|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135 |
- from urllib.parse import urlparse
-
- from django.conf import settings
- from django.contrib.auth import REDIRECT_FIELD_NAME
- from django.contrib.auth.views import redirect_to_login
- from django.core.exceptions import ImproperlyConfigured, PermissionDenied
- from django.shortcuts import resolve_url
-
-
- class AccessMixin:
- """
- Abstract CBV mixin that gives access mixins the same customizable
- functionality.
- """
-
- login_url = None
- permission_denied_message = ""
- raise_exception = False
- redirect_field_name = REDIRECT_FIELD_NAME
-
- def get_login_url(self):
- """
- Override this method to override the login_url attribute.
- """
- login_url = self.login_url or settings.LOGIN_URL
- if not login_url:
- raise ImproperlyConfigured(
- f"{self.__class__.__name__} is missing the login_url attribute. Define "
- f"{self.__class__.__name__}.login_url, settings.LOGIN_URL, or override "
- f"{self.__class__.__name__}.get_login_url()."
- )
- return str(login_url)
-
- def get_permission_denied_message(self):
- """
- Override this method to override the permission_denied_message attribute.
- """
- return self.permission_denied_message
-
- def get_redirect_field_name(self):
- """
- Override this method to override the redirect_field_name attribute.
- """
- return self.redirect_field_name
-
- def handle_no_permission(self):
- if self.raise_exception or self.request.user.is_authenticated:
- raise PermissionDenied(self.get_permission_denied_message())
-
- path = self.request.build_absolute_uri()
- resolved_login_url = resolve_url(self.get_login_url())
- # If the login url is the same scheme and net location then use the
- # path as the "next" url.
- login_scheme, login_netloc = urlparse(resolved_login_url)[:2]
- current_scheme, current_netloc = urlparse(path)[:2]
- if (not login_scheme or login_scheme == current_scheme) and (
- not login_netloc or login_netloc == current_netloc
- ):
- path = self.request.get_full_path()
- return redirect_to_login(
- path,
- resolved_login_url,
- self.get_redirect_field_name(),
- )
-
-
- class LoginRequiredMixin(AccessMixin):
- """Verify that the current user is authenticated."""
-
- def dispatch(self, request, *args, **kwargs):
- if not request.user.is_authenticated:
- return self.handle_no_permission()
- return super().dispatch(request, *args, **kwargs)
-
-
- class PermissionRequiredMixin(AccessMixin):
- """Verify that the current user has all specified permissions."""
-
- permission_required = None
-
- def get_permission_required(self):
- """
- Override this method to override the permission_required attribute.
- Must return an iterable.
- """
- if self.permission_required is None:
- raise ImproperlyConfigured(
- f"{self.__class__.__name__} is missing the "
- f"permission_required attribute. Define "
- f"{self.__class__.__name__}.permission_required, or override "
- f"{self.__class__.__name__}.get_permission_required()."
- )
- if isinstance(self.permission_required, str):
- perms = (self.permission_required,)
- else:
- perms = self.permission_required
- return perms
-
- def has_permission(self):
- """
- Override this method to customize the way permissions are checked.
- """
- perms = self.get_permission_required()
- return self.request.user.has_perms(perms)
-
- def dispatch(self, request, *args, **kwargs):
- if not self.has_permission():
- return self.handle_no_permission()
- return super().dispatch(request, *args, **kwargs)
-
-
- class UserPassesTestMixin(AccessMixin):
- """
- Deny a request with a permission error if the test_func() method returns
- False.
- """
-
- def test_func(self):
- raise NotImplementedError(
- "{} is missing the implementation of the test_func() method.".format(
- self.__class__.__name__
- )
- )
-
- def get_test_func(self):
- """
- Override this method to use a different test_func method.
- """
- return self.test_func
-
- def dispatch(self, request, *args, **kwargs):
- user_test_result = self.get_test_func()()
- if not user_test_result:
- return self.handle_no_permission()
- return super().dispatch(request, *args, **kwargs)
|