From e54fd13e9a04076c850fe1e635804118cc2ef5b7 Mon Sep 17 00:00:00 2001 From: Retspen Date: Wed, 24 Jun 2015 09:54:46 +0300 Subject: [PATCH] Fixed access without admins prermission --- storages/views.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/storages/views.py b/storages/views.py index a09fe98..499d8b3 100644 --- a/storages/views.py +++ b/storages/views.py @@ -77,6 +77,9 @@ def storage(request, compute_id, pool): if not request.user.is_authenticated(): return HttpResponseRedirect(reverse('index')) + if not request.user.is_superuser: + return HttpResponseRedirect(reverse('index')) + def handle_uploaded_file(path, f_name): target = path + '/' + str(f_name) destination = open(target, 'wb+')