lambdalisue /
django-permission
| Conditions | 15 |
| Total Lines | 61 |
| Lines | 0 |
| Ratio | 0 % |
| Changes | 1 | ||
| Bugs | 0 | Features | 1 |
Small methods make your code easier to understand, in particular if combined with a good name. Besides, if your method is small, finding a good name is usually much easier.
For example, if you find yourself adding comments to a method's body, this is usually a good sign to extract the commented part to a new method, and use the comment as a starting point when coming up with a good name for this new method.
Commonly applied refactorings include:
If many parameters/temporary variables are present:
Complex classes like OneselfPermissionLogic.has_perm() often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes.
Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.
| 1 | # coding=utf-8 |
||
| 58 | def has_perm(self, user_obj, perm, obj=None): |
||
| 59 | """ |
||
| 60 | Check if user have permission of himself |
||
| 61 | |||
| 62 | If the user_obj is not authenticated, it return ``False``. |
||
| 63 | |||
| 64 | If no object is specified, it return ``True`` when the corresponding |
||
| 65 | permission was specified to ``True`` (changed from v0.7.0). |
||
| 66 | This behavior is based on the django system. |
||
| 67 | https://code.djangoproject.com/wiki/RowLevelPermissions |
||
| 68 | |||
| 69 | If an object is specified, it will return ``True`` if the object is the |
||
| 70 | user. |
||
| 71 | So users can change or delete themselves (you can change this behavior |
||
| 72 | to set ``any_permission``, ``change_permissino`` or |
||
| 73 | ``delete_permission`` attributes of this instance). |
||
| 74 | |||
| 75 | Parameters |
||
| 76 | ---------- |
||
| 77 | user_obj : django user model instance |
||
| 78 | A django user model instance which be checked |
||
| 79 | perm : string |
||
| 80 | `app_label.codename` formatted permission string |
||
| 81 | obj : None or django model instance |
||
| 82 | None or django model instance for object permission |
||
| 83 | |||
| 84 | Returns |
||
| 85 | ------- |
||
| 86 | boolean |
||
| 87 | Whether the specified user have specified permission (of specified |
||
| 88 | object). |
||
| 89 | """ |
||
| 90 | if not is_authenticated(user_obj): |
||
| 91 | return False |
||
| 92 | # construct the permission full name |
||
| 93 | change_permission = self.get_full_permission_string('change') |
||
| 94 | delete_permission = self.get_full_permission_string('delete') |
||
| 95 | # check if the user is authenticated |
||
| 96 | if obj is None: |
||
| 97 | # object permission without obj should return True |
||
| 98 | # Ref: https://code.djangoproject.com/wiki/RowLevelPermissions |
||
| 99 | if self.any_permission: |
||
| 100 | return True |
||
| 101 | if self.change_permission and perm == change_permission: |
||
| 102 | return True |
||
| 103 | if self.delete_permission and perm == delete_permission: |
||
| 104 | return True |
||
| 105 | return False |
||
| 106 | elif user_obj.is_active: |
||
| 107 | # check if the user trying to interact with himself |
||
| 108 | if obj == user_obj: |
||
| 109 | if self.any_permission: |
||
| 110 | # have any kind of permissions to himself |
||
| 111 | return True |
||
| 112 | if (self.change_permission and |
||
| 113 | perm == change_permission): |
||
| 114 | return True |
||
| 115 | if (self.delete_permission and |
||
| 116 | perm == delete_permission): |
||
| 117 | return True |
||
| 118 | return False |
||
| 119 |
