Login

@group_required decorator

Author:
sebastien247
Posted:
July 9, 2015
Language:
Python
Version:
1.7
Tags:
decorator login auth decorators group_required @group_required
Score:
1 (after 1 ratings)

Use :

@group_required(('toto', 'titi'))

def my_view(request):

...

@group_required('toto')

def my_view(request):

...

Note that group_required() also takes an optional login_url parameter @group_required('toto', login_url='/loginpage/')

def my_view(request):

...

As in the login_required() decorator, login_url defaults to settings.LOGIN_URL.

If the raise_exception parameter is given, the decorator will raise PermissionDenied, prompting the 403 (HTTP Forbidden) view instead of redirecting to the login page.

Such as https://docs.djangoproject.com/en/1.8/topics/auth/default/#the-permission-required-decorator

Inspired by : https://github.com/django/django/blob/stable/1.8.x/django/contrib/auth/decorators.py

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
from django.utils import six
from django.core.exceptions import PermissionDenied
from django.contrib.auth.decorators import user_passes_test


def group_required(group, login_url=None, raise_exception=False):
    """
    Decorator for views that checks whether a user has a group permission,
    redirecting to the log-in page if necessary.
    If the raise_exception parameter is given the PermissionDenied exception
    is raised.
    """
    def check_perms(user):
        if isinstance(group, six.string_types):
            groups = (group, )
        else:
            groups = group
        # First check if the user has the permission (even anon users)

        if user.groups.filter(name__in=groups).exists():
            return True
        # In case the 403 handler should be called raise the exception
        if raise_exception:
            raise PermissionDenied
        # As the last resort, show the login form
        return False
    return user_passes_test(check_perms, login_url=login_url)

More like this

Comments

Please login first before commenting.