def has_perm(self, user_obj, perm, obj=None):
"""
This method checks if the user_obj has perm on obj. Returns True or False
Looks for the rule with the code_name = perm and the content_type of the obj
If it exists returns the value of obj.field_name or obj.field_name() in case
the field is a method.
"""
if user_obj and not user_obj.is_anonymous() and not user_obj.is_active:
# inactive users never have permissions
return False
if obj is None:
return False
# We get the rule data from our registry
rule = registry.get(perm, obj.__class__)
if rule == None:
return False
bound_field = None
try:
bound_field = getattr(obj, rule.field_name)
except AttributeError:
raise NonexistentFieldName(
"Field_name %s from rule %s does not longer exist in model %s. \
The rule is obsolete!", (rule.field_name,
rule.codename,
rule.model))
if not callable(bound_field):
raise NotBooleanPermission(
"Attribute %s from model %s on rule %s is not callable",
(rule.field_name, rule.model, rule.codename))
# Otherwise it is a callabe bound_field
# Let's see if we pass or not user_obj as a parameter
if (len(inspect.getargspec(bound_field)[0]) == 2):
is_authorized = bound_field(user_obj)
else:
is_authorized = bound_field()
if not isinstance(is_authorized, bool):
raise NotBooleanPermission(
"Callable %s from model %s on rule %s does not return a \
boolean value", (rule.field_name, rule.model, rule.codename))
return is_authorized
def has_perm(self, user_obj, perm, obj=None):
"""
This method checks if the user_obj has perm on obj. Returns True or False
Looks for the rule with the code_name = perm and the content_type of the obj
If it exists returns the value of obj.field_name or obj.field_name() in case
the field is a method.
"""
if user_obj and not user_obj.is_anonymous() and not user_obj.is_active:
# inactive users never have permissions
return False
if obj is None:
return False
# We get the rule data from our registry
rule = registry.get(perm, obj.__class__)
if rule == None:
return False
bound_field = None
try:
bound_field = getattr(obj, rule.field_name)
except AttributeError:
raise NonexistentFieldName(
"Field_name %s from rule %s does not longer exist in model %s. \
The rule is obsolete!", (rule.field_name,
rule.codename,
rule.model))
if not callable(bound_field):
raise NotBooleanPermission(
"Attribute %s from model %s on rule %s is not callable",
(rule.field_name, rule.model, rule.codename))
# Otherwise it is a callabe bound_field
# Let's see if we pass or not user_obj as a parameter
if (len(inspect.getargspec(bound_field)[0]) == 2):
is_authorized = bound_field(user_obj)
else:
is_authorized = bound_field()
if not isinstance(is_authorized, bool):
raise NotBooleanPermission(
"Callable %s from model %s on rule %s does not return a \
boolean value", (rule.field_name, rule.model, rule.codename))
return is_authorized
def test_rule_is_registered(self):
registry.register('mock_permission', MockModel)
# if it's been registered properly we should be able to get() something
res = registry.get('mock_permission', MockModel)
self.assertNotEqual(res, None)
self.assertNotEqual(res, {})
def test_rule_is_registered(self):
registry.register('mock_permission', MockModel)
# if it's been registered properly we should be able to get() something
res = registry.get('mock_permission', MockModel)
self.assertNotEqual(res, None)
self.assertNotEqual(res, {})
def get(codename, model):
return registry.get(model, {}).get(codename, None)
