3
0
Fork 0
mirror of https://github.com/nanoy42/coope synced 2024-11-25 04:43:11 +00:00
coope/coopeV3/acl.py
2019-02-28 13:18:41 +01:00

80 lines
No EOL
2.4 KiB
Python

from django.contrib.auth.decorators import user_passes_test
from django.contrib.auth.models import User
from django.shortcuts import redirect, get_object_or_404
from django.urls import reverse
from functools import wraps
from preferences.models import GeneralPreferences
def admin_required(view):
"""
Test if the user is staff.
"""
return user_passes_test(lambda u: u.is_staff)(view)
def superuser_required(view):
"""
Test if the user is superuser.
"""
return user_passes_test(lambda u: u.is_superuser)(view)
def self_or_has_perm(pkName, perm):
"""
Test if the user is the request user (pk) or has perm permission.
"""
def decorator(view):
@wraps(view)
def wrapper(request, *args, **kwargs):
user = get_object_or_404(User, pk=kwargs[pkName])
if(user == request.user or request.user.has_perm(perm)):
return view(request, *args, **kwargs)
else:
return redirect(reverse('users:login'))
return wrapper
return decorator
def active_required(view):
"""
Test if the site is active (:attr:`preferences.models.GeneralPreferences.is_active`).
"""
@wraps(view)
def wrapper(request, *args, **kwargs):
gp,_ = GeneralPreferences.objects.get_or_create(pk=1)
if(not gp.is_active):
return redirect(reverse('preferences:inactive'))
return view(request, *args, **kwargs)
return wrapper
def acl_or(*perms):
"""
Test if a user has one of perms
"""
def decorator(view):
@wraps(view)
def wrapper(request,*args, **kwargs):
can_pass = request.user.has_perm(perms[0])
for perm in perms:
can_pass = can_pass or request.user.has_perm(perm)
if can_pass:
return view(request, *args, **kwargs)
else:
return redirect(reverse('users:login'))
return wrapper
return decorator
def acl_and(*perms):
"""
Test if a user has all perms
"""
def decorator(view):
@wraps(view)
def wrapper(request,*args, **kwargs):
can_pass = request.user.has_perm(perms[0])
for perm in perms:
can_pass = can_pass and request.user.has_perm(perm)
if can_pass:
return view(request, *args, **kwargs)
else:
return redirect(reverse('users:login'))
return wrapper
return decorator