[TASK] Add a simple middleware that enforces the active project id.
This commit is contained in:
parent
c9eb70e3da
commit
714ff880b7
|
@ -60,6 +60,7 @@ MIDDLEWARE_CLASSES = (
|
|||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||||
'frontend.proxy.EnforceActiveProjectProxy',
|
||||
)
|
||||
|
||||
ROOT_URLCONF = 'citavi_mapper.urls'
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
|
||||
from django.http import HttpResponse, HttpResponseRedirect
|
||||
|
||||
class EnforceActiveProjectProxy():
|
||||
|
||||
def do_debug_output(self, request, *args, **kwargs):
|
||||
print "\n########## <session> ##########"
|
||||
print ',\n'.join("%s: %s" % item for item in request.session.items())
|
||||
print "########## </session> ##########"
|
||||
print "\n########## <request> ##########"
|
||||
print ',\n'.join("%s: %s" % item for item in vars(request).items())
|
||||
print "########## </request> ##########"
|
||||
print "\n########## <args> ##########"
|
||||
print args
|
||||
print "########## </args> ##########"
|
||||
print "\n########## <kwargs> ##########"
|
||||
print kwargs
|
||||
print "########## </kwargs> ##########\n"
|
||||
|
||||
def do_project_id_check(self, request, *args, **kwargs):
|
||||
# kwargs project_id AND path project_id have to match!
|
||||
print request.path
|
||||
try:
|
||||
project_id_arg = args[2][u'project_id']
|
||||
if request.session[u'project_id'] != None:
|
||||
print "Active project ID: " + request.session[u'project_id']
|
||||
if project_id_arg != request.session[u'project_id']:
|
||||
return HttpResponse("<proxy> You tried to work on a project with ID " + project_id_arg + ", but your active project id is " + request.session['project_id'] + ".")
|
||||
except KeyError:
|
||||
print "No project attribute set."
|
||||
return None
|
||||
|
||||
def process_view(self, request, *args, **kwargs):
|
||||
print "\n########## <EnforceActiveProjectProxy:process_view> ##########"
|
||||
self.do_debug_output(request, *args, **kwargs)
|
||||
print "########## </EnforceActiveProjectProxy:process_view> ##########\n"
|
||||
return self.do_project_id_check(request, *args, **kwargs)
|
||||
|
||||
|
||||
""" def process_request(self, request, *args, **kwargs):
|
||||
return None
|
||||
print "\n########## <EnforceActiveProjectProxy:process_request> ##########"
|
||||
self.do_debug_output(request, *args, **kwargs)
|
||||
print "########## </EnforceActiveProjectProxy:process_request> ##########\n"
|
||||
return None
|
||||
"""
|
||||
|
|
@ -3,7 +3,6 @@
|
|||
{% load crispy_forms_tags %}
|
||||
{% endblock %}
|
||||
{% block navbar-header %}
|
||||
{{block.super}}
|
||||
<li><a href="{% url 'frontend-leave-project-detail' request.session.project_id %}">Leave Project</a></li>
|
||||
{% endblock %}
|
||||
{% block content %}
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<td>{{project.id}}</td>
|
||||
<td>{{project.name}}</td>
|
||||
<td>{{project.description}}</td>
|
||||
<td><a href="{% url 'frontend-project-detail' project.id %}">Enter project</a></td>
|
||||
<td><a href="{% url 'frontend-enter-project-detail' project.id %}">Enter project</a></td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
|
||||
|
||||
from django.http import HttpResponse, HttpResponseRedirect
|
||||
from django.views.generic import TemplateView, FormView, CreateView, UpdateView
|
||||
from django.views.generic.detail import SingleObjectMixin
|
||||
|
@ -89,7 +88,7 @@ class ProtectedUpdateView(LoggedInMixin, MyUpdateView):
|
|||
def enterProject(request, project_id=None):
|
||||
try:
|
||||
if request.session['project_id'] != project_id:
|
||||
return HttpResponse("Please leave your current project - Project ID " + request.session['project_id'] + " is still active.")
|
||||
return HttpResponse("<enterProject> Please leave your current project - Project ID " + request.session['project_id'] + " is still active.")
|
||||
except KeyError:
|
||||
pass
|
||||
request.session['project_id'] = project_id
|
||||
|
@ -100,7 +99,7 @@ def leaveProject(request, project_id=None):
|
|||
if request.session['project_id'] == project_id:
|
||||
del request.session['project_id']
|
||||
else:
|
||||
return HttpResponse("You tried to leave project with ID " + project_id + ", but your active project id is " + request.session['project_id'] + ".")
|
||||
return HttpResponse("<leaveProject> You tried to leave project with ID " + project_id + ", but your active project id is " + request.session['project_id'] + ".")
|
||||
except KeyError:
|
||||
pass
|
||||
return HttpResponseRedirect('/projects/')
|
||||
|
@ -130,7 +129,7 @@ class ProjectView(ProtectedFormView, SingleObjectMixin):
|
|||
form_class = FileUploadForm
|
||||
|
||||
success_url = '/projects/'
|
||||
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
project_id = kwargs[u'project_id']
|
||||
self.object = Project.objects.get(pk=project_id)
|
||||
|
|
Loading…
Reference in New Issue