Ticket #6310: contrib_auth_decorators.patch

File contrib_auth_decorators.patch, 1.7 KB (added by greencm, 16 years ago)

patch to replace implement desired behavior

  • usr/local/src/django/django/contrib/auth/decorators.py

     
    11from django.contrib.auth import REDIRECT_FIELD_NAME
    2 from django.http import HttpResponseRedirect
     2from django.http import HttpResponseRedirect, HttpResponseForbidden
    33from django.utils.http import urlquote
    44
    55def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
     
    3030    Decorator for views that checks whether a user has a particular permission
    3131    enabled, redirecting to the log-in page if necessary.
    3232    """
     33    # import pdb; pdb.set_trace()
    3334    return user_passes_test(lambda u: u.has_perm(perm), login_url=login_url)
    3435
    3536class _CheckLogin(object):
     
    5859        return _CheckLogin(view_func, self.test_func, self.login_url, self.redirect_field_name)
    5960   
    6061    def __call__(self, request, *args, **kwargs):
     62        """ Execute the test_function for the end user,
     63        otherwise, redirect them to an appropriate page """
     64       
    6165        if self.test_func(request.user):
    6266            return self.view_func(request, *args, **kwargs)
     67
    6368        path = urlquote(request.get_full_path())
     69
     70        if request.user.is_authenticated():
     71            # pushing the user back through the login_url only makes
     72            # sense if they haven't already done that.
     73            return HttpResponseForbidden("<h1>Access Forbidden: You do not have rights to %s</h1>" % path)
     74
    6475        tup = self.login_url, self.redirect_field_name, path
     76
    6577        return HttpResponseRedirect('%s?%s=%s' % tup)
Back to Top