diff --git a/src/nac/subviews/account.py b/src/nac/subviews/account.py index 9326f25..a78a7b1 100644 --- a/src/nac/subviews/account.py +++ b/src/nac/subviews/account.py @@ -1,14 +1,17 @@ from django.contrib import messages from django.contrib.auth import update_session_auth_hash +from django.contrib.auth.mixins import LoginRequiredMixin +from django.contrib.auth.decorators import login_required from django.contrib.auth.forms import PasswordChangeForm from django.shortcuts import render, redirect from django.views.generic import TemplateView -class AccountSettings(TemplateView): +class AccountSettings(LoginRequiredMixin, TemplateView): template_name = "account_settings.html" +@login_required def change_password(request): if request.method == 'POST': form = PasswordChangeForm(request.user, request.POST) diff --git a/src/nac/subviews/armis.py b/src/nac/subviews/armis.py index a3ff8a5..10e7b4f 100644 --- a/src/nac/subviews/armis.py +++ b/src/nac/subviews/armis.py @@ -16,11 +16,13 @@ from django.views.generic import View from django.core.cache import cache from django.shortcuts import render +from django.contrib.auth.mixins import LoginRequiredMixin + from helper.armis import get_armis_sites, get_devices, get_tenant_url, get_boundaries, map_ids_to_names -class ArmisView(View): +class ArmisView(LoginRequiredMixin, View): template_name = "armis_import.html" def _get_context(self): # sets the site-context for armis_import.html, uses cache to be less time consuming diff --git a/src/nac/subviews/autocomplete.py b/src/nac/subviews/autocomplete.py index 03be550..2c0480e 100644 --- a/src/nac/subviews/autocomplete.py +++ b/src/nac/subviews/autocomplete.py @@ -1,8 +1,9 @@ from dal import autocomplete from ..models import DeviceRoleProd, AuthorizationGroup, DeviceRoleInst +from django.contrib.auth.mixins import LoginRequiredMixin -class DeviceRoleProdAutocomplete(autocomplete.Select2QuerySetView): +class DeviceRoleProdAutocomplete(LoginRequiredMixin, autocomplete.Select2QuerySetView): def get_queryset(self): if not self.request.user.is_authenticated: return DeviceRoleProd.objects.none() @@ -23,7 +24,7 @@ def get_queryset(self): return qs -class DeviceRoleInstAutocomplete(autocomplete.Select2QuerySetView): +class DeviceRoleInstAutocomplete(LoginRequiredMixin, autocomplete.Select2QuerySetView): def get_queryset(self): if not self.request.user.is_authenticated: return DeviceRoleInst.objects.none() @@ -40,7 +41,7 @@ def get_queryset(self): return qs -class AuthorizationGroupAutocomplete(autocomplete.Select2QuerySetView): +class AuthorizationGroupAutocomplete(LoginRequiredMixin, autocomplete.Select2QuerySetView): def get_queryset(self): if not self.request.user.is_authenticated: return AuthorizationGroup.objects.none() diff --git a/src/nac/subviews/device_management.py b/src/nac/subviews/device_management.py index 6afad44..293f7c5 100644 --- a/src/nac/subviews/device_management.py +++ b/src/nac/subviews/device_management.py @@ -3,6 +3,7 @@ from django.db.models import Q from django.urls import reverse_lazy from django.shortcuts import render +from django.contrib.auth.mixins import LoginRequiredMixin import json from ..models import Device, AuthorizationGroup, DeviceRoleProd @@ -10,7 +11,7 @@ from ..validation import normalize_mac -class DeviceListView(ListView): +class DeviceListView(LoginRequiredMixin, ListView): model = Device template_name = "devices.html" context_object_name = "device_list" @@ -47,24 +48,24 @@ def get_context_data(self, *, object_list=None, **kwargs): return context -class DeviceDetailView(DetailView): +class DeviceDetailView(LoginRequiredMixin, DetailView): model = Device template_name = "device_detail.html" -class DeviceUpdateView(UpdateView): +class DeviceUpdateView(LoginRequiredMixin, UpdateView): model = Device form_class = DeviceForm template_name = "device_edit.html" -class DeviceDeleteView(DeleteView): +class DeviceDeleteView(LoginRequiredMixin, DeleteView): model = Device template_name = "device_delete.html" success_url = reverse_lazy("devices") -class DeviceCreateView(CreateView): +class DeviceCreateView(LoginRequiredMixin, CreateView): model = Device form_class = DeviceForm template_name = "device_new.html"