Skip to content

Commit

Permalink
Limit moderation access to specific group
Browse files Browse the repository at this point in the history
  • Loading branch information
akatsoulas committed Dec 3, 2024
1 parent d051994 commit 28f78b9
Show file tree
Hide file tree
Showing 2 changed files with 29 additions and 4 deletions.
30 changes: 27 additions & 3 deletions kitsune/access/decorators.py
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
from functools import wraps
from urllib.parse import quote

from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponseForbidden, HttpResponseRedirect

from urllib.parse import quote
from django.http import Http404, HttpResponseForbidden, HttpResponseRedirect

from kitsune.sumo.urlresolvers import reverse

Expand Down Expand Up @@ -101,3 +100,28 @@ def deny_func(user):
redirect_url_func=lambda: login_url,
deny_func=deny_func,
)


def group_required(group_name, only_active=True):
"""Requires that the user is in the given group. Raises 404 if not."""

def decorator(view_func):
@wraps(view_func)
def _wrapped_view(request, *args, **kwargs):
if not request.user.is_authenticated:
raise Http404

if only_active:
if not (
request.user.is_active and request.user.groups.filter(name=group_name).exists()
):
raise Http404
else:
if not request.user.groups.filter(name=group_name).exists():
raise Http404

return view_func(request, *args, **kwargs)

return _wrapped_view

return decorator
3 changes: 2 additions & 1 deletion kitsune/flagit/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
from django.utils.translation import gettext as _
from django.views.decorators.http import require_POST

from kitsune.access.decorators import login_required, permission_required
from kitsune.access.decorators import group_required, login_required, permission_required
from kitsune.flagit.models import FlaggedObject
from kitsune.products.models import Product, Topic
from kitsune.questions.events import QuestionReplyEvent
Expand Down Expand Up @@ -125,6 +125,7 @@ def get_hierarchical_topics(topics, parent=None, level=0):

@login_required
@permission_required("flagit.can_moderate")
@group_required("Content Moderators")
def moderate_content(request):
"""Display flagged content that needs moderation."""
product_slug = request.GET.get("product")
Expand Down

0 comments on commit 28f78b9

Please sign in to comment.