IdHub/idhub/mixins.py

from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth import views as auth_views
from django.urls import reverse_lazy, resolve
from django.utils.translation import gettext_lazy as _
from django.shortcuts import redirect
from django.http import Http404
from django.core.exceptions import PermissionDenied


class Http403(PermissionDenied):
    status_code = 403
    default_detail = _('Permission denied. User is not authenticated')
    default_code = 'forbidden'

    def __init__(self, detail=None, code=None):
        if detail is not None:
            self.detail = details or self.default_details
        if code is not None:
            self.code = code or self.default_code


class UserView(LoginRequiredMixin):
    login_url = "/login/"
    wallet = False

    def get_context_data(self, **kwargs):
        context = super().get_context_data(**kwargs)
        context.update({
            'title': self.title,
            'subtitle': self.subtitle,
            'icon': self.icon,
            'section': self.section,
            'path': resolve(self.request.path).url_name,
            'user': self.request.user,
            'wallet': self.wallet,
        })
        return context


class AdminView(UserView):

    def get(self, request, *args, **kwargs):
        self.check_valid_user()
        return super().get(request, *args, **kwargs)

    def post(self, request, *args, **kwargs):
        self.check_valid_user()
        return super().post(request, *args, **kwargs)

    def check_valid_user(self):
        if not self.request.user.is_admin:
            raise Http403

        if self.request.session.get("2fauth"):
            raise Http403
refactory 2023-10-09 09:44:26 +00:00			`from django.contrib.auth.mixins import LoginRequiredMixin`
			`from django.contrib.auth import views as auth_views`
creating user sections base 2023-10-09 11:43:34 +00:00			`from django.urls import reverse_lazy, resolve`
refactory 2023-10-09 09:44:26 +00:00			`from django.utils.translation import gettext_lazy as _`
			`from django.shortcuts import redirect`
add 403 exception for bad access 2024-01-20 11:26:19 +00:00			`from django.http import Http404`
			`from django.core.exceptions import PermissionDenied`



			`class Http403(PermissionDenied):`
			`status_code = 403`
			`default_detail = _('Permission denied. User is not authenticated')`
			`default_code = 'forbidden'`

			`def __init__(self, detail=None, code=None):`
			`if detail is not None:`
			`self.detail = details or self.default_details`
			`if code is not None:`
			`self.code = code or self.default_code`
refactory 2023-10-09 09:44:26 +00:00

add form for editing profile 2023-10-11 07:52:05 +00:00			`class UserView(LoginRequiredMixin):`
refactory 2023-10-09 09:44:26 +00:00			`login_url = "/login/"`
fix accordion wallet 2023-10-09 16:38:28 +00:00			`wallet = False`
refactory 2023-10-09 09:44:26 +00:00
			`def get_context_data(self, **kwargs):`
			`context = super().get_context_data(**kwargs)`
			`context.update({`
			`'title': self.title,`
creating user sections base 2023-10-09 11:43:34 +00:00			`'subtitle': self.subtitle,`
			`'icon': self.icon,`
			`'section': self.section,`
			`'path': resolve(self.request.path).url_name,`
fix accordion wallet 2023-10-09 16:38:28 +00:00			`'user': self.request.user,`
			`'wallet': self.wallet,`
refactory 2023-10-09 09:44:26 +00:00			`})`
			`return context`


			`class AdminView(UserView):`

add admin view user 2023-10-11 16:08:20 +00:00			`def get(self, request, args, *kwargs):`
add 403 exception for bad access 2024-01-20 11:26:19 +00:00			`self.check_valid_user()`
			`return super().get(request, args, *kwargs)`
refactory 2023-10-09 09:44:26 +00:00
add 403 exception for bad access 2024-01-20 11:26:19 +00:00			`def post(self, request, args, *kwargs):`
			`self.check_valid_user()`
			`return super().post(request, args, *kwargs)`
admin2fauth 2024-01-19 09:59:35 +00:00
add 403 exception for bad access 2024-01-20 11:26:19 +00:00			`def check_valid_user(self):`
			`if not self.request.user.is_admin:`
			`raise Http403`

			`if self.request.session.get("2fauth"):`
			`raise Http403`