Add missing import and properly raise PermissionDenied

2023-11-29 10:38:18 +01:00 · 2023-11-29 10:38:18 +01:00 · 3ab341a473
parent 7592bff81e
commit 3ab341a473
2 changed files with 35 additions and 36 deletions
--- a/orchestra/admin/actions.py
+++ b/orchestra/admin/actions.py
@ -1,12 +1,13 @@
 from functools import partial

 from django.contrib import admin
+from django.core.exceptions import PermissionDenied
 from django.core.mail import send_mass_mail
 from django.shortcuts import render
-from django.utils.translation import ngettext, gettext_lazy as _
+from django.utils.translation import gettext_lazy as _
+from django.utils.translation import ngettext

 from .. import settings
-
 from .decorators import action_with_confirmation
 from .forms import SendEmailForm

@ -37,7 +38,7 @@ class SendEmail(object):

    def write_email(self, request):
        if not request.user.is_superuser:
-            raise PermissionDenied
+            raise PermissionDenied()
        initial={
            'email_from': self.default_from,
            'to': ' '.join(self.get_email_addresses())
--- a/orchestra/admin/options.py
+++ b/orchestra/admin/options.py
@ -1,16 +1,16 @@
 from urllib import parse

 from django import forms
-from django.urls import re_path as url
 from django.contrib import admin, messages
 from django.contrib.admin.options import IS_POPUP_VAR
 from django.contrib.admin.utils import unquote
 from django.contrib.auth import update_session_auth_hash
 from django.core.exceptions import PermissionDenied
-from django.http import HttpResponseRedirect, Http404, HttpResponse
 from django.forms.models import BaseInlineFormSet
+from django.http import Http404, HttpResponse, HttpResponseRedirect
 from django.shortcuts import get_object_or_404
 from django.template.response import TemplateResponse
+from django.urls import re_path as url
 from django.utils.decorators import method_decorator
 from django.utils.encoding import force_str
 from django.utils.html import escape
@ -19,14 +19,12 @@ from django.views.decorators.debug import sensitive_post_parameters

 from orchestra.models.utils import has_db_field

-from ..utils.python import random_ascii, pairwise
-
+from ..utils.python import pairwise, random_ascii
 from .forms import AdminPasswordChangeForm
 #, AdminRawPasswordChangeForm
 #from django.contrib.auth.forms import AdminPasswordChangeForm
 from .utils import action_to_view

-
 sensitive_post_parameters_m = method_decorator(sensitive_post_parameters())


@ -256,7 +254,7 @@ class ChangePasswordAdminMixin(object):
    @sensitive_post_parameters_m
    def change_password(self, request, id, form_url=''):
        if not self.has_change_permission(request):
-            raise PermissionDenied
+            raise PermissionDenied()
        # TODO use this insetad of self.get_object(), in other places
        obj = get_object_or_404(self.get_queryset(request), pk=id)
        raw = request.GET.get('raw', '0') == '1'
@ -334,6 +332,6 @@ class ChangePasswordAdminMixin(object):

    def show_hash(self, request, id):
        if not request.user.is_superuser:
-            raise PermissionDenied
+            raise PermissionDenied()
        obj = get_object_or_404(self.get_queryset(request), pk=id)
        return HttpResponse(obj.password)