59 lines
2.1 KiB
Python
59 lines
2.1 KiB
Python
from django.utils.functional import lazy, memoize, SimpleLazyObject
|
|
|
|
# PermWrapper and PermLookupDict proxy the permissions system into objects that
|
|
# the template system can understand.
|
|
|
|
class PermLookupDict(object):
|
|
def __init__(self, user, module_name):
|
|
self.user, self.module_name = user, module_name
|
|
|
|
def __repr__(self):
|
|
return str(self.user.get_all_permissions())
|
|
|
|
def __getitem__(self, perm_name):
|
|
return self.user.has_perm("%s.%s" % (self.module_name, perm_name))
|
|
|
|
def __nonzero__(self):
|
|
return self.user.has_module_perms(self.module_name)
|
|
|
|
|
|
class PermWrapper(object):
|
|
def __init__(self, user):
|
|
self.user = user
|
|
|
|
def __getitem__(self, module_name):
|
|
return PermLookupDict(self.user, module_name)
|
|
|
|
def __iter__(self):
|
|
# I am large, I contain multitudes.
|
|
raise TypeError("PermWrapper is not iterable.")
|
|
|
|
def auth(request):
|
|
"""
|
|
Returns context variables required by apps that use Django's authentication
|
|
system.
|
|
|
|
If there is no 'user' attribute in the request, uses AnonymousUser (from
|
|
django.contrib.auth).
|
|
"""
|
|
# If we access request.user, request.session is accessed, which results in
|
|
# 'Vary: Cookie' being sent in every request that uses this context
|
|
# processor, which can easily be every request on a site if
|
|
# TEMPLATE_CONTEXT_PROCESSORS has this context processor added. This kills
|
|
# the ability to cache. So, we carefully ensure these attributes are lazy.
|
|
# We don't use django.utils.functional.lazy() for User, because that
|
|
# requires knowing the class of the object we want to proxy, which could
|
|
# break with custom auth backends. LazyObject is a less complete but more
|
|
# flexible solution that is a good enough wrapper for 'User'.
|
|
def get_user():
|
|
if hasattr(request, 'user'):
|
|
return request.user
|
|
else:
|
|
from django.contrib.auth.models import AnonymousUser
|
|
return AnonymousUser()
|
|
|
|
return {
|
|
'user': SimpleLazyObject(get_user),
|
|
'perms': lazy(lambda: PermWrapper(get_user()), PermWrapper)(),
|
|
}
|