-"""Replacement authentication decorators that work around redirection loops"""
-
-try:
- from functools import wraps
-except ImportError:
- from django.utils.functional import wraps
-
-from django.contrib.auth import REDIRECT_FIELD_NAME
-from django.contrib.auth.decorators import login_required
-from django.http import HttpResponseForbidden, HttpResponseRedirect
-from django.utils.http import urlquote
-
-__all__ = ['login_required', 'permission_required', 'user_passes_test']
-
-
-def user_passes_test(test_func, login_url=None,
- redirect_field_name=REDIRECT_FIELD_NAME):
- """Replacement for django.contrib.auth.decorators.user_passes_test that
- returns 403 Forbidden if the user is already logged in.
- """
-
- if not login_url:
- from django.conf import settings
- login_url = settings.LOGIN_URL
-
- def decorator(view_func):
- @wraps(view_func)
- def wrapper(request, *args, **kwargs):
- if test_func(request.user):
- return view_func(request, *args, **kwargs)
- elif request.user.is_authenticated():
- return HttpResponseForbidden('<h1>Permission denied</h1>')
- else:
- path = '%s?%s=%s' % (login_url, redirect_field_name,
- urlquote(request.get_full_path()))
- return HttpResponseRedirect(path)
- return wrapper
- return decorator
-
-
-def permission_required(perm, login_url=None):
- """Replacement for django.contrib.auth.decorators.permission_required that
- returns 403 Forbidden if the user is already logged in.
- """
-
- return user_passes_test(lambda u: u.has_perm(perm), login_url=login_url)
fnp / redakcja.git / blobdiff