def _check_condition(self, condition: str, request, view, action: str):
"""
Evaluate a custom context condition; if method does not exist on
the access policy class, then return False.
Condition value can contain a value that is passed to method, if
formatted as `<method_name>:<arg_value>`.
"""
parts = condition.split(":", 1)
method_name = parts[0]
arg = parts[1] if len(parts) == 2 else None
if not hasattr(self, method_name):
raise AccessPolicyException(
"condition '%s' must be a method on the access policy" %
method_name)
method = getattr(self, method_name)
if arg is not None:
result = method(request, view, action, arg)
else:
result = method(request, view, action)
if type(result) is not bool:
raise AccessPolicyException(
"condition '%s' must return true/false, not %s" %
(condition, type(result)))
return result
def _get_invoked_action(self, view) -> str:
"""
If a CBV, the name of the method. If a regular function view,
the name of the function.
"""
if hasattr(view, "action"):
return view.action
elif hasattr(view, "__class__"):
return view.__class__.__name__
raise AccessPolicyException("Could not determine action of request")
def _check_condition(self, condition: str, request, view, action: str):
"""
Evaluate a custom context condition; if method does not exist on
the access policy class, then return False.
"""
if not hasattr(self, condition):
raise AccessPolicyException(
"condition '%s' must be a method on the access policy" % condition
)
method = getattr(self, condition)
result = method(request, view, action)
if type(result) is not bool:
raise AccessPolicyException(
"condition '%s' must return true/false, not %s"
% (condition, type(result))
)
return result
def _get_invoked_action(self, view) -> str:
if hasattr(view, "action"):
if view.action == 'has_permission':
return 'update'
else:
return view.action
elif hasattr(view, "__class__"):
if view.__class__.__name__ in ['SourceDetail', 'dict']:
return 'update'
else:
return view.__class__.__name__
raise AccessPolicyException("Could not determine action of request")
def _get_condition_method(self, method_name: str):
if hasattr(self, method_name):
return getattr(self, method_name)
if hasattr(settings, "DRF_ACCESS_POLICY"):
module_path = settings.DRF_ACCESS_POLICY.get("reusable_conditions")
if module_path:
module = importlib.import_module(module_path)
if hasattr(module, method_name):
return getattr(module, method_name)
raise AccessPolicyException(
"condition '%s' must be a method on the access policy or be defined in the 'reusable_conditions' module"
% method_name)
def _check_condition(self, condition: str, request, view, action: str):
"""
Evaluate a custom context condition; if method does not exist on
the access policy class, then return False.
Condition value can contain a value that is passed to method, if
formatted as `<method_name>:<arg_value>`.
"""
parts = condition.split(":", 1)
method_name = parts[0]
arg = parts[1] if len(parts) == 2 else None
method = self._get_condition_method(method_name)
if arg is not None:
result = method(request, view, action, arg)
else:
result = method(request, view, action)
if type(result) is not bool:
raise AccessPolicyException(
"condition '%s' must return true/false, not %s" %
(condition, type(result)))
res_blurb = "failed"
if result:
res_blurb = "passed"
log.debug(
'"%s" action "%s" for user "%s" %s conditions "%s"',
self.NAME,
action,
request.user,
res_blurb,
condition,
)
return result