11from functools import wraps
22
3- from django .http import HttpResponseRedirect
3+ from django .conf import settings
4+ from django .contrib .auth import REDIRECT_FIELD_NAME
5+ from django .http import HttpResponseRedirect , HttpResponseForbidden
46from django .shortcuts import render_to_response , get_object_or_404
7+ from django .utils .http import urlquote
58
69from ietf .ietfauth .utils import has_role
710from ietf .doc .models import Document
811from ietf .group .models import Group , Role
912from ietf .meeting .models import Session
1013from ietf .secr .utils .meeting import get_timeslot
1114
12-
1315def clear_non_auth (session ):
1416 """
1517 Clears non authentication related keys from the session object
@@ -35,7 +37,7 @@ def inner(request, *args, **kwargs):
3537
3638def check_permissions (func ):
3739 """
38- This decorator checks that the user making the request has access to the
40+ View decorator for checking that the user is logged in and has access to the
3941 object being requested. Expects one of the following four keyword
4042 arguments:
4143
@@ -44,6 +46,9 @@ def check_permissions(func):
4446 meeting_id, slide_id
4547 """
4648 def wrapper (request , * args , ** kwargs ):
49+ if not request .user .is_authenticated ():
50+ return HttpResponseRedirect ('%s?%s=%s' % (settings .LOGIN_URL , REDIRECT_FIELD_NAME , urlquote (request .get_full_path ())))
51+
4752 session = None
4853 # short circuit. secretariat user has full access
4954 if has_role (request .user ,'Secretariat' ):
@@ -74,10 +79,8 @@ def wrapper(request, *args, **kwargs):
7479 return func (request , * args , ** kwargs )
7580
7681 # if we get here access is denied
77- return render_to_response ('unauthorized.html' ,{
78- 'user_name' :login ,
79- 'group_name' :group .acronym }
80- )
82+ return HttpResponseForbidden ("User not authorized to access group: %s" % group .acronym )
83+
8184 return wraps (func )(wrapper )
8285
8386def sec_only (func ):
0 commit comments