Commits

Jaiditya committed ea19b98

Admin menu lock for non-admin users

Comments (0)

Files changed (2)

MoinMoin/apps/admin/_tests/test_admin.py

                 assert item in rv.data
 
     def test_index(self):
-        self._test_view_get(url_for('admin.index'))
+        self._test_view_get(url_for('admin.index'), status='403 FORBIDDEN')
 
     def test_userprofile(self):
         self._test_view_get(url_for('admin.userprofile', user_name='DoesntExist'), status='403 FORBIDDEN')

MoinMoin/apps/admin/views.py

 from MoinMoin.security import require_permission
 
 @admin.route('/superuser')
+@require_permission(SUPERUSER)
 def index():
     return render_template('admin/index.html', title_name=_(u"Admin"))