Quantcast
Channel: Alf’s blog about geek stuffs
Viewing all articles
Browse latest Browse all 10

Permission required decorator for django

0
0

Very long time since last post. The new thing in my geek life is I’ve switched to Django.

My last issue today was to display an error message instead of redirecting to login page when the use doesn’t have permission. Here is a decorator which replace the permission_required of django. Feel free to rename it to avoid confusion ;-)

from django.shortcuts import render_to_response
from django.template.context import RequestContext
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.utils.http import urlquote
from django.http import HttpResponseRedirect
from django.contrib.auth.models import Permission

class permission_required(object):
    """
    decorator which redirects to login page if user is anonymous
    and display a permission denied template if user is logged in
    doesn't have permission
    """
    def __init__(self,
                 perm,
                 login_url=None,
                 redirect_field_name=REDIRECT_FIELD_NAME,
                 template='permission_denied.html'):

        if not login_url:
            from django.conf import settings
            login_url = settings.LOGIN_URL

        self.perm = perm
        self.login_url = login_url
        self.redirect_field_name = redirect_field_name
        self.template = template

    def __call__(self, func):
        def wrap(request, *args, **kwargs):
            if request.user.is_anonymous():
                path = urlquote(request.get_full_path())
                tup = self.login_url, self.redirect_field_name, path
                return HttpResponseRedirect('%s?%s=%s' % tup)

            if request.user.has_perm(self.perm):
                return func(request, *args, **kwargs)

            (app_label, codename) = self.perm.split('.', 1)
            perm_name = Permission.objects.get(codename=codename,
                                               content_type__app_label=app_label)

            return render_to_response(self.template,
                                      {'perm': perm_name},
                                      context_instance=RequestContext(request))
        return wrap

My template permission_denied.html contains :

{% extends "base.html" %}
{% load i18n %}
{% block body %}
<h2>{% trans "Permission denied" %}</h2>
<p>{% blocktrans with perm as perm %}You need to have the permission "{{ perm }}"
 to see this page{% endblocktrans %}</p>
{% endblock %}

Viewing all articles
Browse latest Browse all 10

Latest Images

Trending Articles





Latest Images