nofusscomputing/centurion_erp
1
0
Fork 0
Code Issues Wiki Activity

feat(access): during organization permission check, check to ensure user is logged on

Browse Source 
!13
This commit is contained in:
Jon Lockwood
2024-05-29 06:22:24 +09:30
parent 26bea9edb2
commit 7f7f719731
9 changed files with 33 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/access/mixin.py
View File

@ -1,5 +1,5 @@
from django.contrib.auth.mixins import PermissionRequiredMixin
from django.contrib.auth.mixins import AccessMixin, PermissionRequiredMixin
from django.contrib.auth.models import Group
from django.core.exceptions import PermissionDenied
from django.utils.functional import cached_property
@ -148,13 +148,16 @@ class OrganizationMixin():
class OrganizationPermission(OrganizationMixin):
class OrganizationPermission(AccessMixin, OrganizationMixin):
"""checking organization membership"""
def dispatch(self, request, *args, **kwargs):
self.request = request
if not request.user.is_authenticated:
return self.handle_no_permission()
if hasattr(self, 'get_object'):
if not self.has_permission() and not request.user.is_superuser: