# HG changeset patch # User rougeronj # Date 1418387966 -3600 # Node ID 19d1264a8974d63e30fdcf024c3085fb4307db5c # Parent f6b3ecaa3c58fdc89448f017ea3b920ad134631b Add Hdabo administration to profile page + protect Hdabo with is_staff decorateor diff -r f6b3ecaa3c58 -r 19d1264a8974 src/hdabo/urls.py --- a/src/hdabo/urls.py Fri Dec 12 11:04:02 2014 +0100 +++ b/src/hdabo/urls.py Fri Dec 12 13:39:26 2014 +0100 @@ -1,7 +1,7 @@ from django.conf.urls import patterns, include, url from django.contrib import admin from django.contrib.auth import urls as auth_url, views as auth_views -from django.contrib.auth.decorators import login_required +from django.contrib.admin.views.decorators import staff_member_required from .views import AddOrUpdateFolder, Folders, SearchDatasheet, DeleteFolder @@ -23,7 +23,7 @@ url(r'^logout/', 'django.contrib.auth.views.logout_then_login'), url(r'^admin/', include(admin.site.urls)), url(r'^search/', include('haystack.urls')), - url(r'^$', 'hdabo.views.home', name='home'), + url(r'^$', 'hdabo.views.home', name='hdabo_home'), url(r'^list/$', 'hdabo.views.orga_list', name='orga_list'), url(r'^list/(?P[\w-]+)$', 'hdabo.views.list_for_orga', name='list_for_orga'), url(r'^list/(?P[\w-]+)/(?P[\w-]+)/$', 'hdabo.views.list_for_orga', name='list_for_orga'), @@ -49,9 +49,9 @@ url(r'^updatetagalias$', 'hdabo.views.update_tag_alias'), url(r'^updatetagcategory$', 'hdabo.views.update_tag_category'), url(r'^ordertagsdatasheet$', 'hdabo.views.reorder_tag_datasheet'), - url(r'^folders/$', login_required(Folders.as_view()), name='folders'), - url(r'^folder/$', login_required(AddOrUpdateFolder.as_view()), name='add_or_update_folder'), - url(r'^folder/(?P[\w-]+)$', login_required(AddOrUpdateFolder.as_view()), name='add_or_update_folder'), + url(r'^folders/$', staff_member_required(Folders.as_view()), name='folders'), + url(r'^folder/$', staff_member_required(AddOrUpdateFolder.as_view()), name='add_or_update_folder'), + url(r'^folder/(?P[\w-]+)$', staff_member_required(AddOrUpdateFolder.as_view()), name='add_or_update_folder'), url(r'^searchajax/$', SearchDatasheet(), name='searchajax'), - url(r'^deletefolder/(?P[\w-]+)$', login_required(DeleteFolder.as_view()), name='delete_folder'), + url(r'^deletefolder/(?P[\w-]+)$', staff_member_required(DeleteFolder.as_view()), name='delete_folder'), ) diff -r f6b3ecaa3c58 -r 19d1264a8974 src/hdabo/views.py --- a/src/hdabo/views.py Fri Dec 12 11:04:02 2014 +0100 +++ b/src/hdabo/views.py Fri Dec 12 13:39:26 2014 +0100 @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- from django.conf import settings -from django.contrib.auth.decorators import login_required #@UnusedImport +from django.contrib.admin.views.decorators import staff_member_required from django.core.paginator import Paginator from django.db import connection from django.db.models import Max, Count, Min @@ -22,12 +22,12 @@ from django.http.response import HttpResponse -@login_required +@staff_member_required def home(request): return render_to_response("home.html", context_instance=RequestContext(request)) -@login_required +@staff_member_required def orga_list(request): orgas = Organisation.objects.all().order_by('name') @@ -55,7 +55,7 @@ context_instance=RequestContext(request)) -@login_required +@staff_member_required def display_datasheet(request, ds_id=None): if ds_id : @@ -135,7 +135,7 @@ context_instance=RequestContext(request)) -@login_required +@staff_member_required def list_for_orga(request, orga_id=None, valid=None, start_index=None): orga = Organisation.objects.get(id=orga_id) @@ -189,7 +189,7 @@ context_instance=RequestContext(request)) -@login_required +@staff_member_required def all_tags(request, num_page=None, nb_by_page=None, sort="+pop", searched=None): # If the view is asked after a form sent