X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/24c1d259ba4af084959d70c6a1f355d0a57f1191..27bed5683e1619659c96f6ca58dd42cf49be4c67:/apps/wiki/helpers.py

diff --git a/apps/wiki/helpers.py b/apps/wiki/helpers.py
index d4daf1ad..b60265f5 100644
--- a/apps/wiki/helpers.py
+++ b/apps/wiki/helpers.py
@@ -1,8 +1,14 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of MIL/PEER, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
+#
+from datetime import datetime
+from functools import wraps
+import json
+
 from django import http
-from django.utils import simplejson as json
 from django.utils.functional import Promise
-from django.template.loader import render_to_string
-from datetime import datetime
 
 
 class ExtendedEncoder(json.JSONEncoder):
@@ -22,11 +28,10 @@ class JSONResponse(http.HttpResponse):
 
     def __init__(self, data={}, **kwargs):
         # get rid of mimetype
-        kwargs.pop('mimetype', None)
+        kwargs.pop('content_type', None)
 
-        super(JSONResponse, self).__init__(
-            json.dumps(data, cls=ExtendedEncoder),
-            mimetype="application/json", **kwargs)
+        data = json.dumps(data, cls=ExtendedEncoder)
+        super(JSONResponse, self).__init__(data, content_type="application/json", **kwargs)
 
 
 # return errors
@@ -39,3 +44,23 @@ class JSONServerError(JSONResponse):
     def __init__(self, *args, **kwargs):
         kwargs['status'] = 500
         super(JSONServerError, self).__init__(*args, **kwargs)
+
+
+def ajax_login_required(view):
+    @wraps(view)
+    def authenticated_view(request, *args, **kwargs):
+        if not request.user.is_authenticated():
+            return http.HttpResponse("Login required.", status=401, content_type="text/plain")
+        return view(request, *args, **kwargs)
+    return authenticated_view
+
+
+def ajax_require_permission(permission):
+    def decorator(view):
+        @wraps(view)
+        def authorized_view(request, *args, **kwargs):
+            if not request.user.has_perm(permission):
+                return http.HttpResponse("Access Forbidden.", status=403, content_type="text/plain")
+            return view(request, *args, **kwargs)
+        return authorized_view
+    return decorator