summaryrefslogtreecommitdiff
path: root/postgresqleu/util/auth.py
diff options
context:
space:
mode:
Diffstat (limited to 'postgresqleu/util/auth.py')
-rw-r--r--postgresqleu/util/auth.py11
1 files changed, 11 insertions, 0 deletions
diff --git a/postgresqleu/util/auth.py b/postgresqleu/util/auth.py
index bdb5bd7d..d6a05eba 100644
--- a/postgresqleu/util/auth.py
+++ b/postgresqleu/util/auth.py
@@ -5,10 +5,21 @@ from django.conf import settings
import urllib.parse
+PERMISSION_GROUPS = (
+ 'Invoice managers',
+ 'News administrators',
+ 'Membership administrators',
+ 'Election administrators',
+)
+
+
def authenticate_backend_group(request, groupname):
if not request.user.is_authenticated:
raise RedirectException("{0}?{1}".format(settings.LOGIN_URL, urllib.parse.urlencode({'next': request.build_absolute_uri()})))
+ if groupname not in PERMISSION_GROUPS:
+ raise PermissionDenied("Group name not known")
+
if request.user.is_superuser:
return
if request.user.groups.filter(name=groupname).exists():
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-22 07:02:23 +0000