def render(self, context): try: user = self.resolve(self.user, context) perm = self.resolve(self.perm, context) if self.objs: objs = [] for obj in self.objs: if obj is not None: objs.append(self.resolve(obj, context)) else: objs = None check = get_check(user, perm) if check is not None: if check(*objs): # return True if check was successful return self.nodelist_true.render(context) # If the app couldn't be found except (ImproperlyConfigured, ImportError): return '' # If either variable fails to resolve, return nothing. except template.VariableDoesNotExist: return '' # If the types don't permit comparison, return nothing. except (TypeError, AttributeError): return '' return self.nodelist_false.render(context)
def render(self, context): objs = [self.resolve(obj, context) for obj in self.objs.split(',')] var_name = self.resolve(self.var_name, context) perm = self.resolve(self.perm, context) user = self.resolve(self.user, context) granted = False if not isinstance(user, AnonymousUser): if self.approved: check = get_check(user, perm) if check is not None: granted = check(*objs) else: check = permissions.BasePermission(user=user) for obj in objs: granted = check.requested_perm(perm, obj) if granted: break context[var_name] = granted return ''
def decorated(request, *args, **kwargs): if request.user.is_authenticated: params = [] for lookup_variable in lookup_variables: if isinstance(lookup_variable, string_types): value = kwargs.get(lookup_variable, None) if value is None: continue params.append(value) elif isinstance(lookup_variable, (tuple, list)): model, lookup, varname = lookup_variable value = kwargs.get(varname, None) if value is None: continue if isinstance(model, string_types): model_class = apps.get_model(*model.split(".")) else: model_class = model if model_class is None: raise ValueError( "The given argument '%s' is not a valid model." % model) if inspect.isclass(model_class) and not issubclass( model_class, Model): raise ValueError( "The argument %s needs to be a model." % model) obj = get_object_or_404(model_class, **{lookup: value}) params.append(obj) check = get_check(request.user, perm) granted = False if check is not None: granted = check(*params) if granted or request.user.has_perm(perm): return view_func(request, *args, **kwargs) if redirect_to_login: path = urlquote(request.get_full_path()) tup = login_url, redirect_field_name, path return HttpResponseRedirect("%s?%s=%s" % tup) return permission_denied(request)
def decorated(request, *args, **kwargs): if request.user.is_authenticated(): params = [] for lookup_variable in lookup_variables: if isinstance(lookup_variable, string_types): value = kwargs.get(lookup_variable, None) if value is None: continue params.append(value) elif isinstance(lookup_variable, (tuple, list)): model, lookup, varname = lookup_variable value = kwargs.get(varname, None) if value is None: continue if isinstance(model, string_types): model_class = apps.get_model(*model.split(".")) else: model_class = model if model_class is None: raise ValueError( "The given argument '%s' is not a valid model." % model) if (inspect.isclass(model_class) and not issubclass(model_class, Model)): raise ValueError( 'The argument %s needs to be a model.' % model) obj = get_object_or_404(model_class, **{lookup: value}) params.append(obj) check = get_check(request.user, perm) granted = False if check is not None: granted = check(*params) if granted or request.user.has_perm(perm): return view_func(request, *args, **kwargs) if redirect_to_login: path = urlquote(request.get_full_path()) tup = login_url, redirect_field_name, path return HttpResponseRedirect('%s?%s=%s' % tup) return permission_denied(request)