From 727c24fb1f296c32232ae1665b581167ecad2e95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=9A=D0=BE=D1=88=D0=BA=D0=B8=D0=BD=20=D0=A1=D0=B5=D1=80?= =?UTF-8?q?=D0=B3=D0=B5=D0=B9?= Date: Thu, 4 Dec 2025 14:19:48 +0300 Subject: [PATCH] =?UTF-8?q?=D0=A1=D0=BF=D1=80=D1=8F=D1=82=D0=B0=D0=BB=20se?= =?UTF-8?q?cret=20stat?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- dbapp/mainapp/views/secret_stats.py | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/dbapp/mainapp/views/secret_stats.py b/dbapp/mainapp/views/secret_stats.py index 528ee0c..f4027fd 100644 --- a/dbapp/mainapp/views/secret_stats.py +++ b/dbapp/mainapp/views/secret_stats.py @@ -5,6 +5,7 @@ import json from datetime import timedelta, datetime from collections import defaultdict +from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin from django.db.models import Count, Q, Min, Max, Avg, Sum from django.db.models.functions import TruncDate, TruncMonth, ExtractWeekDay, ExtractHour from django.utils import timezone @@ -13,7 +14,24 @@ from django.views.generic import TemplateView from ..models import ObjItem, Source, Satellite, Geo, Parameter -class SecretStatsView(TemplateView): +class AdminOnlyMixin(UserPassesTestMixin): + """Mixin to restrict access to admin role only.""" + + def test_func(self): + return ( + self.request.user.is_authenticated and + hasattr(self.request.user, 'customuser') and + self.request.user.customuser.role == 'admin' + ) + + def handle_no_permission(self): + from django.contrib import messages + from django.shortcuts import redirect + messages.error(self.request, 'Доступ запрещён. Требуется роль администратора.') + return redirect('mainapp:home') + + +class SecretStatsView(LoginRequiredMixin, AdminOnlyMixin, TemplateView): """Секретная страница статистики - итоги года в стиле Spotify Wrapped.""" template_name = 'mainapp/secret_stats.html'