Skip to content

Commit ab2dd0c

Browse files
edmondsgarrettGarrett Edmonds
and
Garrett Edmonds
authored
bug/WP-459: Fix dispatch for reaching submitter admin's list registrations page (#264)
* Prevent use of RegistrationTable's dispatch() method * Added general use function for checking user groups * Replace use of get_user_role with has_groups * Remove some logging used for testing --------- Co-authored-by: Garrett Edmonds <[email protected]>
1 parent 2f21908 commit ab2dd0c

File tree

3 files changed

+10
-4
lines changed

3 files changed

+10
-4
lines changed

apcd-cms/src/apps/registrations/views.py

+2-1
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@
22
from apps.utils.apcd_groups import has_apcd_group
33
from apps.utils.registrations_data_formatting import _set_registration
44
from apps.submitter_renewals_listing.views import get_submitter_code
5+
from apps.utils.apcd_groups import has_groups
56
from django.conf import settings
67
from django.http import HttpResponse, HttpResponseRedirect
78
from django.template import loader
@@ -25,7 +26,7 @@ def get(self, request):
2526
formatted_reg_data = []
2627
renew = False
2728
reg_id = request.GET.get('reg_id', None)
28-
if reg_id and (apcd_database.get_user_role(request.user.username) in ['APCD_ADMIN', 'SUBMITTER_ADMIN']):
29+
if reg_id and (has_groups(request.user, ['APCD_ADMIN', 'SUBMITTER_ADMIN'])):
2930
try:
3031
response = get_submitter_code(request.user)
3132
submitter_code = json.loads(response.content)['submitter_code']

apcd-cms/src/apps/submitter_renewals_listing/views.py

+4-3
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
from django.http import HttpResponse, HttpResponseRedirect, JsonResponse
22
from django.template import loader
3-
from apps.utils.apcd_database import get_registrations, get_registration_contacts, get_user_role, get_submitter_info, get_registration_entities
3+
from apps.utils.apcd_database import get_registrations, get_registration_contacts, get_submitter_info, get_registration_entities
4+
from apps.utils.apcd_groups import has_groups
45
from apps.admin_regis_table.views import RegistrationsTable
56
import logging
67
import json
@@ -31,9 +32,9 @@ def get(self, request, *args, **kwargs):
3132
return HttpResponse(template.render(context, request))
3233

3334
def dispatch(self, request, *args, **kwargs):
34-
if not request.user.is_authenticated or not (get_user_role(request.user.username) in ['APCD_ADMIN', 'SUBMITTER_ADMIN']):
35+
if not request.user.is_authenticated or not (has_groups(request.user, ['APCD_ADMIN', 'SUBMITTER_ADMIN'])):
3536
return HttpResponseRedirect('/')
36-
return super(SubmittersTable, self).dispatch(request, *args, **kwargs)
37+
return super(RegistrationsTable, self).dispatch(request, *args, **kwargs)
3738

3839
def get_context_data(self, registrations_content, registrations_entities, registrations_contacts, *args, **kwargs):
3940
registrations_entities = []

apcd-cms/src/apps/utils/apcd_groups.py

+4
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,7 @@ def has_apcd_group(user):
66

77
def is_apcd_admin(user):
88
return user.groups.filter(name='APCD_ADMIN').exists()
9+
10+
def has_groups(user, groups):
11+
return len([user_group for user_group in user.groups.all() if user_group.name in groups]) > 0 # if user has permission group(s) in requested list, this
12+
# intersection's length should be non-zero

0 commit comments

Comments
 (0)