From: yomguy Date: Wed, 18 Apr 2012 07:47:33 +0000 (+0200) Subject: begin item security middleware, fix pagination X-Git-Tag: 0.2~13 X-Git-Url: https://git.parisson.com/?a=commitdiff_plain;h=5e803b23fcde7d13206fcf78f705d69ece5ac893;p=teleforma.git begin item security middleware, fix pagination --- diff --git a/teleforma/middleware.py b/teleforma/middleware.py index 2dd2e6ec..628eff30 100644 --- a/teleforma/middleware.py +++ b/teleforma/middleware.py @@ -2,7 +2,7 @@ from telemeta.models.system import * from teleforma.models import * -class OnlyOneUserMiddleware(object): +class OnlyOneUser(object): def process_request(self, request): if not request.user.is_anonymous(): @@ -18,8 +18,25 @@ class OnlyOneUserMiddleware(object): profile.save() -class ExportSecurity(object): +class ItemExportSecurity(object): - def process_view(self, item_export): - pass - + def process_view(self, request, ItemView.item_export, *args, **kwargs): + id = args[0] + ext = args[1] + item = MediaItem.objects.get(public_id=id) + student = request.user.student.all() + if student: + courses = request.user.student.get().training.courses.all() + media = item.media.all() + if media: + media_courses = media.course.all() + for course in media_courses: + if not course in courses: + return 404 + else: + return None + else: + return None + else: + return None + diff --git a/teleforma/views.py b/teleforma/views.py index 67ea4642..c4fa8022 100755 --- a/teleforma/views.py +++ b/teleforma/views.py @@ -158,11 +158,11 @@ class UsersView(ListView): model = User template_name='telemeta/users.html' context_object_name = 'users' - paginate_by = 12 + #paginate_by = 12 def get_queryset(self): return User.objects.all().select_related(depth=1).order_by('last_name') - + def get_context_data(self, **kwargs): context = super(UsersView, self).get_context_data(**kwargs) context['trainings'] = Training.objects.all()