Commit dc1f9340 authored by Flavio TARSETTI's avatar Flavio TARSETTI

Merge branch '584_disable_signup_for_logged_in_user' into 'master'

Disable signup for logged in user

Closes #584

See merge request !415
parents 4794ea4d da01c4d1
Pipeline #47001 passed with stages
in 19 minutes and 1 second
......@@ -35,12 +35,14 @@ from django.shortcuts import render
from django.urls import reverse
from django.views.decorators.csrf import csrf_protect
from ...utils.decorators import login_forbidden
from .forms import RegistrationFormTermsOfService
from .forms import RegistrationFormTermsOfServiceSupervisor
from .forms import RegistrationSupervisorForm
from .models import RegistrationProfile
@login_forbidden
def activate(
request,
activation_key,
......@@ -102,6 +104,7 @@ def activate(
return render(request, template_name, context)
@login_forbidden
@csrf_protect
def register(
request,
......
......@@ -47,10 +47,6 @@ urlpatterns = [
),
path("events/<author_name>/", views.activity_stream, name="activity-stream"),
path("docreq/<author_name>/", views.docreq, name="docreq"),
# Activation keys get matched by \w+ instead of the more specific
# [a-fA-F0-9]{40} because a bad activation key should still get to the
# view; that way it can return a sensible "invalid key" message instead
# of a confusing 404.
path(
"signup/",
register,
......@@ -68,6 +64,10 @@ urlpatterns = [
),
name="registration-complete",
),
# Activation keys get matched by \w+ instead of the more specific
# [a-fA-F0-9]{40} because a bad activation key should still get to the
# view; that way it can return a sensible "invalid key" message instead
# of a confusing 404.
path(
"signup/activate/<activation_key>/", activate, name="registration-activation",
),
......
# vim: set fileencoding=utf-8 :
###############################################################################
# #
# Copyright (c) 2020 Idiap Research Institute, http://www.idiap.ch/ #
# Contact: beat.support@idiap.ch #
# #
# This file is part of the beat.web module of the BEAT platform. #
# #
# Commercial License Usage #
# Licensees holding valid commercial BEAT licenses may use this file in #
# accordance with the terms contained in a written agreement between you #
# and Idiap. For further information contact tto@idiap.ch #
# #
# Alternatively, this file may be used under the terms of the GNU Affero #
# Public License version 3 as published by the Free Software and appearing #
# in the file LICENSE.AGPL included in the packaging of this file. #
# The BEAT platform is distributed in the hope that it will be useful, but #
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY #
# or FITNESS FOR A PARTICULAR PURPOSE. #
# #
# You should have received a copy of the GNU Affero Public License along #
# with the BEAT platform. If not, see http://www.gnu.org/licenses/. #
# #
###############################################################################
"""
Django decorators
"""
from django.contrib.auth.decorators import user_passes_test
def login_forbidden(function=None, redirect_field_name=None, redirect_to="index"):
"""
Decorator for views that checks that the user is NOT logged in, redirecting
to the homepage if necessary.
Inspired from:
https://stackoverflow.com/a/7071346/5843716
"""
actual_decorator = user_passes_test(
lambda u: u.is_anonymous,
login_url=redirect_to,
redirect_field_name=redirect_field_name,
)
if function:
return actual_decorator(function)
return actual_decorator
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment