Fix - Usuario no admin

source/app/middleware.py

@@ -33,12 +33,19 @@ def static(req, res):
 class AuthMiddleware(object):
 
     def process_resource(self, req, resp, resource, params):
+        session = req.env['beaker.session']
+        user = session.get('userobj', None)
         id_session = req.cookies.get('beaker.session.id', '')
         if req.path == '/empresas' or req.path == '/values/empresas':
             if MV:
                 pass
             else:
                 raise falcon.HTTPTemporaryRedirect('/')
+        elif id_session and req.path == '/admin':
+            if user is None:
+                raise falcon.HTTPTemporaryRedirect('/')
+            elif not user.es_admin or not user.es_superusuario:
+                raise falcon.HTTPTemporaryRedirect('/main')
         elif not id_session and req.path != '/':
             raise falcon.HTTPTemporaryRedirect('/')