def permissions(request):
logging.info(">> users.views.permissions")
roles = Role.all()
area = "users"
if request.method == 'POST':
for role in roles:
_list = request.POST.getlist(role.name)
_ref = Permission.get(role=role.name)
if _ref is None:
_ref = Permission(role=role.name)
_ref.actions = _list
_ref.put()
apps = {}
actions = []
for app in settings.INSTALLED_APPS:
app_actions = [x for x in Action.filter('appname =', app) if x.authorizable ]
if app_actions:
apps[app] = app_actions
actions += app_actions
permissions = {}
for role in roles:
permission = Permission.get_by_role(role=role.name)
permissions[role.name] = {}
for action in actions:
permissions[role.name].setdefault(action.name, (action.name in permission.actions and True))
c = template.RequestContext(request, locals())
_flag_as_admin(c)
return render_to_response('permissions.html', c)
def process_request(self, request):
resolver = get_resolver(None)
pattern = self._get_pattern(resolver, request.path)
if pattern is not None:
request.action_pattern = pattern
if not request.user.superuser and \
Action.get(name=pattern.name) and \
not Permission.can_access(request.user.roles, pattern.name):
if request.user.username == 'anonymous':
return util.RedirectLoginError(request, "You can not access to this page, try to login")
logging.error(" the user %s can NOT access to %s " % (request.user.username, pattern.name))
return util.RedirectError(request, " the user %s can NOT access to %s " % (request.user.username, pattern.name))
return None
