changeset 1720:ea19b98d4f94

Admin menu lock for non-admin users
author Jaiditya Mathur <jaiditya.mathur@gmail.com>
date Mon, 20 Aug 2012 02:14:18 +0530
parents 0b7ae26c968b
children 1df0320ae4c4
files MoinMoin/apps/admin/_tests/test_admin.py MoinMoin/apps/admin/views.py
diffstat 2 files changed, 2 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/apps/admin/_tests/test_admin.py	Mon Aug 20 01:15:03 2012 +0530
+++ b/MoinMoin/apps/admin/_tests/test_admin.py	Mon Aug 20 02:14:18 2012 +0530
@@ -17,7 +17,7 @@
                 assert item in rv.data
 
     def test_index(self):
-        self._test_view_get(url_for('admin.index'))
+        self._test_view_get(url_for('admin.index'), status='403 FORBIDDEN')
 
     def test_userprofile(self):
         self._test_view_get(url_for('admin.userprofile', user_name='DoesntExist'), status='403 FORBIDDEN')
--- a/MoinMoin/apps/admin/views.py	Mon Aug 20 01:15:03 2012 +0530
+++ b/MoinMoin/apps/admin/views.py	Mon Aug 20 02:14:18 2012 +0530
@@ -26,6 +26,7 @@
 from MoinMoin.security import require_permission
 
 @admin.route('/superuser')
+@require_permission(SUPERUSER)
 def index():
     return render_template('admin/index.html', title_name=_(u"Admin"))