TTMK/web2.0-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added accesscontrol to infoscreen admin

Browse Source
This commit is contained in:
okalintu
2016-09-27 14:35:52 +03:00
parent 08f85d4211
commit 96f525ff01
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
infoscreen/views.py
+7
View File
@@ -3,6 +3,7 @@ from django.http import HttpResponse,HttpResponseBadRequest
from django.views.decorators.csrf import ensure_csrf_cookie
from django.views.decorators.http import require_http_methods
from django.contrib.contenttypes.models import ContentType
from django.contrib.auth.decorators import permission_required
from django.utils import timezone
from infoscreen.models import ABBJob, Rotation, InfoItem, InfoInstance
@@ -11,9 +12,11 @@ from infoscreen.models import ImageUploadForm
from datetime import datetime, timedelta
import json
def index(request,idx, *args, **kwargs):
return render(request, 'infoscreen_index.html',{'rotation':idx})
@permission_required('infoscreen.change_infoinstance', login_url='/login')
def admin(request, *args, **kwargs):
return render(request,'infoscreen_admin.html',{})
@@ -47,6 +50,7 @@ def rotation(request, idx, *args, **kwargs):
def itemCreator(model):
@ensure_csrf_cookie
@require_http_methods(["POST"])
@permission_required('infoscreen.change_infoinstance', login_url='/login')
def createItem(request,*args, **kwargs):
try:
data = json.loads(request.body.decode("utf-8"))
@@ -62,6 +66,7 @@ def itemCreator(model):
def itemDeletor(model):
@ensure_csrf_cookie
@require_http_methods(["DELETE"])
@permission_required('infoscreen.change_infoinstance', login_url='/login')
def deleteItem(request,*args, **kwargs):
idx = kwargs.pop("idx", 0)
try:
@@ -81,6 +86,7 @@ def itemDeletor(model):
# due to model structure this is little complicated
@ensure_csrf_cookie
@permission_required('infoscreen.change_infoinstance', login_url='/login')
@require_http_methods(["DELETE"])
def deleteInfoItem(request,*args, **kwargs):
type_id = kwargs.pop("type_id", 0)
@@ -125,6 +131,7 @@ def infoItems(request, *args, **kwargs):
return HttpResponse(json.dumps(items))
@require_http_methods(["POST"])
@permission_required('infoscreen.change_infoinstance', login_url='/login')
def createImageItem(request, *args, **kwargs):
form = ImageUploadForm(request.POST,request.FILES)
if not form.is_valid():