Locks: prevent edit actions

author: Étienne Loks <etienne.loks@iggdrasil.net> 2019-09-10 18:02:50 +0200
committer: Étienne Loks <etienne.loks@iggdrasil.net> 2019-09-10 18:02:50 +0200
commit: 0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371 (patch)
tree: f84171501c3d98df394c94fcc6d32cc3dd5c6539 /archaeological_warehouse/views.py
parent: 389f86b06d5f6129614cb312c7034cdc4bb1b684 (diff)
download: Ishtar-0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371.tar.bz2
Ishtar-0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371.zip
1 files changed, 37 insertions, 1 deletions
diff --git a/archaeological_warehouse/views.py b/archaeological_warehouse/views.py
index 85b5511ae..ecbcc3175 100644
--- a/archaeological_warehouse/views.py
+++ b/archaeological_warehouse/views.py
@@ -21,7 +21,7 @@ import json
 
 from django.core.urlresolvers import reverse
 from django.db.models import Q
-from django.http import HttpResponse, Http404
+from django.http import HttpResponse, Http404, HttpResponseRedirect
 from django.shortcuts import redirect
 from django.utils.translation import ugettext_lazy as _
 
@@ -42,6 +42,8 @@ from archaeological_warehouse.wizards import PackagingWizard, WarehouseSearch, \
     ContainerSearch, ContainerWizard, ContainerModificationWizard, \
     ContainerDeletionWizard
 
+from ishtar_common.utils import put_session_message
+
 get_container = get_item(models.Container, 'get_container', 'container',
                          search_form=ContainerSelect)
 show_container = show_item(models.Container, 'container')
@@ -146,6 +148,23 @@ warehouse_modification_wizard = WarehouseModificationWizard.as_view([
 
 
 def warehouse_modify(request, pk):
+    try:
+        warehouse_modification_wizard(request)
+    except IndexError:  # no step available
+        put_session_message(
+            request.session.session_key,
+            _(u"You don't have sufficient permissions to do this action."),
+            'warning'
+        )
+        return HttpResponseRedirect("/")
+
+    q = models.Warehouse.objects.filter(pk=pk)
+    if not q.count():
+        raise Http404()
+    item = q.all()[0]
+    if item.locked:
+        raise Http404()
+
     WarehouseModificationWizard.session_set_value(
         request, 'selec-warehouse_modification', 'pk', pk, reset=True)
     return redirect(
@@ -187,6 +206,23 @@ container_modification_wizard = ContainerModificationWizard.as_view([
 
 
 def container_modify(request, pk):
+    try:
+        container_modification_wizard(request)
+    except IndexError:  # no step available
+        put_session_message(
+            request.session.session_key,
+            _(u"You don't have sufficient permissions to do this action."),
+            'warning'
+        )
+        return HttpResponseRedirect("/")
+
+    q = models.Container.objects.filter(pk=pk)
+    if not q.count():
+        raise Http404()
+    item = q.all()[0]
+    if item.locked:
+        raise Http404()
+
     ContainerModificationWizard.session_set_value(
         request, 'selec-container_modification', 'pk', pk, reset=True)
     return redirect(
author	Étienne Loks <etienne.loks@iggdrasil.net>	2019-09-10 18:02:50 +0200
committer	Étienne Loks <etienne.loks@iggdrasil.net>	2019-09-10 18:02:50 +0200
commit	0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371 (patch)
tree	f84171501c3d98df394c94fcc6d32cc3dd5c6539 /archaeological_warehouse/views.py
parent	389f86b06d5f6129614cb312c7034cdc4bb1b684 (diff)
download	Ishtar-0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371.tar.bz2 Ishtar-0c185f1abbe9abe0d977e1b7d1d3f0440b8d6371.zip