Merge pull request #265 from fga-gpp-mds/devel

Bug-Security

medical_prescription/landing/views.py

@@ -3,6 +3,9 @@
 
 from django.shortcuts import render
 
+from user.decorators import user_is_logged
 
+
+@user_is_logged
 def home(request):
     return render(request, 'landing.html')

medical_prescription/prescription/templates/list_favorite_prescriptions.html

@@ -33,7 +33,7 @@
         <tr class='clickable-row'>
 
             <td>
-              <button class="likes post-likes" url-prescription="{% url 'favorite_prescription' pk=prescription.pk %}">
+              <button class="likes post-likes favorite" url-prescription="{% url 'favorite_prescription' pk=prescription.pk %}">
                  {% if prescription.is_favorite %}
                  <span class="fa fa-star" style="color:orange"></span>
                  {% else %}

medical_prescription/prescription/templates/list_prescription.html

@@ -33,7 +33,7 @@
         <tr class='clickable-row'>
 
             <td>
-              <button class="likes post-likes" url-prescription="{% url 'favorite_prescription' pk=prescription.pk %}">
+              <button class="likes post-likes favorite" url-prescription="{% url 'favorite_prescription' pk=prescription.pk %}">
                  {% if prescription.is_favorite %}
                  <span class="fa fa-star" style="color:orange"></span>
                  {% else %}

medical_prescription/static/prescription/css/favorite.css

@@ -0,0 +1,4 @@
+.favorite {
+  background-color: transparent;
+  border: 0px;
+}

medical_prescription/templates/dashboardHealthProfessional/template.html

@@ -41,6 +41,7 @@
 <script src="{% static "general/js/jquery-ui.js" %}"></script>
 
 <!--========== END JAVASCRIPTS ==========-->
+<link rel="stylesheet" href="{% static "prescription/css/favorite.css" %}">
 
 </body>
 

medical_prescription/user/decorators.py

@@ -89,3 +89,26 @@ def wrap(request, email, *args, **kwargs):
             raise PermissionDenied
 
     return wrap
+
+
+def user_is_logged(method):
+    """
+    Make sure the user is logged in and redirects it to the dashboard
+    """
+    def wrap(request, *args, **kwargs):
+        if 'user' in request.__dict__:
+            if request.user.is_authenticated():
+                is_health_professional = hasattr(request.user, 'healthprofessional')
+                is_patient = hasattr(request.user, 'patient')
+                if is_health_professional:
+                    return redirect('/dashboard_health_professional/health_professional/')
+                elif is_patient:
+                    return redirect('/dashboard_patient/patient/')
+                else:
+                    return method(request, *args, **kwargs)
+            else:
+                return method(request, *args, **kwargs)
+        else:
+            return method(request, *args, **kwargs)
+
+    return wrap

medical_prescription/user/views/loginview.py

@@ -5,11 +5,13 @@
 from django.shortcuts import render, redirect
 from django.contrib import auth
 from django.views.generic import FormView
+from django.utils.decorators import method_decorator
 
 # Local Django
 from user.models import HealthProfessional
 from user.forms import UserLoginForm
 from user import constants
+from user.decorators import user_is_logged
 
 # Set level logger.
 logging.basicConfig(level=logging.DEBUG)
@@ -26,6 +28,7 @@ class LoginView(FormView):
     dashboard_name = ''
 
     # Render the login page.
+    @method_decorator(user_is_logged)
     def get(self, request, *args, **kwargs):
         logger.debug("Start get method.")
         form = self.form_class(initial=self.initial)

medical_prescription/user/views/registerhealthprofessionalview.py

@@ -5,12 +5,14 @@
 from django.shortcuts import render, redirect
 from django.views.generic import FormView
 from django.contrib import messages
+from django.utils.decorators import method_decorator
 
 # Local Django
 from user.models import HealthProfessional
 from user.forms import HealthProfessionalForm
 from user import constants
 from user.views import ConfirmAccountView
+from user.decorators import user_is_logged
 
 # Set level logger.
 logging.basicConfig(level=logging.DEBUG)
@@ -21,6 +23,7 @@ class RegisterHealthProfessionalView(FormView):
     form_class = HealthProfessionalForm
     template_name = 'register_health_professional.html'
 
+    @method_decorator(user_is_logged)
     def get(self, request, *args, **kwargs):
         logger.debug("Start get method.")
         form = self.form_class(initial=self.initial)