def decorated(request, *args, **kwargs):
     objs = []
     if request.user.is_authenticated() or allow_anonymous:
         lookup_list = _model_lookups_handler(model_lookups, *args,
                                              **kwargs)
         granted = False
         for perm_type, perm in perms:
             if perm_type == "granular":
                 for model_class, lookup, value in lookup_list:
                     objs.append(
                         get_object_or_404(model_class,
                                           **{lookup: value}))
                 check = get_check(request.user, perm)
                 if check is not None:
                     granted = check(*objs)
             else:
                 if request.user.has_perm(perm):
                     granted = True
             if granted:
                 return view_func(request, *args, **kwargs)
     if redirect_to_login:
         path = urlquote(request.get_full_path())
         tup = login_url, redirect_field_name, path
         return HttpResponseRedirect('%s?%s=%s' % tup)
     return permission_denied(request)
 def render(self, context):
     try:
         user = self.resolve(self.user, context)
         perm = self.resolve(self.perm, context)
         if self.objs:
             objs = []
             for obj in self.objs:
                 if obj is not None:
                     objs.append(self.resolve(obj, context))
         else:
             objs = None
         check = get_check(user, perm)
         if check is not None:
             if check(*objs):
                 # return True if check was successful
                 return self.nodelist_true.render(context)
     # If the app couldn't be found
     except (ImproperlyConfigured, ImportError):
         return ''
     # If either variable fails to resolve, return nothing.
     except template.VariableDoesNotExist:
         return ''
     # If the types don't permit comparison, return nothing.
     except (TypeError, AttributeError):
         return ''
     return self.nodelist_false.render(context)
 def render(self, context):
     try:
         user = self.resolve(self.user, context)
         perm = self.resolve(self.perm, context)
         if self.objs:
             objs = []
             for obj in self.objs:
                 if obj is not None:
                     objs.append(self.resolve(obj, context))
         else:
             objs = None
         check = get_check(user, perm)
         if check is not None:
             if check(*objs):
                 # return True if check was successful
                 return self.nodelist_true.render(context)
     # If the app couldn't be found
     except (ImproperlyConfigured, ImportError):
         return ''
     # If either variable fails to resolve, return nothing.
     except template.VariableDoesNotExist:
         return ''
     # If the types don't permit comparison, return nothing.
     except (TypeError, AttributeError):
         return ''
     return self.nodelist_false.render(context)
Exemple #4
0
def has_perm_or_owns(user, perm, obj, perm_obj, field_name='creator'):
    """Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), return True if the user has perm on
    obj."""
    if user == getattr(obj, field_name):
        return True

    check = get_check(user, perm)
    return user.has_perm(perm) or (check and check(perm_obj))
Exemple #5
0
def has_perm_or_owns(user, perm, obj, perm_obj,
                     field_name='creator'):
    """Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), return True if the user has perm on
    obj."""
    if user == getattr(obj, field_name):
        return True

    check = get_check(user, perm)
    return user.has_perm(perm) or (check and check(perm_obj))
Exemple #6
0
def has_perm_or_owns(user, perm, obj, perm_obj, field_name='creator'):
    """Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), return True if the user has perm on
    obj."""
    if user.is_anonymous():
        return False

    if hasattr(obj, '%s_id' % field_name):
        if getattr(obj, '%s_id' % field_name) == user.pk:
            return True
    elif user == getattr(obj, field_name):
        return True

    check = get_check(user, perm)
    return user.has_perm(perm) or (check and check(perm_obj))
Exemple #7
0
def has_perm_or_owns(user, perm, obj, perm_obj,
                     field_name='creator'):
    """Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), return True if the user has perm on
    obj."""
    if user.is_anonymous():
        return False

    if hasattr(obj, '{0!s}_id'.format(field_name)):
        if getattr(obj, '{0!s}_id'.format(field_name)) == user.pk:
            return True
    elif user == getattr(obj, field_name):
        return True

    check = get_check(user, perm)
    return user.has_perm(perm) or (check and check(perm_obj))
 def render(self, context):
     objs = [self.resolve(obj, context) for obj in self.objs.split(',')]
     var_name = self.resolve(self.var_name, context)
     perm = self.resolve(self.perm, context)
     user = self.resolve(self.user, context)
     granted = False
     if not isinstance(user, AnonymousUser):
         if self.approved:
             check = get_check(user, perm)
             if check is not None:
                 granted = check(*objs)
         else:
             check = permissions.BasePermission(user=user)
             for obj in objs:
                 granted = check.requested_perm(perm, obj)
                 if granted:
                     break
     context[var_name] = granted
     return ''
 def render(self, context):
     objs = [self.resolve(obj, context) for obj in self.objs.split(',')]
     var_name = self.resolve(self.var_name, context)
     perm = self.resolve(self.perm, context)
     user = self.resolve(self.user, context)
     granted = False
     if not isinstance(user, AnonymousUser):
         if self.approved:
             check = get_check(user, perm)
             if check is not None:
                 granted = check(*objs)
         else:
             check = permissions.BasePermission(user=user)
             for obj in objs:
                 granted = check.requested_perm(perm, obj)
                 if granted:
                     break
     context[var_name] = granted
     return ''
Exemple #10
0
 def decorated(request, *args, **kwargs):
     if request.user.is_authenticated():
         params = []
         for lookup_variable in lookup_variables:
             if isinstance(lookup_variable, basestring):
                 value = kwargs.get(lookup_variable, None)
                 if value is None:
                     continue
                 params.append(value)
             elif isinstance(lookup_variable, (tuple, list)):
                 model, lookup, varname = lookup_variable
                 value = kwargs.get(varname, None)
                 if value is None:
                     continue
                 if isinstance(model, basestring):
                     model_class = get_model(*model.split("."))
                 else:
                     model_class = model
                 if model_class is None:
                     raise ValueError(
                         "The given argument '%s' is not a valid model."
                         % model)
                 if (inspect.isclass(model_class)
                         and not issubclass(model_class, Model)):
                     raise ValueError(
                         'The argument %s needs to be a model.' % model)
                 obj = get_object_or_404(model_class, **{lookup: value})
                 params.append(obj)
         check = get_check(request.user, perm)
         granted = False
         if check is not None:
             granted = check(*params)
         if granted or request.user.has_perm(perm):
             return view_func(request, *args, **kwargs)
     if redirect_to_login:
         path = urlquote(request.get_full_path())
         tup = login_url, redirect_field_name, path
         return HttpResponseRedirect('%s?%s=%s' % tup)
     return permission_denied(request)
Exemple #11
0
 def decorated(request, *args, **kwargs):
     objs = []
     if request.user.is_authenticated() or allow_anonymous:
         lookup_list = _model_lookups_handler(model_lookups, *args, **kwargs)
         granted = False
         for perm_type, perm in perms:
             if perm_type == "granular":
                 for model_class, lookup, value in lookup_list:
                     objs.append(get_object_or_404(model_class, **{lookup: value}))
                 check = get_check(request.user, perm)
                 if check is not None:
                     granted = check(*objs)
             else:
                 if request.user.has_perm(perm):
                     granted = True
             if granted:
                 return view_func(request, *args, **kwargs)
     if redirect_to_login:
         path = urlquote(request.get_full_path())
         tup = login_url, redirect_field_name, path
         return HttpResponseRedirect('%s?%s=%s' % tup)
     return permission_denied(request)
Exemple #12
0
 def decorated(request, *args, **kwargs):
     if request.user.is_authenticated():
         params = []
         for lookup_variable in lookup_variables:
             if isinstance(lookup_variable, basestring):
                 value = kwargs.get(lookup_variable, None)
                 if value is None:
                     continue
                 params.append(value)
             elif isinstance(lookup_variable, (tuple, list)):
                 model, lookup, varname = lookup_variable
                 value = kwargs.get(varname, None)
                 if value is None:
                     continue
                 if isinstance(model, basestring):
                     model_class = get_model(*model.split("."))
                 else:
                     model_class = model
                 if model_class is None:
                     raise ValueError(
                         "The given argument '%s' is not a valid model." % model)
                 if (inspect.isclass(model_class) and
                         not issubclass(model_class, Model)):
                     raise ValueError(
                         'The argument %s needs to be a model.' % model)
                 obj = get_object_or_404(model_class, **{lookup: value})
                 params.append(obj)
         check = get_check(request.user, perm)
         granted = False
         if check is not None:
             granted = check(*params)
         if granted or request.user.has_perm(perm):
             return view_func(request, *args, **kwargs)
     if redirect_to_login:
         path = urlquote(request.get_full_path())
         tup = login_url, redirect_field_name, path
         return HttpResponseRedirect('%s?%s=%s' % tup)
     return permission_denied(request)
Exemple #13
0
def has_perm(user, perm, obj):
    """Return whether a user has a permission globally or on a given object."""
    check = get_check(user, perm)  # None sometimes
    return user.has_perm(perm) or (check and check(obj))
Exemple #14
0
def has_perm(user, perm, obj):
    """Return whether a user has a permission globally or on a given object."""
    check = get_check(user, perm)  # None sometimes
    return user.has_perm(perm) or (check and check(obj))