mirrors/recipes
1
0
Fork 0
mirror of https://github.com/TandoorRecipes/recipes.git synced 2026-01-03 21:37:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

restrict local external recipes to superusers and restrict file path/type

Browse Source
This commit is contained in:
vabene1111
2025-01-18 08:57:46 +01:00
parent efcd759869
commit 36e83a9d01
3 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cookbook/views/new.py
View File

@@ -58,10 +58,16 @@ class StorageCreate(GroupRequiredMixin, CreateView):
obj = form.save(commit=False)
obj.created_by = self.request.user
obj.space = self.request.space
obj.save()
if self.request.space.demo or settings.HOSTED:
messages.add_message(self.request, messages.ERROR, _('This feature is not yet available in the hosted version of tandoor!'))
return redirect('index')
if not self.request.user.is_superuser:
messages.add_message(self.request, messages.ERROR, _('This feature is only available for the instance administrator (superuser)'))
return redirect('index')
obj.save()
return HttpResponseRedirect(reverse('edit_storage', kwargs={'pk': obj.pk}))
def get_context_data(self, **kwargs):