nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-13 22:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Redirect if non-staff access the search functions

Browse Source
This commit is contained in:
Andrew Williams
2011-04-10 12:00:48 +01:00
parent 9783844b15
commit 13bb83e7a9
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/sso/views.py
View File

@@ -155,6 +155,9 @@ def service_reset(request, serviceid=0):
def user_view(request, username=None): def user_view(request, username=None):
""" View a user's profile as a admin """ """ View a user's profile as a admin """
if not request.user.is_staff:
return redirect('sso.views.profile')
if username: if username:
try: try:
user = User.objects.get(username=username) user = User.objects.get(username=username)
@@ -181,6 +184,9 @@ def user_lookup(request):
form = UserLookupForm() form = UserLookupForm()
if not request.user.is_staff:
return redirect('sso.views.profile')
if request.method == 'POST': if request.method == 'POST':
form = UserLookupForm(request.POST) form = UserLookupForm(request.POST)
if form.is_valid(): if form.is_valid():