Commit f64d34d250664e5ad78ef8f60c57a73a23806dbc
1 parent
6c28d70b
Exists in
master
and in
3 other branches
Adjusting user deletion access
Showing
1 changed file
with
10 additions
and
0 deletions
Show diff stats
users/views.py
| ... | ... | @@ -155,6 +155,16 @@ class DeleteView(braces_mixins.LoginRequiredMixin, generic.DeleteView): |
| 155 | 155 | slug_url_kwarg = 'email' |
| 156 | 156 | context_object_name = 'acc' |
| 157 | 157 | |
| 158 | + def dispatch(self, request, *args, **kwargs): | |
| 159 | + email = self.kwargs.get('email', None) | |
| 160 | + | |
| 161 | + if not email is None: | |
| 162 | + if not request.user.is_staff: | |
| 163 | + return redirect(reverse_lazy('subjects:home')) | |
| 164 | + | |
| 165 | + return super(DeleteView, self).dispatch(request, *args, **kwargs) | |
| 166 | + | |
| 167 | + | |
| 158 | 168 | def get_object(self): |
| 159 | 169 | email = self.kwargs.get('email', None) |
| 160 | 170 | ... | ... |