Add dashboard views is_staff checks

jet/dashboard/forms.py

@@ -17,7 +17,7 @@ def __init__(self, request, *args, **kwargs):
     def clean(self):
         data = super(UpdateDashboardModulesForm, self).clean()
 
-        if not self.request.user.is_authenticated():
+        if not self.request.user.is_authenticated() or not self.request.user.is_staff:
             raise ValidationError('error')
 
         try:
@@ -68,7 +68,7 @@ def clean_app_label(self):
     def clean(self):
         data = super(AddUserDashboardModuleForm, self).clean()
 
-        if not self.request.user.is_authenticated():
+        if not self.request.user.is_authenticated() or not self.request.user.is_staff:
             raise ValidationError('error')
 
         if 'app_label' in data:
@@ -110,7 +110,10 @@ class Meta:
     def clean(self):
         data = super(UpdateDashboardModuleCollapseForm, self).clean()
 
-        if not self.request.user.is_authenticated() or self.instance.user != self.request.user.pk:
+        if not self.request.user.is_authenticated() or not self.request.user.is_staff:
+            raise ValidationError('error')
+
+        if self.instance.user != self.request.user.pk:
             raise ValidationError('error')
 
         return data
@@ -153,7 +156,7 @@ def clean(self):
         data = super(ResetDashboardForm, self).clean()
         data['app_label'] = data['app_label'] if data['app_label'] else None
 
-        if not self.request.user.is_authenticated():
+        if not self.request.user.is_authenticated() or not self.request.user.is_staff:
             raise ValidationError('error')
 
         return data