2011-03-28 09:40:43 +08:00
|
|
|
from functools import wraps
|
2017-01-07 19:11:46 +08:00
|
|
|
from urllib.parse import urlparse
|
2015-01-28 20:35:27 +08:00
|
|
|
|
2010-11-28 06:43:33 +08:00
|
|
|
from django.conf import settings
|
2007-04-25 16:49:57 +08:00
|
|
|
from django.contrib.auth import REDIRECT_FIELD_NAME
|
2011-08-12 22:15:41 +08:00
|
|
|
from django.core.exceptions import PermissionDenied
|
2015-01-28 20:35:27 +08:00
|
|
|
from django.shortcuts import resolve_url
|
2010-02-09 23:02:39 +08:00
|
|
|
|
2005-11-26 15:20:07 +08:00
|
|
|
|
2007-09-15 03:25:37 +08:00
|
|
|
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2005-10-22 08:04:55 +08:00
|
|
|
Decorator for views that checks that the user passes the given test,
|
|
|
|
redirecting to the log-in page if necessary. The test should be a callable
|
|
|
|
that takes the user object and returns True if the user passes.
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2009-09-22 06:34:45 +08:00
|
|
|
|
|
|
|
def decorator(view_func):
|
2017-01-22 02:20:17 +08:00
|
|
|
@wraps(view_func)
|
2009-09-22 06:34:45 +08:00
|
|
|
def _wrapped_view(request, *args, **kwargs):
|
|
|
|
if test_func(request.user):
|
|
|
|
return view_func(request, *args, **kwargs)
|
2010-11-28 06:43:33 +08:00
|
|
|
path = request.build_absolute_uri()
|
2015-01-10 05:18:34 +08:00
|
|
|
resolved_login_url = resolve_url(login_url or settings.LOGIN_URL)
|
2010-11-28 06:43:33 +08:00
|
|
|
# If the login url is the same scheme and net location then just
|
|
|
|
# use the path as the "next" url.
|
2012-09-09 06:55:29 +08:00
|
|
|
login_scheme, login_netloc = urlparse(resolved_login_url)[:2]
|
2012-07-20 21:36:52 +08:00
|
|
|
current_scheme, current_netloc = urlparse(path)[:2]
|
2010-11-28 06:43:33 +08:00
|
|
|
if ((not login_scheme or login_scheme == current_scheme) and
|
2013-11-26 17:43:46 +08:00
|
|
|
(not login_netloc or login_netloc == current_netloc)):
|
2010-11-28 06:43:33 +08:00
|
|
|
path = request.get_full_path()
|
|
|
|
from django.contrib.auth.views import redirect_to_login
|
2012-09-10 01:37:16 +08:00
|
|
|
return redirect_to_login(
|
|
|
|
path, resolved_login_url, redirect_field_name)
|
2010-11-28 06:43:33 +08:00
|
|
|
return _wrapped_view
|
2010-02-09 23:02:39 +08:00
|
|
|
return decorator
|
|
|
|
|
2005-10-22 08:04:55 +08:00
|
|
|
|
2010-09-11 03:38:57 +08:00
|
|
|
def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None):
|
2005-10-22 08:04:55 +08:00
|
|
|
"""
|
|
|
|
Decorator for views that checks that the user is logged in, redirecting
|
|
|
|
to the log-in page if necessary.
|
|
|
|
"""
|
2007-09-15 03:25:37 +08:00
|
|
|
actual_decorator = user_passes_test(
|
2016-04-02 19:18:26 +08:00
|
|
|
lambda u: u.is_authenticated,
|
2010-09-11 03:38:57 +08:00
|
|
|
login_url=login_url,
|
2007-09-15 03:25:37 +08:00
|
|
|
redirect_field_name=redirect_field_name
|
2005-10-24 06:42:44 +08:00
|
|
|
)
|
2007-09-15 03:25:37 +08:00
|
|
|
if function:
|
|
|
|
return actual_decorator(function)
|
|
|
|
return actual_decorator
|
2006-09-22 09:44:28 +08:00
|
|
|
|
2010-02-09 23:02:39 +08:00
|
|
|
|
2011-08-12 22:15:41 +08:00
|
|
|
def permission_required(perm, login_url=None, raise_exception=False):
|
2006-09-22 09:44:28 +08:00
|
|
|
"""
|
2006-09-26 01:33:17 +08:00
|
|
|
Decorator for views that checks whether a user has a particular permission
|
2014-03-02 22:25:53 +08:00
|
|
|
enabled, redirecting to the log-in page if necessary.
|
2011-08-12 22:15:41 +08:00
|
|
|
If the raise_exception parameter is given the PermissionDenied exception
|
|
|
|
is raised.
|
2006-09-22 09:44:28 +08:00
|
|
|
"""
|
2011-08-12 22:15:41 +08:00
|
|
|
def check_perms(user):
|
2016-12-29 23:27:49 +08:00
|
|
|
if isinstance(perm, str):
|
2013-08-08 00:03:31 +08:00
|
|
|
perms = (perm, )
|
|
|
|
else:
|
|
|
|
perms = perm
|
2011-08-12 22:15:41 +08:00
|
|
|
# First check if the user has the permission (even anon users)
|
2013-08-08 00:03:31 +08:00
|
|
|
if user.has_perms(perms):
|
2011-08-12 22:15:41 +08:00
|
|
|
return True
|
|
|
|
# In case the 403 handler should be called raise the exception
|
|
|
|
if raise_exception:
|
|
|
|
raise PermissionDenied
|
|
|
|
# As the last resort, show the login form
|
|
|
|
return False
|
|
|
|
return user_passes_test(check_perms, login_url=login_url)
|