me/breccia-mapper
1
0
Fork 0
mirror of https://github.com/Southampton-RSG/breccia-mapper.git synced 2026-03-03 03:17:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: restrict csv exports to staff only

Browse Source
This commit is contained in:
James Graham
2021-05-17 19:29:53 +01:00
parent 48cce12c32
commit 9d14cf4b38
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
export/views/base.py
View File

@@ -1,7 +1,7 @@
import csv import csv
import typing import typing
from django.contrib.auth.mixins import LoginRequiredMixin from django.contrib.auth.mixins import UserPassesTestMixin
from django.http import HttpResponse from django.http import HttpResponse
from django.views.generic import TemplateView from django.views.generic import TemplateView
from django.views.generic.list import BaseListView from django.views.generic.list import BaseListView
@@ -11,7 +11,12 @@ class QuotedCsv(csv.excel):
quoting = csv.QUOTE_NONNUMERIC quoting = csv.QUOTE_NONNUMERIC
class CsvExportView(LoginRequiredMixin, BaseListView): class UserIsStaffMixin(UserPassesTestMixin):
def test_func(self) -> typing.Optional[bool]:
return self.request.user.is_staff
class CsvExportView(UserIsStaffMixin, BaseListView):
model = None model = None
serializer_class = None serializer_class = None
@@ -29,5 +34,5 @@ class CsvExportView(LoginRequiredMixin, BaseListView):
return response return response
class ExportListView(LoginRequiredMixin, TemplateView): class ExportListView(UserIsStaffMixin, TemplateView):
template_name = 'export/export.html' template_name = 'export/export.html'