def user_has_permission(request, entity, permission, field=None): """ Check in current session наличие пользователя из списка прав если да то return True""" name = get_current_user(request, False) has = True if is_admin( request ): has = True elif not request.db.doc.find_one({'doc_type':'des:role', 'users.user:'******'true', 'permissions.'+entity+'.'+permission:'true'}): has = False elif field and not request.db.doc.find_one({'doc_type':'des:role', 'users.user:'******'true', 'permissions.'+entity+'/'+field+'.'+permission:'true'}): has = False return has
def user_is_logged_in(request): user = get_current_user(request) return user != 'guest'
def is_admin(request): return get_current_user(request, True) == get_admin(request)