def _check_object_permission(user_obj, codename, obj): try: perm = get_full_permission_name(codename, obj) # 文字列 permission を実体に変換(してみる) perm_to_permission(perm) # 指定されたパーミッションが存在するためチェックを行う return user_obj.has_perm(perm, obj=obj) except ObjectDoesNotExist: # 指定されたパーミッションが存在しないため None を返す return None
def has_perm(self, user_obj, perm, obj=None): """ Check if user have permission (of object) based on registered handlers. It will raise ``ObjectDoesNotExist`` exception when the specified string permission does not exist and ``PERMISSION_CHECK_PERMISSION_PRESENCE`` is ``True`` in ``settings`` module. Parameters ---------- user_obj : django user model instance A django user model instance which be checked perm : string `app_label.codename` formatted permission string obj : None or django model instance None or django model instance for object permission Returns ------- boolean Whether the specified user have specified permission (of specified object). Raises ------ django.core.exceptions.ObjectDoesNotExist If the specified string permission does not exist and ``PERMISSION_CHECK_PERMISSION_PRESENCE`` is ``True`` in ``settings`` module. """ if settings.PERMISSION_CHECK_PERMISSION_PRESENCE: # get permission instance from string permission (perm) # it raise ObjectDoesNotExists when the permission is not exists try: perm_to_permission(perm) except AttributeError: # Django 1.2 internally use wrong permission string thus ignore pass # get permission handlers fot this perm cache_name = '_%s_cache' % perm if hasattr(self, cache_name): handlers = getattr(self, cache_name) else: handlers = [ h for h in registry.get_handlers() if perm in h.get_supported_permissions() ] setattr(self, cache_name, handlers) for handler in handlers: if handler.has_perm(user_obj, perm, obj=obj): return True return False
def has_perm(self, user_obj, perm, obj=None): """ Check if user have permission (of object) based on registered handlers. It will raise ``ObjectDoesNotExist`` exception when the specified string permission does not exist and ``PERMISSION_CHECK_PERMISSION_PRESENCE`` is ``True`` in ``settings`` module. Parameters ---------- user_obj : django user model instance A django user model instance which be checked perm : string `app_label.codename` formatted permission string obj : None or django model instance None or django model instance for object permission Returns ------- boolean Wheter the specified user have specified permission (of specified object). Raises ------ django.core.exceptions.ObjectDoesNotExist If the specified string permission does not exist and ``PERMISSION_CHECK_PERMISSION_PRESENCE`` is ``True`` in ``settings`` module. """ if settings.PERMISSION_CHECK_PERMISSION_PRESENCE: # get permission instance from string permission (perm) # it raise ObjectDoesNotExists when the permission is not exists try: perm_to_permission(perm) except AttributeError: # Django 1.2 internally use wrong permission string thus ignore pass # get permission handlers fot this perm cache_name = '_%s_cache' % perm if hasattr(self, cache_name): handlers = getattr(self, cache_name) else: handlers = [h for h in registry.get_handlers() if perm in h.get_supported_permissions()] setattr(self, cache_name, handlers) for handler in handlers: if handler.has_perm(user_obj, perm, obj=obj): return True return False
def _has_perm_of_content_object(self, user_obj, perm, star): """ スター付加先のオブジェクトの公開状態をチェックし、内部公開であれば ユーザーにその記事の閲覧権限があるかどうかによりスターの閲覧権限を 規定する """ try: # 対象オブジェクトのパーミッションを取得 perm = get_full_permission_name(perm, star.content_object) # 文字列 permission を実体に変換 perm_to_permission(perm) # 指定されたパーミッションが存在するためチェックを行う return user_obj.has_perm(perm, obj=star.content_object) except ObjectDoesNotExist: # 指定されたパーミッションが存在しない。 # Star自体に閲覧権限があるわけではないので、今場合は常にTrue return True