Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #703: added decorators to require that view be called with a gi…

…ven HTTP REQUEST_METHOD

git-svn-id: http://code.djangoproject.com/svn/django/trunk@1016 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit e7c870c36ea6f567e7834ce0e74ea0257c8631b7 1 parent c3377c1
@jacobian jacobian authored
Showing with 28 additions and 2 deletions.
  1. +28 −2 django/views/decorators/http.py
View
30 django/views/decorators/http.py
@@ -1,9 +1,35 @@
"""
-Decorator for views that supports conditional get on ETag and Last-Modified
-headers.
+Decorators for views based on HTTP headers.
"""
from django.utils.decorators import decorator_from_middleware
from django.middleware.http import ConditionalGetMiddleware
+from django.utils.httpwrappers import HttpResponseForbidden
conditional_page = decorator_from_middleware(ConditionalGetMiddleware)
+
+def require_http_methods(request_method_list):
+ """
+ Decorator to make a view only accept particular request methods. Usage::
+
+ @require_http_methods(["GET", "POST"])
+ def my_view(request):
+ # I can assume now that only GET or POST requests make it this far
+ # ...
+
+ Note that request methods ARE case sensitive.
+ """
+ def decorator(func):
+ def inner(request, *args, **kwargs):
+ method = request.META.get("REQUEST_METHOD", None)
+ if method not in request_method_list:
+ raise HttpResponseForbidden("REQUEST_METHOD '%s' not allowed" % method)
+ return func(request, *args, **kwargs)
+ return inner
+ return decorator
+
+require_GET = require_http_methods(["GET"])
+require_GET.__doc__ = "Decorator to require that a view only accept the GET method."
+
+require_POST = require_http_methods(["POST"])
+require_POST.__doc__ = "Decorator to require that a view only accept the POST method."
Please sign in to comment.
Something went wrong with that request. Please try again.