Ticket #29220: decorators.py

File decorators.py, 3.1 KB (added by Oscar Lopez, 4 years ago)

\django\contrib\auth\decorators.py just one file update

Line 
1from functools import wraps
2from urllib.parse import urlparse
3
4from django.conf import settings
5from django.contrib.auth import REDIRECT_FIELD_NAME
6from django.core.exceptions import PermissionDenied
7from django.shortcuts import resolve_url
8
9
10def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME, arg_position=None):
11    """
12    Decorator for views that checks that the user passes the given test,
13    redirecting to the log-in page if necessary. The test should be a callable
14    that takes the user object and returns True if the user passes.
15    arg_position: int, write on decoration position in args vars of request data
16    """
17
18    def decorator(view_func):
19        @wraps(view_func, assigned=available_attrs(view_func))
20        def _wrapped_view(request, *args, **kwargs):
21
22            if type(arg_position) is int:
23                request = args[arg_position]
24           
25            if test_func(request.user):
26                return view_func(request, *args, **kwargs)
27            path = request.build_absolute_uri()
28            resolved_login_url = resolve_url(login_url or settings.LOGIN_URL)
29            # If the login url is the same scheme and net location then just
30            # use the path as the "next" url.
31            login_scheme, login_netloc = urlparse(resolved_login_url)[:2]
32            current_scheme, current_netloc = urlparse(path)[:2]
33            if ((not login_scheme or login_scheme == current_scheme) and
34                    (not login_netloc or login_netloc == current_netloc)):
35                path = request.get_full_path()
36            from django.contrib.auth.views import redirect_to_login
37            return redirect_to_login(
38                path, resolved_login_url, redirect_field_name)
39        return _wrapped_view
40    return decorator
41
42
43def login_required(function=None, redirect_field_name=REDIRECT_FIELD_NAME, login_url=None):
44    """
45    Decorator for views that checks that the user is logged in, redirecting
46    to the log-in page if necessary.
47    """
48    actual_decorator = user_passes_test(
49        lambda u: u.is_authenticated,
50        login_url=login_url,
51        redirect_field_name=redirect_field_name
52    )
53    if function:
54        return actual_decorator(function)
55    return actual_decorator
56
57
58def permission_required(perm, login_url=None, raise_exception=False):
59    """
60    Decorator for views that checks whether a user has a particular permission
61    enabled, redirecting to the log-in page if necessary.
62    If the raise_exception parameter is given the PermissionDenied exception
63    is raised.
64    """
65    def check_perms(user):
66        if isinstance(perm, str):
67            perms = (perm,)
68        else:
69            perms = perm
70        # First check if the user has the permission (even anon users)
71        if user.has_perms(perms):
72            return True
73        # In case the 403 handler should be called raise the exception
74        if raise_exception:
75            raise PermissionDenied
76        # As the last resort, show the login form
77        return False
78    return user_passes_test(check_perms, login_url=login_url)
Back to Top