Package expedient :: Package common :: Package permissions :: Module managers :: Class ExpedientPermissionManager
[hide private]
[frames] | no frames]

Class ExpedientPermissionManager

source code


Implements methods for checking for missing permissions.

Instance Methods [hide private]
 
enable_checks(self)
Enable permission checks.
source code
 
disable_checks(self)
Disable permission checks.
source code
 
are_checks_enabled(self)
Are permission checks enabled?
source code
 
_stringify_func(self, f) source code
 
create_permission(self, name, description='', view=None, force=False)
Create a new ExpedientPermission.
source code
ExpedientPermission or None
get_missing_for_target(self, permittee, perm_names, target)
Same as get_missing but accepts a single target instance instead of a queryset of targets, and only returns the missing ExpedientPermission.
source code
tuple (ExpedientPermission, target) or (None, None)
get_missing(self, permittee, perm_names, targets)
This is the method that should be used to check for permissions.
source code
ExpedientPermission
get_as_permission(self, permission)
Returns permission as an ExpedientPermission instance.
source code

Inherited from django.db.models.manager.Manager: __init__, aggregate, all, annotate, complex_filter, contribute_to_class, count, create, dates, db_manager, defer, distinct, exclude, exists, extra, filter, get, get_empty_query_set, get_or_create, get_query_set, in_bulk, iterator, latest, none, only, order_by, raw, reverse, select_related, update, using, values, values_list

Inherited from django.db.models.manager.Manager (private): _copy_to_model, _insert, _set_creation_counter, _update

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Class Variables [hide private]
  _enabled = True

Inherited from django.db.models.manager.Manager: creation_counter

Properties [hide private]

Inherited from django.db.models.manager.Manager: db

Inherited from object: __class__

Method Details [hide private]

are_checks_enabled(self)

source code 

Are permission checks enabled?

Returns:
True if yes, False otherwise.

create_permission(self, name, description='', view=None, force=False)

source code 

Create a new ExpedientPermission. If permission is already registered with a different view, a PermissionRegistrationConflict exception is thrown. This operation is idempotent. If the permission already exists, nothing happens.

Parameters:
  • name (str) - The name of the permission. Must be globally unique.
  • view (Full import path of the view as str or the view function object itself. Note that the view must be importable by its a path (i.e. cannot use nested functions).) - View to redirect to if a permission is missing. Default None. The view function should have the signature:
       view(request, permission, permittee, target_obj_or_class, redirect_to=None)
    

    where permission is an ExpedientPermission instance, permittee is the object exercising the permission (not necessarily a django.contrib.auth.models.User instance), and target_obj_or_class is the object instance or class that the permittee does not have the permission permission for. redirect_to is a field used to indicate the original URL that caused the PermissionDenied exception. The view should redirect there when done.

  • force - Force changing the view even if the view was registered with a different function before.
Returns:
the new ExpedientPermission.

get_missing_for_target(self, permittee, perm_names, target)

source code 

Same as get_missing but accepts a single target instance instead of a queryset of targets, and only returns the missing ExpedientPermission. If permittee is a django.contrib.auth.models.User instance and is a superuser, always return None. Also if the target is the same as the permittee, always return None.

Parameters:
  • permittee (Permittee or a model instance.) - The object exercising the permission on the target
  • perm_names (iterable of str) - names of permissions to search for
  • target (Model) - object whose permissions we are searching for
Returns: ExpedientPermission or None
Missing permission.

get_missing(self, permittee, perm_names, targets)

source code 

This is the method that should be used to check for permissions. All other methods that check permissions are wrappers around this method.

Get the first missing permission that the permittee object does not have for all targets. If the ObjectPermission does not exist for the object, it will be created and saved before returning it.

Two exceptions are made: if the permittee is actually a django.contrib.auth.models.User instance, then if the user is a superuser, get_missing always returns (None, None). And if the target is the same as the permittee, always return (None, None).

Parameters:
  • permittee (Permittee or other model instance.) - The object exercising the permission on the targets
  • perm_names (iterable of str) - names of permissions to search for
  • targets (QuerySet) - objects whose permissions we are searching for
Returns: tuple (ExpedientPermission, target) or (None, None)
Missing permission and the target for which it is missing or None if nothing is missing.

get_as_permission(self, permission)

source code 

Returns permission as an ExpedientPermission instance.

Parameters:
Returns: ExpedientPermission
the same permission.