def check_hijack_decorator_importable(app_configs, **kwargs):
errors = []
decorator = hijack_settings.HIJACK_DECORATOR
try:
if decorator != 'django.contrib.admin.views.decorators.staff_member_required':
import_string(decorator)
except ImportError:
errors.append(
Error(
'Setting HIJACK_DECORATOR cannot be imported',
hint=None,
obj=decorator,
id='hijack.E003',
))
return errors
def check_custom_authorization_check_importable(app_configs, **kwargs):
errors = []
authorization_check = hijack_settings.HIJACK_AUTHORIZATION_CHECK
try:
if authorization_check != staff_member_required:
import_string(authorization_check)
except ImportError:
errors.append(
Error(
'Setting HIJACK_AUTHORIZATION_CHECK cannot be imported',
hint=None,
obj=authorization_check,
id='hijack.E002',
))
return errors
def is_authorized(hijack, hijacked):
'''
Evaluates the authorization check specified in settings
'''
authorization_check = import_string(
hijack_settings.HIJACK_AUTHORIZATION_CHECK)
return authorization_check(hijack, hijacked)
def check_hijack_decorator_importable(app_configs, **kwargs):
errors = []
decorator = hijack_settings.HIJACK_DECORATOR
try:
if decorator != 'django.contrib.admin.views.decorators.staff_member_required':
import_string(decorator)
except ImportError:
errors.append(
Error(
'Setting HIJACK_DECORATOR cannot be imported',
hint=None,
obj=decorator,
id='hijack.E003',
)
)
return errors
def check_custom_authorization_check_importable(app_configs, **kwargs):
errors = []
authorization_check = hijack_settings.HIJACK_AUTHORIZATION_CHECK
try:
if authorization_check != staff_member_required:
import_string(authorization_check)
except ImportError:
errors.append(
Error(
'Setting HIJACK_AUTHORIZATION_CHECK cannot be imported',
hint=None,
obj=authorization_check,
id='hijack.E002',
)
)
return errors
def test_custom_authorization_check(self):
for custom_check_path in [
'hijack.tests.test_app.authorization_checks.can_hijack_default',
'hijack.tests.test_app.authorization_checks.everybody_can_hijack',
'hijack.tests.test_app.authorization_checks.nobody_can_hijack',
]:
with SettingsOverride(hijack_settings, HIJACK_AUTHORIZATION_CHECK=custom_check_path):
custom_check = import_string(custom_check_path)
for hijacker, hijacked in [
(self.superuser, self.superuser),
(self.superuser, self.staff_user),
(self.superuser, self.user),
(self.staff_user, self.superuser),
(self.staff_user, self.staff_user),
(self.staff_user, self.user),
(self.user, self.superuser),
(self.user, self.staff_user),
(self.user, self.user),
]:
self.assertEqual(custom_check(hijacker, hijacked), is_authorized(hijacker, hijacked))
def test_custom_authorization_check(self):
for custom_check_path in [
'hijack.tests.test_app.authorization_checks.can_hijack_default',
'hijack.tests.test_app.authorization_checks.everybody_can_hijack',
'hijack.tests.test_app.authorization_checks.nobody_can_hijack',
]:
with SettingsOverride(
hijack_settings,
HIJACK_AUTHORIZATION_CHECK=custom_check_path):
custom_check = import_string(custom_check_path)
for hijacker, hijacked in [
(self.superuser, self.superuser),
(self.superuser, self.staff_user),
(self.superuser, self.user),
(self.staff_user, self.superuser),
(self.staff_user, self.staff_user),
(self.staff_user, self.user),
(self.user, self.superuser),
(self.user, self.staff_user),
(self.user, self.user),
]:
self.assertEqual(custom_check(hijacker, hijacked),
is_authorized(hijacker, hijacked))
def can_hijack(hijacker, hijacked):
check_authorization = import_string(
hijack_settings.HIJACK_AUTHORIZATION_CHECK)
return check_authorization(hijacker, hijacked)
def is_authorized(hijack, hijacked):
'''
Evaluates the authorization check specified in settings
'''
authorization_check = import_string(hijack_settings.HIJACK_AUTHORIZATION_CHECK)
return authorization_check(hijack, hijacked)
def can_hijack(hijacker, hijacked):
check_authorization = import_string(hijack_settings.HIJACK_AUTHORIZATION_CHECK)
return check_authorization(hijacker, hijacked)
def get_can_hijack_function():
func_dotted_path = getattr(settings, 'CUSTOM_HIJACK_HANDLER', None)
can_hijack_func = import_string(func_dotted_path) if func_dotted_path else can_hijack
return can_hijack_func
def hijack_decorator(fn):
decorator = import_string(hijack_settings.HIJACK_DECORATOR)
return decorator(fn)
def get_can_hijack_function():
func_dotted_path = getattr(settings, 'CUSTOM_HIJACK_HANDLER', None)
can_hijack_func = import_string(
func_dotted_path) if func_dotted_path else can_hijack
return can_hijack_func
def hijack_decorator(fn):
"""
Apply customizable decorator to sensitive methods. Default: staff_member_required
"""
decorator = import_string(hijack_settings.HIJACK_DECORATOR)
return decorator(fn)
