Add some convenient functions for protecting views in custom installations

2024-11-24 00:43:21 +01:00 · 2024-02-18 10:04:01 +01:00 · 2024-02-18 10:04:01 +01:00 · b1b83cd593
commit b1b83cd593
parent f379bbe80e
2 changed files with 12 additions and 0 deletions
--- a/helpdesk/decorators.py
+++ b/helpdesk/decorators.py
@ -49,6 +49,8 @@ def protect_view(view_func):
            return redirect('helpdesk:login')
        elif not request.user.is_authenticated and helpdesk_settings.HELPDESK_ANON_ACCESS_RAISES_404:
            raise Http404
+        if auth_redirect := helpdesk_settings.HELPDESK_PUBLIC_VIEW_PROTECTOR(request):
+            return auth_redirect
        return view_func(request, *args, **kwargs)

    return _wrapped_view
@ -65,6 +67,8 @@ def staff_member_required(view_func):
            return redirect('helpdesk:login')
        if not helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE and not request.user.is_staff:
            raise PermissionDenied()
+        if auth_redirect := helpdesk_settings.HELPDESK_STAFF_VIEW_PROTECTOR(request):
+            return auth_redirect
        return view_func(request, *args, **kwargs)

    return _wrapped_view
--- a/helpdesk/settings.py
+++ b/helpdesk/settings.py
@ -47,6 +47,14 @@ HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT = getattr(settings,
                                                'HELPDESK_REDIRECT_TO_LOGIN_BY_DEFAULT',
                                                False)

+HELPDESK_PUBLIC_VIEW_PROTECTOR = getattr(settings,
+                                         'HELPDESK_PUBLIC_VIEW_PROTECTOR',
+                                         lambda _: None)
+
+HELPDESK_STAFF_VIEW_PROTECTOR = getattr(settings,
+                                         'HELPDESK_STAFF_VIEW_PROTECTOR',
+                                         lambda _: None)
+
 # Enable the Dependencies field on ticket view
 HELPDESK_ENABLE_DEPENDENCIES_ON_TICKET = getattr(settings,
                                                 'HELPDESK_ENABLE_DEPENDENCIES_ON_TICKET',