Skip to content

Commit

Permalink
new decorator which raises Http404 when PermissionDenied is raised by…
Browse files Browse the repository at this point in the history 
… the requires_privilege decorator
  • Loading branch information
@biyeun
biyeun committed Feb 14, 2014
1 parent 523cdb6 commit 9d61f50
Showing 1 changed file with 21 additions and 5 deletions.
26 changes: 21 additions & 5 deletions django_prbac/decorators.py
View file
Expand Up @@ -3,6 +3,7 @@

# Local Imports
from django.http import Http404
from django_prbac.exceptions import PermissionDenied
from django_prbac.models import Role, UserRole


Expand All @@ -18,29 +19,44 @@ def decorate(fn):
def wrapped(request, *args, **kwargs):

if not hasattr(request, 'role'):
raise Http404()
raise PermissionDenied()

roles = Role.objects.filter(slug=slug)
if not roles:
raise Http404()
raise PermissionDenied()

privilege = roles[0].instantiate(assignment)
if request.role.has_privilege(privilege):
return fn(request, *args, **kwargs)

if not hasattr(request, 'user'):
raise Http404()
raise PermissionDenied()

try:
request.user.prbac_role
except UserRole.DoesNotExist:
raise Http404()
raise PermissionDenied()

if not request.user.prbac_role.has_privilege(privilege):
raise Http404()
raise PermissionDenied()

return fn(request, *args, **kwargs)

return wrapped

return decorate


def requires_privilege_raise404(slug, **assignment):
"""
A version of the requires_privilege decorator which raises an Http404
if PermissionDenied is raised.
"""
def decorate(fn):
def wrapped(request, *args, **kwargs):
try:
return requires_privilege(slug, **assignment)(fn)(request, *args, **kwargs)
except PermissionDenied:
raise Http404()
return wrapped
return decorate

0 comments on commit 9d61f50

Please sign in to comment.