From 18d2604121048b6e16b13d14f0330e6c305a7aac Mon Sep 17 00:00:00 2001
From: Emanuele <ema.trabattoni@gmail.com>
Date: Thu, 27 Nov 2025 10:17:11 +0100
Subject: [PATCH] Fixed user redirect middleware

---
 cntmanage/cntmanage/settings.py      | 2 +-
 cntmanage/cntmanage/settings_prod.py | 2 +-
 cntmanage/flightslot/middleware.py   | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/cntmanage/cntmanage/settings.py b/cntmanage/cntmanage/settings.py
index f190c78..2f6c74d 100644
--- a/cntmanage/cntmanage/settings.py
+++ b/cntmanage/cntmanage/settings.py
@@ -53,7 +53,6 @@ IMPORT_EXPORT_SKIP_ADMIN_LOG = True
 IMPORT_FORMATS = [CSV]
 
 MIDDLEWARE = [
-    'flightslot.middleware.RedirectNonSuperuserFromAdminMiddleware', # custom middleware to show "user" page to non superuser
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -61,6 +60,7 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'flightslot.middleware.RedirectNonSuperuserFromAdminMiddleware', # custom middleware to show "user" page to non superuser
 ]
 
 ROOT_URLCONF = 'cntmanage.urls'
diff --git a/cntmanage/cntmanage/settings_prod.py b/cntmanage/cntmanage/settings_prod.py
index b91b28f..74b066c 100644
--- a/cntmanage/cntmanage/settings_prod.py
+++ b/cntmanage/cntmanage/settings_prod.py
@@ -57,7 +57,6 @@ IMPORT_EXPORT_SKIP_ADMIN_LOG = True
 IMPORT_FORMATS = [CSV]
 
 MIDDLEWARE = [
-    'flightslot.middleware.RedirectNonSuperuserFromAdminMiddleware', # custom middleware to show "user" page to non superuser
     'django.middleware.security.SecurityMiddleware',
     'whitenoise.middleware.WhiteNoiseMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
@@ -66,6 +65,7 @@ MIDDLEWARE = [
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'flightslot.middleware.RedirectNonSuperuserFromAdminMiddleware', # custom middleware to show "user" page to non superuser
 ]
 
 ROOT_URLCONF = 'cntmanage.urls'
diff --git a/cntmanage/flightslot/middleware.py b/cntmanage/flightslot/middleware.py
index 0489a01..e61654b 100644
--- a/cntmanage/flightslot/middleware.py
+++ b/cntmanage/flightslot/middleware.py
@@ -8,7 +8,7 @@ class RedirectNonSuperuserFromAdminMiddleware:
 
     def __call__(self, request: HttpRequest):
         # Se l'utente è loggato, non è superuser e prova ad andare in /admin/...
-        if hasattr(request, "user") and hasattr(request.user, 'student'):
+        if hasattr(request, "user") and not request.user.is_superuser:
             if "/admin/" in request.path:
                 return redirect("/user/")  # redirect automatico
         return self.get_response(request)