33 lines
1.0 KiB
Python
33 lines
1.0 KiB
Python
from django.shortcuts import render, redirect
|
|
from django.views.decorators.http import require_http_methods
|
|
from elastic.es_connect import get_user_by_id
|
|
|
|
|
|
@require_http_methods(["GET"])
|
|
def home(request):
|
|
# Enforce login: require session user_id
|
|
session_user_id = request.session.get("user_id")
|
|
if session_user_id is None:
|
|
return redirect("/accounts/login/")
|
|
|
|
# Show user_id (prefer query param if present, but don't trust it)
|
|
user_id_qs = request.GET.get("user_id")
|
|
uid = user_id_qs or session_user_id
|
|
perm = request.session.get("permission")
|
|
if perm is None and uid is not None:
|
|
u = get_user_by_id(uid)
|
|
try:
|
|
perm = int((u or {}).get("permission", 1))
|
|
except Exception:
|
|
perm = 1
|
|
request.session["permission"] = perm
|
|
else:
|
|
try:
|
|
perm = int(perm)
|
|
except Exception:
|
|
perm = 1
|
|
context = {
|
|
"user_id": uid,
|
|
"is_admin": (int(perm) == 0),
|
|
}
|
|
return render(request, "main/home.html", context) |