Hopiu/wagtail
1
0
Fork 0
mirror of https://github.com/Hopiu/wagtail.git synced 2026-05-05 22:14:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Check that the user has permission to see the admin dashboard before redirecting them there. Fixes #431

Browse source
This commit is contained in:
Karl Hobley 2014-07-08 09:49:18 +01:00
parent 135f6e45d7
commit 90bdd0c501
2 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
wagtail/wagtailadmin/tests/test_account_management.py
View file

@ -6,7 +6,7 @@ from django.contrib.auth.models import User, Group, Permission
from django.contrib.auth.tokens import PasswordResetTokenGenerator
from django.core import mail
from wagtail.tests.utils import unittest, WagtailTestUtils
from wagtail.tests.utils import WagtailTestUtils
from wagtail.wagtailusers.models import UserProfile
@ -62,7 +62,6 @@ class TestAuthentication(TestCase, WagtailTestUtils):
# Check that the user was redirected to the dashboard
self.assertRedirects(response, reverse('wagtailadmin_home'))
@unittest.expectedFailure
def test_logged_in_as_non_privilaged_user_doesnt_redirect(self):
"""
This tests that if the user is logged in but hasn't got permission

2
wagtail/wagtailadmin/views/account.py
View file

@ -75,7 +75,7 @@ def notification_preferences(request):
@sensitive_post_parameters()
@never_cache
def login(request):
if request.user.is_authenticated():
if request.user.is_authenticated() and request.user.has_perm('wagtailadmin.access_admin'):
return redirect('wagtailadmin_home')
else:
return auth_login(request,