Adjusting user deletion access

Zambom
1 parent 6c28d70b
Showing 1 changed file with 10 additions and 0 deletions Show diff stats
users/views.py
@@ -155,6 +155,16 @@ class DeleteView(braces_mixins.LoginRequiredMixin, generic.DeleteView):
 	slug_url_kwarg = 'email'
 	context_object_name = 'acc'
+	def dispatch(self, request, *args, **kwargs):
+		email = self.kwargs.get('email', None)
+
+		if not email is None:
+			if not request.user.is_staff:
+				return redirect(reverse_lazy('subjects:home'))
+
+		return super(DeleteView, self).dispatch(request, *args, **kwargs)
+
+
 	def get_object(self):
 		email = self.kwargs.get('email', None)
	@@ -155,6 +155,16 @@ class DeleteView(braces_mixins.LoginRequiredMixin, generic.DeleteView):		@@ -155,6 +155,16 @@ class DeleteView(braces_mixins.LoginRequiredMixin, generic.DeleteView):
155	slug_url_kwarg = 'email'	155	slug_url_kwarg = 'email'
156	context_object_name = 'acc'	156	context_object_name = 'acc'
157		157
		158	+ def dispatch(self, request, args, *kwargs):
		159	+ email = self.kwargs.get('email', None)
		160	+
		161	+ if not email is None:
		162	+ if not request.user.is_staff:
		163	+ return redirect(reverse_lazy('subjects:home'))
		164	+
		165	+ return super(DeleteView, self).dispatch(request, args, *kwargs)
		166	+
		167	+
158	def get_object(self):	168	def get_object(self):
159	email = self.kwargs.get('email', None)	169	email = self.kwargs.get('email', None)
160		170