nikdoof/test-auth
1
0
Fork 0
mirror of https://github.com/nikdoof/test-auth.git synced 2025-12-14 06:42:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Do permission checking on blacklisting

Browse Source
This commit is contained in:
Andrew Williams
2011-10-01 11:16:18 +01:00
parent 95e788b98a
commit ff0b0b487b
1 changed files with 5 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/hr/views.py
View File

@@ -323,8 +323,11 @@ class HrBlacklistUser(FormView):
form_class = BlacklistUserForm
def dispatch(self, request, *args, **kwargs):
self.blacklist_user = get_object_or_404(User, id=kwargs.get('userid'))
return super(HrBlacklistUser, self).dispatch(request, *args, **kwargs)
if request.user.has_perm('hr.add_blacklist'):
self.blacklist_user = get_object_or_404(User, id=kwargs.get('userid'))
return super(HrBlacklistUser, self).dispatch(request, *args, **kwargs)
else:
raise Http404
def get_context_data(self, **kwargs):
context = super(HrBlacklistUser, self).get_context_data(**kwargs)