From 15a31d41f6d1e43cbdee60f58b6bd64023867a9d Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Sun, 3 Dec 2017 23:47:41 -0600 Subject: [PATCH 1/2] Fix - Usuario no admin --- source/app/middleware.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/source/app/middleware.py b/source/app/middleware.py index d5a880c..348b89c 100644 --- a/source/app/middleware.py +++ b/source/app/middleware.py @@ -33,12 +33,19 @@ def static(req, res): class AuthMiddleware(object): def process_resource(self, req, resp, resource, params): + session = req.env['beaker.session'] + user = session.get('userobj', None) id_session = req.cookies.get('beaker.session.id', '') if req.path == '/empresas' or req.path == '/values/empresas': if MV: pass else: raise falcon.HTTPTemporaryRedirect('/') + elif id_session and req.path == '/admin': + if user is None: + raise falcon.HTTPTemporaryRedirect('/') + elif not user.es_admin or not user.es_superusuario: + raise falcon.HTTPTemporaryRedirect('/main') elif not id_session and req.path != '/': raise falcon.HTTPTemporaryRedirect('/') From d80cfd983d87a4aebb0308cd05cc8b7bfd9b0a88 Mon Sep 17 00:00:00 2001 From: Mauricio Baeza Date: Sun, 3 Dec 2017 23:51:02 -0600 Subject: [PATCH 2/2] Fix - Ocultar icono admin para usuarios no admin --- source/static/js/controller/main.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/static/js/controller/main.js b/source/static/js/controller/main.js index 6fbef20..7676d07 100644 --- a/source/static/js/controller/main.js +++ b/source/static/js/controller/main.js @@ -4,7 +4,7 @@ var gi = null function configuracion_inicial(){ webix.ajax().get('/values/admin', function(text, data){ var values = data.json() - $$('cmd_ir_al_admin').show(values) + show('cmd_ir_al_admin', values) }) webix.ajax().get('/values/main', function(text, data){ var values = data.json()