From 60026bfa9c26de1102153bd7025d7452fdb6a2a2 Mon Sep 17 00:00:00 2001
From: Klaus-Uwe Mitterer <git@kumi.email>
Date: Wed, 26 May 2021 14:08:15 +0200
Subject: [PATCH] Fix client/partner profile requirement check

---
 clients/mixins.py   |  9 +++++++--
 clients/views.py    | 15 +++++++++------
 localauth/mixins.py | 41 ++++++++++++++++++++++++++++-------------
 partners/mixins.py  |  9 ++++++---
 4 files changed, 50 insertions(+), 24 deletions(-)

diff --git a/clients/mixins.py b/clients/mixins.py
index ee27234..0e1a3de 100644
--- a/clients/mixins.py
+++ b/clients/mixins.py
@@ -1,9 +1,14 @@
+from django.urls import reverse_lazy
+
 from localauth.mixins import LoginRequiredMixin, UserPassesTestMixin
 
-class ClientProfileRequiredMixin(LoginRequiredMixin, UserPassesTestMixin):
+class ClientProfileRequiredMixin(UserPassesTestMixin):
     def test_func(self):
         try:
             assert self.request.user.clientprofile
             return True
         except:
-            return False
\ No newline at end of file
+            return False
+
+    def get_login_url(self):
+        return reverse_lazy("clients:register")
\ No newline at end of file
diff --git a/clients/views.py b/clients/views.py
index 3e5759f..bb3cda6 100644
--- a/clients/views.py
+++ b/clients/views.py
@@ -6,11 +6,14 @@ from django.contrib import messages
 from .models import ClientProfile
 from .mixins import ClientProfileRequiredMixin
 
-from localauth.mixins import LoginRequiredMixin
+from localauth.mixins import LoginRequiredMixin, MultiPermissionMixin
 from public.mixins import InConstructionMixin
 from auction.models import Inquiry
 
-class ClientRegistrationView(InConstructionMixin, LoginRequiredMixin, CreateView):
+class ClientBaseMixin(MultiPermissionMixin):
+    MIXINS = [LoginRequiredMixin, ClientProfileRequiredMixin]
+
+class ClientRegistrationView(LoginRequiredMixin, CreateView):
     model = ClientProfile
     exclude = ["user"]
     template_name = "clients/signup.html"
@@ -53,7 +56,7 @@ class ClientRegistrationView(InConstructionMixin, LoginRequiredMixin, CreateView
                 "phone": "+43"
                 }
 
-class ClientProfileView(InConstructionMixin, LoginRequiredMixin, UpdateView):
+class ClientProfileView(ClientBaseMixin, UpdateView):
     model = ClientProfile
     exclude = ["user"]
     template_name = "clients/profile.html"
@@ -71,21 +74,21 @@ class ClientProfileView(InConstructionMixin, LoginRequiredMixin, UpdateView):
         except ClientProfile.DoesNotExist:
             return redirect("clients:register")
 
-class ClientDashboardView(InConstructionMixin, ClientProfileRequiredMixin, DetailView):
+class ClientDashboardView(ClientBaseMixin, DetailView):
     model = ClientProfile
     template_name = "clients/dashboard.html"
 
     def get_object(self):
         return self.request.user.clientprofile
 
-class ClientBookingsView(InConstructionMixin, ClientProfileRequiredMixin, ListView):
+class ClientBookingsView(ClientBaseMixin, ListView):
     model = Inquiry
     template_name = "clients/bookings.html"
 
     def get_queryset(self):
         return Inquiry.objects.filter(client=self.request.user.clientprofile)
 
-class ClientBookingView(InConstructionMixin, ClientProfileRequiredMixin, DetailView):
+class ClientBookingView(ClientBaseMixin, DetailView):
     model = Inquiry
     template_name = "clients/booking.html"
 
diff --git a/localauth/mixins.py b/localauth/mixins.py
index 718563d..a2da67a 100644
--- a/localauth/mixins.py
+++ b/localauth/mixins.py
@@ -3,20 +3,35 @@ from django.shortcuts import redirect
 from django.contrib import messages
 from django.contrib.auth.decorators import login_required
 from django.conf import settings
-from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
+from django.contrib.auth.mixins import UserPassesTestMixin
+from django.urls import reverse_lazy
 
-class SuperUserRequiredMixin:
-    """
-    View mixin which requires that the authenticated user is a super user
-    (i.e. `is_superuser` is True).
-    """
+class SuperUserRequiredMixin(UserPassesTestMixin):
+    def test_func(self):
+        try:
+            return self.request.user.is_superuser
+        except:
+            return False
+
+    def get_login_url(self):
+        return reverse_lazy("localauth:login")
+
+class LoginRequiredMixin(UserPassesTestMixin):
+    def test_func(self):
+        try:
+            return self.request.user.is_authenticated
+        except:
+            return False
+
+    def get_login_url(self):
+        return reverse_lazy("localauth:login")
+
+class MultiPermissionMixin:
+    MIXINS = []
 
-    @method_decorator(login_required)
     def dispatch(self, request, *args, **kwargs):
-        if not request.user.is_superuser:
-            messages.error(
-                request,
-                'You do not have the permission required to perform the '
-                'requested operation.')
-            return redirect(settings.LOGIN_URL)
+        for mixin in self.MIXINS:
+            if not mixin.test_func(self):
+                return redirect(mixin.get_login_url(self))
+
         return super().dispatch(request, *args, **kwargs)
diff --git a/partners/mixins.py b/partners/mixins.py
index 5c03216..2507d8c 100644
--- a/partners/mixins.py
+++ b/partners/mixins.py
@@ -1,9 +1,12 @@
-from localauth.mixins import LoginRequiredMixin, UserPassesTestMixin
+from localauth.mixins import UserPassesTestMixin
 
-class PartnerProfileRequiredMixin(LoginRequiredMixin, UserPassesTestMixin):
+class PartnerProfileRequiredMixin(UserPassesTestMixin):
     def test_func(self):
         try:
             assert self.request.user.partnerprofile
             return True
         except:
-            return False
\ No newline at end of file
+            return False
+
+    def get_login_url(self):
+        return reverse_lazy("partners:register")
\ No newline at end of file