def inner(request):
"""
Pulls the request object off the decorated function
"""
if not request.is_ajax():
suspicious_log.info("Request check made on non-ajax call")
raise Http404
if not request.session.get('user_id', None):
# if there is no user id in the session
# something weird is going on
suspicious_log.info("Ajax call made by a non-logged in entity")
raise Http404
return func(request)
def inner(request):
"""
Pulls the request object off the decorated function
"""
if not request.is_ajax():
suspicious_log.info("Request check made on non-ajax call")
raise Http404
if not request.session.get('user_id', None):
# if there is no user id in the session
# something weird is going on
suspicious_log.info("Ajax call made by a non-logged in entity")
raise Http404
return func(request)
def inner(request, **kwargs):
'''implementation'''
if settings.DEBUG: # pragma: no cover
return func(request, **kwargs)
try:
user = Tbluser.objects.get(
id=request.session.get('user_id', None)
)
except Tbluser.DoesNotExist:
info_log.info("Non-logged in user accessing @loggedin page")
raise Http404
if user.user_type not in permission:
suspicious_log.info("Non-admin user accessing @permission page: %s", user.name())
raise Http404
else:
return func(request, **kwargs)
def inner(request, **kwargs):
'''implementation'''
if settings.DEBUG: # pragma: no cover
return func(request, **kwargs)
try:
user = Tbluser.objects.get(
id=request.session.get('user_id', None))
except Tbluser.DoesNotExist:
info_log.info("Non-logged in user accessing @loggedin page")
raise Http404
if user.user_type not in permission:
suspicious_log.info(
"Non-admin user accessing @permission page: %s",
user.name())
raise Http404
else:
return func(request, **kwargs)
