Return permission denied instead of redirecting in stats views Return a 403 permission denied error if a user is not part of the Fairphone staff group. This breaks the infinite redirect loop. Issue: HIC-260 Change-Id: I682127c2165f826257a84b0bf246fc9fb86813ea

commit: a901798e36226e9f73a93b6942e7aa3107c80c65 [log] [tgz]
author: Mitja Nikolaus <mitja@fairphone.com> Wed Nov 21 12:14:45 2018 +0100
committer: Mitja Nikolaus <mitja@fairphone.com> Wed Dec 05 13:34:49 2018 +0100
tree: 17e05abe7d4b9bd7824e5e8fd4aceca4238717fb
parent: e0e8377acd7002dba3e06c61a19bba282373c576 [diff] [blame]
diff --git a/crashreport_stats/permissions.py b/crashreport_stats/permissions.py
new file mode 100644
index 0000000..c457f42
--- /dev/null
+++ b/crashreport_stats/permissions.py

@@ -0,0 +1,21 @@
+"""Permissions for accessing the stats API."""
+from django.core.exceptions import PermissionDenied
+
+from crashreports.permissions import user_is_hiccup_staff
+from hiccup.allauth_adapters import FP_STAFF_GROUP_NAME
+
+
+def check_user_is_hiccup_staff(user):
+    """Check if the user is part of the Hiccup staff.
+
+    Returns: True if the user is part of the Hiccup staff group.
+
+    Raises:
+        PermissionDenied: If the user is not part of the Hiccup staff group.
+
+    """
+    if not user_is_hiccup_staff(user):
+        raise PermissionDenied(
+            "User %s not part of the %s group" % (user, FP_STAFF_GROUP_NAME)
+        )
+    return True
commit	a901798e36226e9f73a93b6942e7aa3107c80c65	[log] [tgz]
author	Mitja Nikolaus <mitja@fairphone.com>	Wed Nov 21 12:14:45 2018 +0100
committer	Mitja Nikolaus <mitja@fairphone.com>	Wed Dec 05 13:34:49 2018 +0100
tree	17e05abe7d4b9bd7824e5e8fd4aceca4238717fb
parent	e0e8377acd7002dba3e06c61a19bba282373c576 [diff] [blame]