Package expedient :: Package common :: Package permissions :: Module middleware :: Class PermissionMiddleware
[hide private]
[frames] | no frames]

Class PermissionMiddleware

source code


Middleware to catch PermissionDenied exceptions thrown by the expedient.common.permissions app and redirects to the permission URL if found. Also checks views and URLs for permission exceptions.

Instance Methods [hide private]
 
process_exception(self, request, exception)
Redirect to the denied permission's URL if it exists.
source code
 
_check_view_perms(self, perms_info, request, view_args, view_kwargs)
Check if the permissions information in perms_info apply
source code
 
process_view(self, request, view_func, view_args, view_kwargs)
Check if the URL is in the list of URLs to watch for, then check the permissions for that URL.
source code

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __init__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Class Methods [hide private]
 
add_required_url_permissions(cls, url, perm_names, permittee_func, target_func, methods=['GET', 'POST'])
Similar to the decorator decorators.require_objs_permissions_for_view but not a decorator.
source code
 
add_required_view_permissions(cls, view_func, perm_names, permittee_func, target_func, methods=['GET', 'POST'])
Add permission requirements to a view function.
source code
Class Variables [hide private]
  __views = {<function delete at 0x8f62224>: [{'methods': ['GET'...
  __urls = {}
Properties [hide private]

Inherited from object: __class__

Method Details [hide private]

add_required_url_permissions(cls, url, perm_names, permittee_func, target_func, methods=['GET', 'POST'])
Class Method

source code 

Similar to the decorator decorators.require_objs_permissions_for_view but not a decorator. Instead, this function protects a URL instead of the view function itself. The URL cannot be a regular expression however.

Parameters:
  • url (str) - The url for which permissions are to be enforced.
  • perm_names (list of str) - a list of permission names that are required.
  • permittee_func (callable) - a callable that accepts the url's view's arguments and returns a model instance not necessarily a Permittee instance.
  • target_func (callable) - a callable that accepts the url's view's arguments and returns a QuerySet instance of targets.
  • methods (list of str) - list of methods for which the requirement applies. Default is ["GET", "POST"].

add_required_view_permissions(cls, view_func, perm_names, permittee_func, target_func, methods=['GET', 'POST'])
Class Method

source code 

Add permission requirements to a view function.

Parameters:
  • view_func (callable.) - The view function to add permission requirements to.
  • perm_names (list of str) - a list of permission names that are required.
  • permittee_func (callable) - a callable that accepts the view's arguments and returns a model instance not necessarily a Permittee instance.
  • target_func (callable) - a callable that accepts the view's arguments and returns a QuerySet instance of targets.
  • methods (list of str) - list of methods for which the requirement applies. Default is ["GET", "POST"].

Class Variable Details [hide private]

__views

Value:
{<function delete at 0x8f62224>: [{'methods': ['GET', 'POST'],
                                   'perm_names': set(['can_delete_proj\
ect']),
                                   'permittee_func': <function get_use\
r_from_req at 0x8c62d14>,
                                   'target_func': <function wrapper at\
 0x8f621ec>},
                                  {'methods': ['GET', 'POST'], 'perm_n\
...