def inner(request): """ Pulls the request object off the decorated function """ if not request.is_ajax(): suspicious_log.info("Request check made on non-ajax call") raise Http404 if not request.session.get('user_id', None): # if there is no user id in the session # something weird is going on suspicious_log.info("Ajax call made by a non-logged in entity") raise Http404 return func(request)
def inner(request, **kwargs): '''implementation''' if settings.DEBUG: # pragma: no cover return func(request, **kwargs) try: user = Tbluser.objects.get( id=request.session.get('user_id', None) ) except Tbluser.DoesNotExist: info_log.info("Non-logged in user accessing @loggedin page") raise Http404 if user.user_type not in permission: suspicious_log.info("Non-admin user accessing @permission page: %s", user.name()) raise Http404 else: return func(request, **kwargs)
def inner(request, **kwargs): '''implementation''' if settings.DEBUG: # pragma: no cover return func(request, **kwargs) try: user = Tbluser.objects.get( id=request.session.get('user_id', None)) except Tbluser.DoesNotExist: info_log.info("Non-logged in user accessing @loggedin page") raise Http404 if user.user_type not in permission: suspicious_log.info( "Non-admin user accessing @permission page: %s", user.name()) raise Http404 else: return func(request, **kwargs)