From 9bc23d0fe237ac3268fd1a67b76da3a9d1593bab Mon Sep 17 00:00:00 2001
From: Valentin Deniaud <vdeniaud@entrouvert.com>
Date: Fri, 19 Apr 2019 10:53:44 +0200
Subject: [PATCH 3/3] utils: add check_session_roles decorator

pareil, il faudra mettre un setting au lieu d'hardcoder auth_level
---
 mellon/utils.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/mellon/utils.py b/mellon/utils.py
index 4f1ded1..c7ffe3d 100644
--- a/mellon/utils.py
+++ b/mellon/utils.py
@@ -7,6 +7,7 @@ from xml.parsers import expat
 
 from django.contrib import auth
 from django.contrib.auth.models import Group
+from django.contrib.auth.views import redirect_to_login
 from django.core.urlresolvers import reverse
 from django.template.loader import render_to_string
 from django.utils.timezone import make_aware, now, make_naive, is_aware, get_default_timezone
@@ -286,3 +287,15 @@ def user_has_role(request, role_id):
     if role.uuid in request.session['role_uuids']:
         return True
     raise RoleNotInSession(role.auth_level)
+
+
+def check_session_roles(func):
+    def wrapped(request, *args, **kwargs):
+        try:
+            return func(request, *args, **kwargs)
+        except RoleNotInSession as e:
+            required_auth_level = e.value
+            next_field_value = request.get_full_path()
+            login_url = '/login/?auth_level=%s' % required_auth_level
+            return redirect_to_login(next_field_value, login_url)
+    return wrapped
-- 
2.20.1