import functools
-from django.http import HttpResponseForbidden
+from django.contrib.auth.views import redirect_to_login
from django.shortcuts import get_object_or_404
+import django.views.defaults
from .models import XGroup, Membership
def wrapped_view_func(request, group_slug, *args, **kwargs):
group = get_object_or_404(XGroup, short=group_slug)
if not request.user.is_authenticated():
- return HttpResponseForbidden()
+ return redirect_to_login(request.build_absolute_uri())
- try:
- membership = request.user.memberships.get(
+ # A superuser is admin of every group, but there is no membership in the database
+ if request.user.is_superuser:
+ membership = Membership(
xgroup=group,
- level__gte=self.level,
- state='enabled',
- )
- except Membership.DoesNotExist:
- membership = None
+ user=request.user,
+ level=Membership.LEVEL_ADMIN,
+ state='enabled')
+ else:
+ try:
+ membership = request.user.memberships.get(
+ xgroup=group,
+ level__gte=self.level,
+ state='enabled',
+ )
+ except Membership.DoesNotExist:
+ membership = None
request.group = group
request.membership = membership
if membership:
return view_func(request, group, *args, membership=membership, **kwargs)
else:
- return HttpResponseForbidden()
+ return django.views.defaults.permission_denied(request)
return wrapped_view_func