seba
/
cqtu
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

Protected logviews from exch-less users

This commit is contained in:
Sebastian Lohff 2017-01-26 23:49:19 +01:00
parent 8aa7910775
commit b3ffd41973
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
contest/views.py
View File

@ -37,6 +37,9 @@ def contestIndex(request):
@login_required @login_required
def log(request): def log(request):
if not request.user.ref:
return HttpResponseRedirect(reverse("contest:index"))
form = None form = None
qsos = QSO.objects.filter(owner=request.user).order_by("-ownNo") qsos = QSO.objects.filter(owner=request.user).order_by("-ownNo")
@ -74,6 +77,9 @@ def log(request):
@login_required @login_required
def logEdit(request, qsoid): def logEdit(request, qsoid):
if not request.user.ref:
return HttpResponseRedirect(reverse("contest:index"))
qso = QSO.objects.get(id=qsoid, owner=request.user) qso = QSO.objects.get(id=qsoid, owner=request.user)
form = None form = None
@ -90,6 +96,9 @@ def logEdit(request, qsoid):
return render(request, 'contest/logEdit.html', {'form': form, "qso": qso}) return render(request, 'contest/logEdit.html', {'form': form, "qso": qso})
def logDelete(request, qsoid): def logDelete(request, qsoid):
if not request.user.ref:
return HttpResponseRedirect(reverse("contest:index"))
qso = QSO.objects.get(id=qsoid, owner=request.user) qso = QSO.objects.get(id=qsoid, owner=request.user)
if request.method == 'POST': if request.method == 'POST':