From 3d9ca4cafe86d0152910483bc6602b14b8d50976 Mon Sep 17 00:00:00 2001 From: Étienne Loks Date: Wed, 20 Nov 2024 11:29:21 +0100 Subject: 🩹 more explicit message in case of insufficient permissions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ishtar_common/utils.py | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'ishtar_common/utils.py') diff --git a/ishtar_common/utils.py b/ishtar_common/utils.py index e3a16e50b..bad4ce168 100644 --- a/ishtar_common/utils.py +++ b/ishtar_common/utils.py @@ -55,7 +55,7 @@ from django import forms from django.apps import apps from django.conf import settings from django.conf.urls import url -from django.contrib.auth.models import Permission, User +from django.contrib.auth.models import Permission, User, Group from django.contrib.auth.hashers import Argon2PasswordHasher as BaseArgon2PasswordHasher from django.contrib.contenttypes.models import ContentType from django.contrib.gis.geos import GEOSGeometry @@ -246,9 +246,19 @@ def check_permissions(permissions=None, redirect_url="/"): if ishtaruser.has_permission(permission): kwargs["current_right"] = permission return view_func(request, *args, **kwargs) + msg = str(_("You don't have sufficient permissions to do this action.")) + groups = Group.objects.filter(permissions__codename__in=[ + perm.split(".")[-1] for perm in permissions + ]) + if groups.count(): + msg += "
" + str( + _("If this is unexpected, the profile type attached to yours account have to add one of this group: {}. Ask the administrator of your instance.") + ).format( + ", ".join(["" + str(g) + "" for g in groups]) + ) put_session_message( request.session.session_key, - _("You don't have sufficient permissions to do this action."), + msg, "warning", ) return HttpResponseRedirect(redirect_url) -- cgit v1.2.3