Mercurial Mercurial > platform / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/ldt/ldt/ldt_utils/middleware/security.py
author verrierj
Fri, 04 Nov 2011 16:45:40 +0100
changeset 232 2878499a372b
child 233 f6d009f83e38
permissions -rw-r--r--
Security layer moved to middleware and ldt_utils __init__ file

from django.conf import settings
from ldt.ldt_utils import protect_class, unprotect_class
from ldt.ldt_utils.models import Project, Content
from django.core.exceptions import MiddlewareNotUsed

class SecurityMiddleware(object):
    
    def __init__(self):
        if not hasattr(settings, 'USE_GROUP_PERMISSIONS') or not settings.USE_GROUP_PERMISSIONS:
            raise MiddlewareNotUsed()           # Disable middleware

    def process_request(self, request):
        
        if settings.USE_GROUP_PERMISSIONS == 'all':
            protect_class(Project, request.user) # This is not thread-safe
            protect_class(Content, request.user)
            
        for cls_name in settings.USE_GROUP_PERMISSIONS.split(' '):
            if cls_name == 'Project':
                protect_class(Project, request.user)
            elif cls_name == 'Content':
                protect_class(Content, request.user)
        
    
    def process_response(self, request, response):
        unprotect_class(Project)
        unprotect_class(Content)
        
        return response
platform