Permission required decorator for django
Permission required decorator for django
My last issue today was to display an error message instead of redirecting to login page when the use doesn’t have permission. Here is a decorator which replace the permission_required of django. Feel free to rename it to avoid confusion
from django.shortcuts import render_to_response
from django.template.context import RequestContext
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.utils.http import urlquote
from django.http import HttpResponseRedirect
from django.contrib.auth.models import Permission
class permission_required(object):
"""
decorator which redirects to login page if user is anonymous
and display a permission denied template if user is logged in
doesn't have permission
"""
def __init__(self,
perm,
login_url=None,
redirect_field_name=REDIRECT_FIELD_NAME,
template='permission_denied.html'):
if not login_url:
from django.conf import settings
login_url = settings.LOGIN_URL
self.perm = perm
self.login_url = login_url
self.redirect_field_name = redirect_field_name
self.template = template
def __call__(self, func):
def wrap(request, *args, **kwargs):
if request.user.is_anonymous():
path = urlquote(request.get_full_path())
tup = self.login_url, self.redirect_field_name, path
return HttpResponseRedirect('%s?%s=%s' % tup)
if request.user.has_perm(self.perm):
return func(request, *args, **kwargs)
(app_label, codename) = self.perm.split('.', 1)
perm_name = Permission.objects.get(codename=codename,
content_type__app_label=app_label)
return render_to_response(self.template,
{'perm': perm_name},
context_instance=RequestContext(request))
return wrap
My template permission_denied.html contains :
{% extends "base.html" %}
{% load i18n %}
{% block body %}
{% trans "Permission denied" %}
{% blocktrans with perm as perm %}You need to have the permission "{{ perm }}"
to see this page{% endblocktrans %}
{% endblock %}
Comments
Post a Comment