only admin users can see admin pages

This commit is contained in:
Cayo Puigdefabregas 2024-10-11 17:15:37 +02:00
parent 59d99fa434
commit 0c36e12da6
1 changed files with 15 additions and 7 deletions

View File

@ -7,11 +7,19 @@ from django.views.generic.edit import (
UpdateView, UpdateView,
DeleteView, DeleteView,
) )
from dashboard.mixins import DashboardView from dashboard.mixins import DashboardView, Http403
from user.models import User, Institution from user.models import User, Institution
class PanelView(DashboardView, TemplateView): class AdminView(DashboardView):
def get(self, *args, **kwargs):
response = super().get(*args, **kwargs)
if not self.request.user.is_admin:
raise Http403
return response
class PanelView(AdminView, TemplateView):
template_name = "admin_panel.html" template_name = "admin_panel.html"
title = _("Admin") title = _("Admin")
breadcrumb = _("admin") + " /" breadcrumb = _("admin") + " /"
@ -21,7 +29,7 @@ class PanelView(DashboardView, TemplateView):
return context return context
class UsersView(DashboardView, TemplateView): class UsersView(AdminView, TemplateView):
template_name = "admin_users.html" template_name = "admin_users.html"
title = _("Users") title = _("Users")
breadcrumb = _("admin / Users") + " /" breadcrumb = _("admin / Users") + " /"
@ -34,7 +42,7 @@ class UsersView(DashboardView, TemplateView):
return context return context
class CreateUserView(DashboardView, CreateView): class CreateUserView(AdminView, CreateView):
template_name = "user.html" template_name = "user.html"
title = _("User") title = _("User")
breadcrumb = _("admin / User") + " /" breadcrumb = _("admin / User") + " /"
@ -53,7 +61,7 @@ class CreateUserView(DashboardView, CreateView):
return response return response
class DeleteUserView(DashboardView, DeleteView): class DeleteUserView(AdminView, DeleteView):
template_name = "delete_user.html" template_name = "delete_user.html"
title = _("Delete user") title = _("Delete user")
breadcrumb = "admin / Delete user" breadcrumb = "admin / Delete user"
@ -70,7 +78,7 @@ class DeleteUserView(DashboardView, DeleteView):
return response return response
class EditUserView(DashboardView, UpdateView): class EditUserView(AdminView, UpdateView):
template_name = "user.html" template_name = "user.html"
title = _("Edit user") title = _("Edit user")
breadcrumb = "admin / Edit user" breadcrumb = "admin / Edit user"
@ -89,7 +97,7 @@ class EditUserView(DashboardView, UpdateView):
return kwargs return kwargs
class InstitutionView(DashboardView, UpdateView): class InstitutionView(AdminView, UpdateView):
template_name = "institution.html" template_name = "institution.html"
title = _("Edit institution") title = _("Edit institution")
section = "admin" section = "admin"