From c70cf04e4df934416cab56e2bde8b76b082cb915 Mon Sep 17 00:00:00 2001 From: Garret Wassermann Date: Thu, 19 Jul 2018 00:06:57 -0400 Subject: [PATCH] Fix codestyle errors, use currying instead of lambdas for determing user access --- helpdesk/decorators.py | 28 ++++++++++++++++++++++++---- helpdesk/lib.py | 16 ++++++++-------- helpdesk/models.py | 1 + helpdesk/tests/helpers.py | 4 ++-- helpdesk/views/staff.py | 2 +- 5 files changed, 36 insertions(+), 15 deletions(-) diff --git a/helpdesk/decorators.py b/helpdesk/decorators.py index 6632d1c3..c71b6aa7 100644 --- a/helpdesk/decorators.py +++ b/helpdesk/decorators.py @@ -7,17 +7,38 @@ from django.contrib.auth.decorators import user_passes_test from helpdesk import settings as helpdesk_settings + +def check_staff_status(check_staff=False): + """ + Somewhat ridiculous currying to check user permissions without using lambdas. + The function most only take one User parameter at the end for use with + the Django function user_passes_test. + """ + def check_superuser_status(check_superuser): + def check_user_status(u): + is_ok = u.is_authenticated and u.is_active + if check_staff: + return is_ok and u.is_staff + elif check_superuser: + return is_ok and u.is_superuser + else: + return is_ok + return check_user_status + return check_superuser_status + + if callable(helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE): # apply a custom user validation condition is_helpdesk_staff = helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE elif helpdesk_settings.HELPDESK_ALLOW_NON_STAFF_TICKET_UPDATE: # treat 'normal' users like 'staff' - is_helpdesk_staff = lambda u: u.is_authenticated and u.is_active + is_helpdesk_staff = check_staff_status(False)(False) else: - is_helpdesk_staff = lambda u: u.is_authenticated and u.is_active and u.is_staff + is_helpdesk_staff = check_staff_status(True)(False) helpdesk_staff_member_required = user_passes_test(is_helpdesk_staff) -helpdesk_superuser_required = user_passes_test(lambda u: u.is_authenticated and u.is_active and u.is_superuser) +helpdesk_superuser_required = user_passes_test(check_staff_status(False)(True)) + def protect_view(view_func): """ @@ -33,4 +54,3 @@ def protect_view(view_func): return view_func(request, *args, **kwargs) return _wrapped_view - diff --git a/helpdesk/lib.py b/helpdesk/lib.py index 52b4b67c..df9a57d8 100644 --- a/helpdesk/lib.py +++ b/helpdesk/lib.py @@ -11,6 +11,14 @@ import mimetypes import os from smtplib import SMTPException +from django.conf import settings +from django.db.models import Q +from django.utils import six +from django.utils.encoding import smart_text +from django.utils.safestring import mark_safe + +from helpdesk.models import Attachment, EmailTemplate + import six if six.PY3: @@ -20,14 +28,6 @@ else: from base64 import urlsafe_b64encode as b64encode from base64 import urlsafe_b64decode as b64decode -from django.conf import settings -from django.db.models import Q -from django.utils import six -from django.utils.encoding import smart_text -from django.utils.safestring import mark_safe - -from helpdesk.models import Attachment, EmailTemplate - logger = logging.getLogger('helpdesk') diff --git a/helpdesk/models.py b/helpdesk/models.py index 855c41aa..6b166d7a 100644 --- a/helpdesk/models.py +++ b/helpdesk/models.py @@ -21,6 +21,7 @@ import re import six + @python_2_unicode_compatible class Queue(models.Model): """ diff --git a/helpdesk/tests/helpers.py b/helpdesk/tests/helpers.py index b7582c60..e0f53150 100644 --- a/helpdesk/tests/helpers.py +++ b/helpdesk/tests/helpers.py @@ -2,10 +2,10 @@ import sys from django.contrib.auth import get_user_model -User = get_user_model() - from helpdesk.models import Ticket, Queue, UserSettings +User = get_user_model() + def get_staff_user(username='helpdesk.staff', password='password'): try: diff --git a/helpdesk/views/staff.py b/helpdesk/views/staff.py index 9314967a..bb63e2dd 100644 --- a/helpdesk/views/staff.py +++ b/helpdesk/views/staff.py @@ -500,7 +500,7 @@ def update_ticket(request, ticket_id, public=False): f.title = _('Updated') f.save() - + files = [] if request.FILES: files = process_attachments(f, request.FILES.getlist('attachment'))