context_processor: Cache whether user is admin (Closes: #781)

2026-03-11 09:04:54 +00:00 · 2017-04-09 23:52:49 +05:30 · 2017-04-09 23:52:49 +05:30 · 6a53dd015e
commit 6a53dd015e
parent 0adfae26d8
5 changed files with 15 additions and 7 deletions
--- a/plinth/context_processors.py
+++ b/plinth/context_processors.py
@ -43,5 +43,5 @@ def common(request):
        'submenu': cfg.main_menu.active_item(request),
        'active_menu_urls': active_menu_urls,
        'box_name': _(cfg.box_name),
-        'user_is_admin': is_user_admin(request.user)
+        'user_is_admin': is_user_admin(request, True)
    }
--- a/plinth/middleware.py
+++ b/plinth/middleware.py
@ -102,5 +102,5 @@ class AdminRequiredMiddleware(object):
           hasattr(view_func, 'IS_NON_ADMIN'):
            return

-        if not is_user_admin(request.user):
+        if not is_user_admin(request):
            raise PermissionDenied
--- a/plinth/modules/users/forms.py
+++ b/plinth/modules/users/forms.py
@ -171,7 +171,7 @@ class UserUpdateForm(ValidNewUsernameCheckMixin, forms.ModelForm):

        super(UserUpdateForm, self).__init__(*args, **kwargs)

-        if not is_user_admin(request.user):
+        if not is_user_admin(request):
            self.fields['is_active'].widget = forms.HiddenInput()
            self.fields['groups'].disabled = True

--- a/plinth/modules/users/views.py
+++ b/plinth/modules/users/views.py
@ -85,7 +85,7 @@ class UserUpdate(ContextMixin, SuccessMessageMixin, UpdateView):
    def dispatch(self, request, *args, **kwargs):
        """Handle a request and return a HTTP response."""
        if self.request.user.get_username() != self.kwargs['slug'] \
-           and not is_user_admin(self.request.user):
+           and not is_user_admin(self.request):
            raise PermissionDenied

        return super().dispatch(request, *args, **kwargs)
@ -156,7 +156,7 @@ class UserChangePassword(ContextMixin, SuccessMessageMixin, FormView):
    def dispatch(self, request, *args, **kwargs):
        """Handle a request and return a HTTP response."""
        if self.request.user.get_username() != self.kwargs['slug'] \
-           and not is_user_admin(self.request.user):
+           and not is_user_admin(self.request):
            raise PermissionDenied

        return super().dispatch(request, *args, **kwargs)
--- a/plinth/utils.py
+++ b/plinth/utils.py
@ -52,6 +52,14 @@ def non_admin_view(func):
    return func


-def is_user_admin(user):
+def is_user_admin(request, cached=False):
    """Return whether user is an administrator."""
-    return user.groups.filter(name='admin').exists()
+    if not request.user.is_authenticated():
+        return False
+
+    if 'cache_user_is_admin' in request.session and cached:
+        return request.session['cache_user_is_admin']
+
+    user_is_admin = request.user.groups.filter(name='admin').exists()
+    request.session['cache_user_is_admin'] = user_is_admin
+    return user_is_admin