def ensure(user, action, subject): """ Similar to ``can`` but will raise a AccessDenied Exception if does not have access""" ability = Ability(user, get_authorization_method()) if ability.cannot(action, subject): raise AccessDenied()
def cannot(user, action, subject): """inverse of ``can``""" ability = Ability(user, get_authorization_method()) return ability.cannot(action, subject)