equal
deleted
inserted
replaced
196 # decorators (simple wrappers around above functions) |
196 # decorators (simple wrappers around above functions) |
197 def has_global_perm(perm_name, must_be_logged_in=False, redirect_field_name=REDIRECT_FIELD_NAME): |
197 def has_global_perm(perm_name, must_be_logged_in=False, redirect_field_name=REDIRECT_FIELD_NAME): |
198 def _dec(view_func): |
198 def _dec(view_func): |
199 def _check_global_perm(request, *args, **kwargs): |
199 def _check_global_perm(request, *args, **kwargs): |
200 if must_be_logged_in and not is_authenticated(request): |
200 if must_be_logged_in and not is_authenticated(request): |
201 login_url = reverse('login') |
201 raise UnauthorizedException('Should be logged in') |
202 return HttpResponseRedirect('%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path()))) |
|
203 |
202 |
204 if has_perm(request, perm_name, text=None): |
203 if has_perm(request, perm_name, text=None): |
205 return view_func(request, *args, **kwargs) |
204 return view_func(request, *args, **kwargs) |
206 |
205 |
207 raise UnauthorizedException('No global perm %s' % perm_name) |
206 raise UnauthorizedException('No global perm %s' % perm_name) |
227 if cm_settings.NO_SECURITY: |
226 if cm_settings.NO_SECURITY: |
228 return view_func(request, *args, **kwargs) |
227 return view_func(request, *args, **kwargs) |
229 |
228 |
230 if must_be_logged_in and not is_authenticated(request): |
229 if must_be_logged_in and not is_authenticated(request): |
231 if not api: |
230 if not api: |
232 login_url = reverse('login') |
231 raise UnauthorizedException('Should be logged in') |
233 return HttpResponseRedirect('%s?%s=%s' % (login_url, redirect_field_name, urlquote(request.get_full_path()))) |
|
234 else: |
232 else: |
235 return rc.FORBIDDEN |
233 return rc.FORBIDDEN |
236 |
234 |
237 |
235 |
238 if 'key' in kwargs: |
236 if 'key' in kwargs: |