import functools
from django.conf import settings
from django.http import HttpResponseForbidden
from django.views.decorators.csrf import csrf_exempt


def internal_view(view):
    '''Decorates a view as accessible from INTERNAL_IPS only.

    As a convenience, the view is also decorated with ``csrf_exempt``.
    '''
    @functools.wraps(view)
    def wrapper_view(request, *args, **kwds):
        remote_addr = request.META.get('HTTP_X_REAL_IP',
                                       request.META.get('REMOTE_ADDR', None))
        if not (settings.DEBUG or remote_addr in settings.INTERNAL_IPS):
            return HttpResponseForbidden('Internal view')
        return view(request, *args, **kwds)
    return csrf_exempt(wrapper_view)