From adb982114a9798054bdab1511158640e207dd140 Mon Sep 17 00:00:00 2001
From: Col Crunch <rhartnett35@gmail.com>
Date: Wed, 1 Aug 2018 22:38:54 -0400
Subject: [PATCH] Actually use srp.add_srpfleetmain permission

Also adds a new @permissions_required decorator.
---
 allianceauth/authentication/decorators.py     | 31 +++++++++++++++++++
 .../srp/templates/srp/management.html         |  2 ++
 allianceauth/srp/views.py                     |  2 +-
 3 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/allianceauth/authentication/decorators.py b/allianceauth/authentication/decorators.py
index 60f938f0..88742fd7 100644
--- a/allianceauth/authentication/decorators.py
+++ b/allianceauth/authentication/decorators.py
@@ -1,4 +1,6 @@
 from django.conf.urls import include
+from django.contrib.auth.decorators import user_passes_test
+from django.core.exceptions import PermissionDenied
 from functools import wraps
 from django.shortcuts import redirect
 from django.contrib import messages
@@ -35,3 +37,32 @@ def main_character_required(view_func):
         messages.error(request, _('A main character is required to perform that action. Add one below.'))
         return redirect('authentication:dashboard')
     return login_required(_wrapped_view)
+
+
+def permissions_required(perm, login_url=None, raise_exception=False):
+    """
+    Decorator for views that checks whether a user has a particular permission
+    enabled, redirecting to the log-in page if necessary.
+    If the raise_exception parameter is given the PermissionDenied exception
+    is raised.
+
+    This decorator is identical to the django permission_required except it
+    allows for passing a tuple/list of perms that will return true if any one
+    of them is present.
+    """
+    def check_perms(user):
+        if isinstance(perm, str):
+            perms = (perm,)
+        else:
+            perms = perm
+        # First check if the user has the permission (even anon users)
+        for perm_ in perms:
+            perm_ = (perm_,)
+            if user.has_perms(perm_):
+                return True
+        # In case the 403 handler should be called raise the exception
+        if raise_exception:
+            raise PermissionDenied
+        # As the last resort, show the login form
+        return False
+    return user_passes_test(check_perms, login_url=login_url)
diff --git a/allianceauth/srp/templates/srp/management.html b/allianceauth/srp/templates/srp/management.html
index 8a402c4b..863e97ac 100644
--- a/allianceauth/srp/templates/srp/management.html
+++ b/allianceauth/srp/templates/srp/management.html
@@ -17,6 +17,8 @@
                         <a href="{% url 'srp:all' %}" class="btn btn-primary">
                             {% trans "View All" %}
                         </a>
+                    {% endif %}
+                    {% if perms.srp.add_srpfleetmain or perms.auth.srp_management %}
                         <a href="{% url 'srp:add' %}" class="btn btn-success">
                             {% trans "Add SRP Fleet" %}
                         </a>
diff --git a/allianceauth/srp/views.py b/allianceauth/srp/views.py
index 6f400318..f1a704f6 100755
--- a/allianceauth/srp/views.py
+++ b/allianceauth/srp/views.py
@@ -59,7 +59,7 @@ def srp_fleet_view(request, fleet_id):
 
 
 @login_required
-@permission_required('auth.srp_management')
+@permissions_required(('auth.srp_management', 'srp.add_srpfleetmain'))
 def srp_fleet_add_view(request):
     logger.debug("srp_fleet_add_view called by user %s" % request.user)
     completed = False