Fixed navbar to not allow "root" user to access preferences (root user

will never own services)
2025-01-11 05:17:55 +03:00 · 2015-01-15 09:24:58 +01:00 · 2015-01-15 09:24:58 +01:00 · 2959a878af
commit 2959a878af
parent ea087fce53
3 changed files with 13 additions and 3 deletions
--- a/server/src/uds/core/managers/UserPrefsManager.py
+++ b/server/src/uds/core/managers/UserPrefsManager.py
@ -124,8 +124,11 @@ class UserPrefsManager(object):
                logger.debug(name)
                prefs.append({'module': mod, 'name': p.getName(), 'value': form.cleaned_data[name]})
        user.preferences.all().delete()
+        try:
            for p in prefs:
                user.preferences.create(module=p['module'], name=p['name'], value=p['value'])
+        except Exception:  # User does not exists
+            logger.info('Trying to dave user preferences failed (probably root user?)')
        return None

    def processGuiForUserPreferences(self, user, data):
--- a/server/src/uds/templates/uds/html5/snippets/navbar.html
+++ b/server/src/uds/templates/uds/html5/snippets/navbar.html
@ -1,5 +1,6 @@
 {% load i18n html5 static %}
    {% preferences_allowed as show_prefs %}
+    {% root_id as rootid %}
 		<nav class="navbar navbar-default navbar-fixed-top" role="navigation">
 			<!-- Brand and toggle get grouped for better mobile display -->
 			<div class="navbar-header">
@ -37,7 +38,7 @@
                  <li class="dropdown">
                    <a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> {{ user.real_name }} <b class="caret"></b></a>
                    <ul class="dropdown-menu">
-                        {% if show_prefs %}
+                        {% if show_prefs and user.id != rootid %}
                        <li><a href="{% url "uds.web.views.prefs" %}"><span class="fa fa-edit"></span> {% trans 'Preferences' %}</a></li>
                        {% endif %}
                    {% if user.staff_member or user.is_admin %}
--- a/server/src/uds/templatetags/html5.py
+++ b/server/src/uds/templatetags/html5.py
@ -34,6 +34,7 @@ from __future__ import unicode_literals

 from django import template
 from uds.core.util import html
+from uds.core.auths.auth import ROOT_ID
 from uds.core.util.Config import GlobalConfig
 from uds.models.Image import Image

@ -95,6 +96,11 @@ def preferences_allowed():
    return GlobalConfig.PREFERENCES_ALLOWED.getBool(True)


+@register.assignment_tag
+def root_id():
+    return ROOT_ID
+
+
@register.assignment_tag
 def image_size():
    return Image.MAX_IMAGE_SIZE