don't allow download xml for non-public books
[redakcja.git] / apps / wiki / helpers.py
index d4daf1a..877a9d0 100644 (file)
@@ -1,8 +1,9 @@
+from datetime import datetime
+from functools import wraps
+
 from django import http
-from django.utils import simplejson as json
+import json
 from django.utils.functional import Promise
-from django.template.loader import render_to_string
-from datetime import datetime
 
 
 class ExtendedEncoder(json.JSONEncoder):
@@ -21,12 +22,11 @@ class ExtendedEncoder(json.JSONEncoder):
 class JSONResponse(http.HttpResponse):
 
     def __init__(self, data={}, **kwargs):
-        # get rid of mimetype
-        kwargs.pop('mimetype', None)
+        # get rid of content_type
+        kwargs.pop('content_type', None)
 
-        super(JSONResponse, self).__init__(
-            json.dumps(data, cls=ExtendedEncoder),
-            mimetype="application/json", **kwargs)
+        data = json.dumps(data, cls=ExtendedEncoder)
+        super(JSONResponse, self).__init__(data, content_type="application/json", **kwargs)
 
 
 # return errors
@@ -39,3 +39,23 @@ class JSONServerError(JSONResponse):
     def __init__(self, *args, **kwargs):
         kwargs['status'] = 500
         super(JSONServerError, self).__init__(*args, **kwargs)
+
+
+def ajax_login_required(view):
+    @wraps(view)
+    def authenticated_view(request, *args, **kwargs):
+        if not request.user.is_authenticated():
+            return http.HttpResponse("Login required.", status=401, content_type="text/plain")
+        return view(request, *args, **kwargs)
+    return authenticated_view
+
+
+def ajax_require_permission(permission):
+    def decorator(view):
+        @wraps(view)
+        def authorized_view(request, *args, **kwargs):
+            if not request.user.has_perm(permission):
+                return http.HttpResponse("Access Forbidden.", status=403, content_type="text/plain")
+            return view(request, *args, **kwargs)
+        return authorized_view
+    return decorator