id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
2357	URL Patterns to have login_required or equiv to force authentication on any of the url's in that pattern	root.lastnode@…	Adrian Holovaty	"I found that protecting views from unauthorized access can become cumbersom when your building lots of protected pages.

Decorating a view with login_required to force authentication works perfectly, but is not DRY when decorating every view in an app.

In combination with generic views, there are a few problems here and there with generics that are not accepting login_required. (see ticket #1071)

If the url patterns had a way to set login_required on the entire list of expressions, one could protect an entire part of the site
with one simple statement. Mixing protected/unprotected patterns would still allow flexibility designing urlpatterns.

example:
{{{
from django.conf.urls.defaults import *

urlpatterns = patterns('myproject.myapp.views',
    (r'^$', 'index'),
)

urlpatterns += auth_patterns('', some_options?,
    (r'^list_protected/$', 'django.views.generic.list_detail.object_list', dict(mydict)),
    (r'^add_protected/$', 'django.views.generic.create_update.create_object', dict(mydict)),
    (r'^update_protected/$', 'django.views.generic.create_update.update_object', dict(mydict)),
    (r'^delete_protected/$', 'django.views.generic.create_update.delete_object', dict(mydict)),
)

}}}
"	enhancement	closed	Core (Other)		normal	wontfix			Unreviewed	0	0	0	0	0	0