me/breccia-mapper
1
0
Fork 0
mirror of https://github.com/Southampton-RSG/breccia-mapper.git synced 2026-03-03 03:17:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: restrict csv exports to staff only

Browse Source
This commit is contained in:
James Graham
2021-05-17 19:29:53 +01:00
parent 48cce12c32
commit 9d14cf4b38
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
export/views/base.py
View File

@@ -1,7 +1,7 @@
import csv
import typing
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.auth.mixins import UserPassesTestMixin
from django.http import HttpResponse
from django.views.generic import TemplateView
from django.views.generic.list import BaseListView
@@ -11,7 +11,12 @@ class QuotedCsv(csv.excel):
quoting = csv.QUOTE_NONNUMERIC
class CsvExportView(LoginRequiredMixin, BaseListView):
class UserIsStaffMixin(UserPassesTestMixin):
def test_func(self) -> typing.Optional[bool]:
return self.request.user.is_staff
class CsvExportView(UserIsStaffMixin, BaseListView):
model = None
serializer_class = None
@@ -29,5 +34,5 @@ class CsvExportView(LoginRequiredMixin, BaseListView):
return response
class ExportListView(LoginRequiredMixin, TemplateView):
class ExportListView(UserIsStaffMixin, TemplateView):
template_name = 'export/export.html'