Browse Source

fix new instance checks, set server attr on MumbleUsers

Natenom/support-murmur-13-1446181288462
Michael Ziegler 15 years ago
parent
commit
5ed4234a1b
  1. 10
      pyweb/mumble/forms.py

10
pyweb/mumble/forms.py

@ -216,7 +216,7 @@ class MumbleUserForm( ModelForm ):
if action == "update" and settings.PROTECTED_MODE and self.instance.id is None: if action == "update" and settings.PROTECTED_MODE and self.instance.id is None:
# creating new user in protected mode -> need UserPasswordForm # creating new user in protected mode -> need UserPasswordForm
return False return False
if self.instance is not None and request.user != self.instance.owner:
if self.instance.id is not None and request.user != self.instance.owner:
# editing another account # editing another account
return False return False
return True return True
@ -255,6 +255,10 @@ class MumbleUserForm( ModelForm ):
raise forms.ValidationError( _( "Cannot register player without a password!" ) ) raise forms.ValidationError( _( "Cannot register player without a password!" ) )
return passwd return passwd
def save(self):
self.instance.server = self.server
ModelForm.save(self)
class Meta: class Meta:
model = MumbleUser model = MumbleUser
fields = ( 'name', 'password' ) fields = ( 'name', 'password' )
@ -272,7 +276,7 @@ class MumbleUserPasswordForm( MumbleUserForm ):
def EXT_authorize( self, request, action ): def EXT_authorize( self, request, action ):
if not request.user.is_authenticated(): if not request.user.is_authenticated():
return False return False
if self.instance is not None and request.user != self.instance.owner:
if self.instance.id is not None and request.user != self.instance.owner:
# editing another account # editing another account
return False return False
return True return True
@ -306,7 +310,7 @@ class MumbleUserLinkForm( MumbleUserForm ):
self.mumbleid = None self.mumbleid = None
def EXT_authorize( self, request, action ): def EXT_authorize( self, request, action ):
if not request.user.is_authenticated():
if not request.user.is_authenticated() or action == "get":
return False return False
if self.instance.id is not None and request.user != self.instance.owner: if self.instance.id is not None and request.user != self.instance.owner:
# editing another account # editing another account

Loading…
Cancel
Save