with post vars, it means that searched is a post var. @@ -230,7 +230,7 @@ context_instance=RequestContext(request)) -@login_required +@staff_member_required def tag_up_down(request): ds_id = request.POST["datasheet_id"] # post vars new_order and old_order indicate the position (from 1) of the tag in the list. @@ -264,7 +264,7 @@ return get_tag_table(request=request, ds_id=ds_id, valid=0) -@login_required +@staff_member_required def get_tag_table(request=None, ds_id=None, valid=None): ordered_tags = TaggedSheet.objects.filter(datasheet__hda_id=ds_id).order_by('order') @@ -274,7 +274,7 @@ context_instance=RequestContext(request)) -@login_required +@staff_member_required def get_all_tags_table(request, num_page=None, nb_by_page=None, sort="+pop", searched=None): current_page, p, num_page, nb_by_page = get_current_page(num_page, nb_by_page, sort, searched) #@UnusedVariable @@ -328,7 +328,7 @@ return current_page, p, num_page, nb_by_page -@login_required +@staff_member_required def remove_tag_from_list(request=None): ds_id = request.POST["datasheet_id"] @@ -346,7 +346,7 @@ return get_tag_table(request=request, ds_id=ds_id, valid=0) -@login_required +@staff_member_required def modify_tag(request): tag_id = request.POST["id"] @@ -382,7 +382,7 @@ return get_all_tags_table(request=request, num_page=request.POST["num_page"], nb_by_page=request.POST["nb_by_page"], sort=request.POST["sort"], searched=request.POST["searched"]) -@login_required +@staff_member_required def modify_tag_datasheet(request): tag_id = request.POST["id"] @@ -417,7 +417,7 @@ -@login_required +@staff_member_required def reset_wikipedia_info(request): # 2 cases : # - ordered tag for one datasheet : POST["datasheet_id"] is not null @@ -446,7 +446,7 @@ return get_all_tags_table(request=request, num_page=request.POST["num_page"], nb_by_page=request.POST["nb_by_page"], sort=request.POST["sort"], searched=request.POST["searched"]) -@login_required +@staff_member_required def add_tag(request=None): ds_id = request.POST["datasheet_id"] @@ -472,7 +472,7 @@ return get_tag_table(request=request, ds_id=ds_id, valid=0) -@login_required +@staff_member_required def remove_wp_link(request=None): # 2 cases : # - ordered tag for one datasheet : POST["datasheet_id"] is not null @@ -506,7 +506,7 @@ return get_all_tags_table(request=request, num_page=request.POST["num_page"], nb_by_page=request.POST["nb_by_page"], sort=request.POST["sort"], searched=request.POST["searched"]) -@login_required +@staff_member_required def validate_datasheet(request=None, ds_id=None, valid=None): # We set if valid is true of false, function of the url parameters if valid == "1" or valid == "true" or not valid : @@ -535,7 +535,7 @@ return redirect('home') -@login_required +@staff_member_required def update_tag_alias(request): # 2 cases : # - ordered tag for one datasheet : POST["datasheet_id"] is not null @@ -560,7 +560,7 @@ return categories -@login_required +@staff_member_required def update_tag_category(request): tag_id = request.POST["id"] @@ -577,7 +577,7 @@ else : return get_all_tags_table(request=request, num_page=request.POST["num_page"], nb_by_page=request.POST["nb_by_page"], sort=request.POST["sort"], searched=request.POST["searched"]) -@login_required +@staff_member_required def reorder_tag_datasheet(request): ds_id = request.REQUEST['datasheet_id'] diff -r f6b3ecaa3c58 -r 19d1264a8974 src/hdalab/templates/profile_home.html --- a/src/hdalab/templates/profile_home.html Fri Dec 12 11:04:02 2014 +0100 +++ b/src/hdalab/templates/profile_home.html Fri Dec 12 13:39:26 2014 +0100 @@ -38,7 +38,8 @@

{% trans 'Administrer les Renkan' %} / {% trans 'Editorialisation' %} - / {% trans 'Administrer Hdabo' %} + / {% trans 'Administration Hdalab' %} + / {% trans 'Administrer Hdabo' %}

{% endif %}