def render(self, context):
for_whom = self.for_whom.resolve(context)
if isinstance(for_whom, get_user_model()):
self.user = for_whom
self.group = None
elif isinstance(for_whom, AnonymousUser):
self.user = get_user_model().get_anonymous()
self.group = None
elif isinstance(for_whom, Group):
self.user = None
self.group = for_whom
elif isinstance(for_whom, Organization):
self.user = None
self.group = for_whom
else:
raise NotUserNorGroup("User or Group instance required (got %s)" %
for_whom.__class__)
obj = self.obj.resolve(context)
if not obj:
return ''
check = ObjectPermissionChecker(for_whom)
perms = check.get_perms(
obj, include_group_perms=self.include_group_permissions)
context[self.context_var] = perms
return ''
def get_identity(identity):
"""
Returns (user_obj, None) or (None, group_obj) tuple depending on what is
given. Also accepts AnonymousUser instance but would return ``User``
instead - it is convenient and needed for authorization backend to support
anonymous users.
:param identity: either ``User`` or ``Group`` instance
:raises ``NotUserNorGroup``: if cannot return proper identity instance
**Examples**::
>>> from django.contrib.auth.models import User
>>> user = User.objects.create(username='******')
>>> get_identity(user)
(<User: joe>, None)
>>> group = Group.objects.create(name='users')
>>> get_identity(group)
(None, <Group: users>)
>>> anon = AnonymousUser()
>>> get_identity(anon)
(<User: AnonymousUser>, None)
>>> get_identity("not instance")
...
NotUserNorGroup: User/AnonymousUser or Group instance is required (got )
"""
if isinstance(identity, AnonymousUser):
identity = get_anonymous_user()
# get identity from queryset model type
if isinstance(identity, QuerySet):
identity_model_type = identity.model
if identity_model_type == get_user_model():
return identity, None
elif identity_model_type == Group:
return None, identity
# get identity from first element in list
if isinstance(identity, list) and isinstance(identity[0],
get_user_model()):
return identity, None
if isinstance(identity, list) and isinstance(identity[0], Group):
return None, identity
if isinstance(identity, get_user_model()):
return identity, None
if isinstance(identity, Group):
return None, identity
raise NotUserNorGroup("User/AnonymousUser or Group instance is required "
"(got %s)" % identity)
def render(self, context):
for_whom = self.for_whom.resolve(context)
if isinstance(for_whom, get_user_model()):
self.user = for_whom
else:
raise NotUserNorGroup("User or Group instance required (got %s)" %
for_whom.__class__)
obj = self.obj.resolve(context)
perms = get_perms_by_user_backend(self.user, obj)
context[self.context_var] = perms
return ''
def render(self, context):
for_whom = self.for_whom.resolve(context)
if isinstance(for_whom, User):
self.user = for_whom
self.group = None
elif isinstance(for_whom, AnonymousUser):
self.user = User.get_anonymous()
self.group = None
elif isinstance(for_whom, Group):
self.user = None
self.group = for_whom
else:
raise NotUserNorGroup("User or Group instance required (got %s)" %
for_whom.__class__)
obj = self.obj.resolve(context)
check = ObjectPermissionChecker(for_whom)
perms = check.get_perms(obj)
context[self.context_var] = perms
return ''
def get_identity(identity):
"""
Returns (user_obj, None) or (None, group_obj) tuple depending on what is
given. Also accepts AnonymousUser instance but would return ``User``
instead - it is convenient and needed for authorization backend to support
anonymous users.
:param identity: either ``User`` or ``Group`` instance
:raises ``NotUserNorGroup``: if cannot return proper identity instance
**Examples**::
>>> user = User.objects.create(username='******')
>>> get_identity(user)
(<User: joe>, None)
>>> group = Group.objects.create(name='users')
>>> get_identity(group)
(None, <Group: users>)
>>> anon = AnonymousUser()
>>> get_identity(anon)
(<User: AnonymousUser>, None)
>>> get_identity("not instance")
...
NotUserNorGroup: User/AnonymousUser or Group instance is required (got )
"""
if isinstance(identity, AnonymousUser):
identity = get_anonymous_user()
if isinstance(identity, User):
return identity, None
elif isinstance(identity, Group):
return None, identity
raise NotUserNorGroup("User/AnonymousUser or Group instance is required "
"(got %s)" % identity)
