arona/PyRIGS
1
0
Fork 0
mirror of https://github.com/nottinghamtec/PyRIGS.git synced 2026-01-23 00:12:15 +00:00
Code Issues Projects Releases Wiki Activity

Require users to have nottinghamtec.co.uk address before allowing them to send messages to clients

Browse Source
This commit is contained in:
David Taylor
2017-05-10 15:39:13 +01:00
parent 6b05938953
commit 286e4314f5
4 changed files with 47 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
PyRIGS/decorators.py
View File

@@ -79,3 +79,17 @@ def api_key_required(function):
return error_resp return error_resp
return function(request, *args, **kwargs) return function(request, *args, **kwargs)
return wrap return wrap
def nottinghamtec_address_required(function):
"""
Checks that the current user has an email address ending @nottinghamtec.co.uk
"""
def wrap(request, *args, **kwargs):
# Fail if current user's email address isn't @nottinghamtec.co.uk
if not request.user.email.endswith('@nottinghamtec.co.uk'):
error_resp = render_to_response('RIGS/eventauthorisation_request_error.html', context_instance=RequestContext(request))
return error_resp
return function(request, *args, **kwargs)
return wrap

9
RIGS/rigboard.py
View File

@@ -16,12 +16,14 @@ from django.http import HttpResponse
from django.core.exceptions import SuspiciousOperation from django.core.exceptions import SuspiciousOperation
from django.db.models import Q from django.db.models import Q
from django.contrib import messages from django.contrib import messages
from django.utils.decorators import method_decorator
from z3c.rml import rml2pdf from z3c.rml import rml2pdf
from PyPDF2 import PdfFileMerger, PdfFileReader from PyPDF2 import PdfFileMerger, PdfFileReader
import simplejson import simplejson
import premailer import premailer
from RIGS import models, forms from RIGS import models, forms
from PyRIGS import decorators
import datetime import datetime
import re import re
import copy import copy
@@ -289,12 +291,15 @@ class EventAuthorise(generic.UpdateView):
"This URL is invalid. Please ask your TEC contact for a new URL") "This URL is invalid. Please ask your TEC contact for a new URL")
return super(EventAuthorise, self).dispatch(request, *args, **kwargs) return super(EventAuthorise, self).dispatch(request, *args, **kwargs)
class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMixin): class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMixin):
model = models.Event model = models.Event
form_class = forms.EventAuthorisationRequestForm form_class = forms.EventAuthorisationRequestForm
template_name = 'RIGS/eventauthorisation_request.html' template_name = 'RIGS/eventauthorisation_request.html'
@method_decorator(decorators.nottinghamtec_address_required)
def dispatch(self, *args, **kwargs):
return super(EventAuthorisationRequest, self).dispatch(*args, **kwargs)
@property @property
def object(self): def object(self):
return self.get_object() return self.get_object()
@@ -334,7 +339,7 @@ class EventAuthorisationRequest(generic.FormView, generic.detail.SingleObjectMix
"N%05d | %s - Event Authorisation Request" % (self.object.pk, self.object.name), "N%05d | %s - Event Authorisation Request" % (self.object.pk, self.object.name),
get_template("RIGS/eventauthorisation_client_request.txt").render(context), get_template("RIGS/eventauthorisation_client_request.txt").render(context),
to=[email], to=[email],
reply_to=[settings.AUTHORISATION_NOTIFICATION_ADDRESS], reply_to=[self.request.user.email],
) )
css = staticfiles_storage.path('css/email.css') css = staticfiles_storage.path('css/email.css')
html = premailer.Premailer(get_template("RIGS/eventauthorisation_client_request.html").render(context), html = premailer.Premailer(get_template("RIGS/eventauthorisation_client_request.html").render(context),

15
RIGS/templates/RIGS/eventauthorisation_request_error.html Normal file
View File

@@ -0,0 +1,15 @@
{% extends request.is_ajax|yesno:'base_ajax.html,base.html' %}
{% load widget_tweaks %}
{% block title %}NottinghamTEC Email Address Required{% endblock %}
{% block content %}
<div class="row">
<div class="col-sm-12">
<div class="alert alert-warning">
<h1>An error occured.</h1>
<p>Your RIGS account must have an @nottinghamtec.co.uk email address before you can send emails to clients.</p>
</div>
</div>
</div>
{% endblock %}

12
RIGS/test_functional.py
View File

@@ -1054,7 +1054,7 @@ class TECEventAuthorisationTest(TestCase):
first_name='Test', first_name='Test',
last_name='TEC User', last_name='TEC User',
username='eventauthtest', username='eventauthtest',
email='teccie@functional.test', email='teccie@nottinghamtec.co.uk',
is_superuser=True # lazily grant all permissions is_superuser=True # lazily grant all permissions
)[0] )[0]
cls.profile.set_password('eventauthtest123') cls.profile.set_password('eventauthtest123')
@@ -1073,6 +1073,16 @@ class TECEventAuthorisationTest(TestCase):
) )
self.url = reverse('event_authorise_request', kwargs={'pk': self.event.pk}) self.url = reverse('event_authorise_request', kwargs={'pk': self.event.pk})
def test_email_check(self):
self.profile.email = 'teccie@someotherdomain.com'
self.profile.save()
self.assertTrue(self.client.login(username=self.profile.username, password='eventauthtest123'))
response = self.client.post(self.url)
self.assertContains(response, 'must have an @nottinghamtec.co.uk email address')
def test_request_send(self): def test_request_send(self):
self.assertTrue(self.client.login(username=self.profile.username, password='eventauthtest123')) self.assertTrue(self.client.login(username=self.profile.username, password='eventauthtest123'))
response = self.client.post(self.url) response = self.client.post(self.url)