1 files changed, 30 insertions, 0 deletions

diff --git a/ishtar_common/views.py b/ishtar_common/views.py
index 889bd3893..c27aae74b 100644
--- a/ishtar_common/views.py
+++ b/ishtar_common/views.py
@@ -32,8 +32,11 @@ from tempfile import NamedTemporaryFile
 import ho.pisa as pisa
 import unicodedata
 
+from extra_views import ModelFormSetView
+
 from django.conf import settings
 from django.contrib.auth import logout
+from django.contrib.auth.decorators import login_required
 from django.core import serializers
 from django.core.exceptions import ObjectDoesNotExist
 from django.core.urlresolvers import reverse, NoReverseMatch
@@ -41,6 +44,7 @@ from django.db.models import Q, ImageField
 from django.http import HttpResponse, Http404
 from django.shortcuts import render_to_response, redirect
 from django.template import RequestContext, loader
+from django.utils.decorators import method_decorator
 from django.utils.translation import ugettext, ugettext_lazy as _
 
 if settings.XHTML2ODT_PATH:
@@ -790,3 +794,29 @@ def dashboard_main_detail(request, item_name):
                 '%d_%d_%d' % (n.minute, n.second, n.microsecond)
     return render_to_response('ishtar/dashboards/dashboard_main_detail.html',
                             dct, context_instance=RequestContext(request))
+
+
+class LoginRequiredMixin(object):
+    @method_decorator(login_required)
+    def dispatch(self, request, *args, **kwargs):
+        return super(LoginRequiredMixin, self).dispatch(request, *args,
+                                                        **kwargs)
+        if kwargs.get('pk') and not self.request.user.is_staff and \
+           not str(kwargs['pk']) == str(self.request.user.company.pk):
+            return redirect(reverse('index'))
+        return super(LoginRequiredMixin, self).dispatch(request, *args,
+                                                        **kwargs)
+
+class AdminLoginRequiredMixin(LoginRequiredMixin):
+    def dispatch(self, request, *args, **kwargs):
+        if not request.user.is_staff:
+            return redirect(reverse('start'))
+        return super(AdminLoginRequiredMixin, self).dispatch(request, *args,
+                                                        **kwargs)
+
+class GlobalVarEdit(AdminLoginRequiredMixin, ModelFormSetView):
+    template_name = 'ishtar/formset.html'
+    model = models.GlobalVar
+    extra = 1
+    can_delete = True
+    fields = ['slug', 'value', 'description']