EDIT_BUTTON_FOLLOW_UP', True)

--- a/helpdesk/views/staff.py
+++ b/helpdesk/views/staff.py
@ -40,7 +40,9 @@ from helpdesk.lib import send_templated_mail, query_to_dict, apply_query, safe_t
 from helpdesk.models import Ticket, Queue, FollowUp, TicketChange, PreSetReply, Attachment, SavedSearch, IgnoreEmail, TicketCC, TicketDependency
 from helpdesk import settings as helpdesk_settings

-if helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE:
+if helpdesk_settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK:
+    staff_member_required = user_passes_test(helpdesk_settings.HELPDESK_CUSTOM_STAFF_FILTER_CALLBACK)
+elif helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE:
    # treat 'normal' users like 'staff'
    staff_member_required = user_passes_test(lambda u: u.is_authenticated() and u.is_active)
 else: