def wrapper(request, addon, *args, **kw): # If there is a 'token' in request.GET we either return 200 or 403. # Otherwise we treat it like a normal django view and redirect to a # login page or check for Apps:Review permissions. allowed = False token = request.GET.get('token') if token and Token.pop(token, data={'app_id': addon.id}): log.info('Token for app:%s was successfully used' % addon.id) allowed = True elif not token and not request.user.is_authenticated(): return redirect_for_login(request) elif acl.action_allowed(request, 'Apps', 'Review'): allowed = True if allowed: if token: log.info('Token provided for app:%s and all was happy' % addon.id) else: log.info('Apps:Review (no token) all happy for app:%s' % addon.id) return f(request, addon, *args, **kw) else: if token: log.info('Token provided for app:%s but was not valid' % addon.id) else: log.info('Apps:Review permissions not met for app:%s' % addon.id) raise PermissionDenied
def wrapper(request, *args, **kw): if request.user.is_authenticated(): return func(request, *args, **kw) else: if redirect: return redirect_for_login(request) else: return http.HttpResponse(status=401)