Basic architecture of Maintenance App - SUST-19, SUST-42. Implement Force Publish Course view. SUST-46

common/djangoapps/util/views.py

@@ -4,12 +4,13 @@ import sys
 from functools import wraps
 
 from django.conf import settings
+from django.contrib.auth.decorators import login_required
 from django.core.cache import caches
 from django.core.validators import ValidationError, validate_email
 from django.views.decorators.csrf import requires_csrf_token
 from django.views.defaults import server_error
 from django.http import (Http404, HttpResponse, HttpResponseNotAllowed,
-                         HttpResponseServerError)
+                         HttpResponseServerError, HttpResponseForbidden)
 import dogstats_wrapper as dog_stats_api
 from edxmako.shortcuts import render_to_response
 import zendesk
@@ -21,6 +22,8 @@ import track.views
 from opaque_keys import InvalidKeyError
 from opaque_keys.edx.keys import CourseKey
 
+from student.roles import GlobalStaff
+
 log = logging.getLogger(__name__)
 
 
@@ -44,6 +47,21 @@ def ensure_valid_course_key(view_func):
     return inner
 
 
+def require_global_staff(func):
+    """View decorator that requires that the user have global staff permissions. """
+    @wraps(func)
+    def wrapped(request, *args, **kwargs):  # pylint: disable=missing-docstring
+        if GlobalStaff().has_user(request.user):
+            return func(request, *args, **kwargs)
+        else:
+            return HttpResponseForbidden(
+                u"Must be {platform_name} staff to perform this action.".format(
+                    platform_name=settings.PLATFORM_NAME
+                )
+            )
+    return login_required(wrapped)
+
+
 @requires_csrf_token
 def jsonable_server_error(request, template_name='500.html'):
     """