mygpo/publisher/auth.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from django.http import HttpResponse, HttpResponseRedirect
  19 from django.contrib.auth import authenticate, login
  20 from mygpo.publisher.models import PodcastPublisher
  21
  22
  23 def require_publisher(protected_view):
  24     def wrapper(request, *args, **kwargs):
  25
  26         if not request.user.is_authenticated():
  27             return HttpResponseRedirect('/login/')
  28
  29         if is_publisher(request.user):
  30             return protected_view(request, *args, **kwargs)
  31
  32         return HttpResponseRedirect('/')
  33
  34     return wrapper
  35
  36
  37 def is_publisher(user):
  38     """
  39     checks if the given user has publisher rights,
  40     ie he is either set as the publisher of at least one podcast,
  41     or he has the staff flag set
  42     """
  43
  44     if not user.is_authenticated():
  45         return False
  46
  47     if user.is_staff:
  48         return True
  49
  50     if PodcastPublisher.objects.filter(user=user).count() > 0:
  51         return True
  52
  53     return False
  54