def permissions(request): logging.info(">> users.views.permissions") roles = Role.all() area = "users" if request.method == 'POST': for role in roles: _list = request.POST.getlist(role.name) _ref = Permission.get(role=role.name) if _ref is None: _ref = Permission(role=role.name) _ref.actions = _list _ref.put() apps = {} actions = [] for app in settings.INSTALLED_APPS: app_actions = [x for x in Action.filter('appname =', app) if x.authorizable ] if app_actions: apps[app] = app_actions actions += app_actions permissions = {} for role in roles: permission = Permission.get_by_role(role=role.name) permissions[role.name] = {} for action in actions: permissions[role.name].setdefault(action.name, (action.name in permission.actions and True)) c = template.RequestContext(request, locals()) _flag_as_admin(c) return render_to_response('permissions.html', c)
def process_request(self, request): resolver = get_resolver(None) pattern = self._get_pattern(resolver, request.path) if pattern is not None: request.action_pattern = pattern if not request.user.superuser and \ Action.get(name=pattern.name) and \ not Permission.can_access(request.user.roles, pattern.name): if request.user.username == 'anonymous': return util.RedirectLoginError(request, "You can not access to this page, try to login") logging.error(" the user %s can NOT access to %s " % (request.user.username, pattern.name)) return util.RedirectError(request, " the user %s can NOT access to %s " % (request.user.username, pattern.name)) return None