public/coins-demo
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Enforce and test TODO_STAFF_ONLY setting

Browse source
This commit is contained in:
Scot Hacker 2019-01-10 00:39:21 -08:00
parent 6953085285
commit 91b9a099a3
14 changed files with 81 additions and 51 deletions
Download patch file Download diff file Expand all files Collapse all files

9
todo/views/search.py
View file

@ -1,18 +1,22 @@
from django.contrib.auth.decorators import login_required
from django.contrib.auth.decorators import login_required, user_passes_test
from django.db.models import Q
from django.http import HttpResponse
from django.shortcuts import render
from todo.models import Task
from todo.utils import staff_check
@login_required
@user_passes_test(staff_check)
def search(request) -> HttpResponse:
"""Search for tasks user has permission to see.
"""
query_string = ""
if request.GET:
query_string = ""
found_tasks = None
if ("q" in request.GET) and request.GET["q"].strip():
query_string = request.GET["q"]
@ -29,7 +33,6 @@ def search(request) -> HttpResponse:
found_tasks = found_tasks.exclude(completed=True)
else:
query_string = None
found_tasks = None
# Only include tasks that are in groups of which this user is a member: