Ticket #4617: django-auth-decorators.diff

File django-auth-decorators.diff, 1.2 KB (added by ctrochalakis, 8 years ago)

django-auth-decorators-fix

  • django/contrib/auth/decorators.py

    diff --git a/django/contrib/auth/decorators.py b/django/contrib/auth/decorators.py
    index f3f7f53..d1d69cd 100644
    a b  
    11from django.contrib.auth import REDIRECT_FIELD_NAME
    2 from django.http import HttpResponseRedirect
     2from django.http import HttpResponseRedirect, HttpResponseForbidden
    33from django.utils.http import urlquote
    44
    55def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
    class _CheckLogin(object): 
    6060    def __call__(self, request, *args, **kwargs):
    6161        if self.test_func(request.user):
    6262            return self.view_func(request, *args, **kwargs)
    63         path = urlquote(request.get_full_path())
    64         tup = self.login_url, self.redirect_field_name, path
    65         return HttpResponseRedirect('%s?%s=%s' % tup)
     63        elif not request.user.is_authenticated():
     64            path = urlquote(request.get_full_path())
     65            tup = self.login_url, self.redirect_field_name, path
     66            return HttpResponseRedirect('%s?%s=%s' % tup)
     67        else:
     68            return HttpResponseForbidden('<h1>Permission denied</h1>')
     69
Back to Top