lambdalisue /
django-permission
| @@ 73-137 (lines=65) @@ | ||
| 70 | self.delete_permission = \ |
|
| 71 | settings.PERMISSION_DEFAULT_GIPL_DELETE_PERMISSION |
|
| 72 | ||
| 73 | def has_perm(self, user_obj, perm, obj=None): |
|
| 74 | """ |
|
| 75 | Check if user have permission (of object) |
|
| 76 | ||
| 77 | If the user_obj is not authenticated, it return ``False``. |
|
| 78 | ||
| 79 | If no object is specified, it return ``True`` when the corresponding |
|
| 80 | permission was specified to ``True`` (changed from v0.7.0). |
|
| 81 | This behavior is based on the django system. |
|
| 82 | https://code.djangoproject.com/wiki/RowLevelPermissions |
|
| 83 | ||
| 84 | If an object is specified, it will return ``True`` if the user is |
|
| 85 | in group specified in ``group_names`` of this instance. |
|
| 86 | This permission logic is used mainly for group based role permission |
|
| 87 | system. |
|
| 88 | You can change this behavior to set ``any_permission``, |
|
| 89 | ``add_permission``, ``change_permission``, or ``delete_permission`` |
|
| 90 | attributes of this instance. |
|
| 91 | ||
| 92 | Parameters |
|
| 93 | ---------- |
|
| 94 | user_obj : django user model instance |
|
| 95 | A django user model instance which be checked |
|
| 96 | perm : string |
|
| 97 | `app_label.codename` formatted permission string |
|
| 98 | obj : None or django model instance |
|
| 99 | None or django model instance for object permission |
|
| 100 | ||
| 101 | Returns |
|
| 102 | ------- |
|
| 103 | boolean |
|
| 104 | Whether the specified user have specified permission (of specified |
|
| 105 | object). |
|
| 106 | """ |
|
| 107 | if not user_obj.is_authenticated(): |
|
| 108 | return False |
|
| 109 | # construct the permission full name |
|
| 110 | add_permission = self.get_full_permission_string('add') |
|
| 111 | change_permission = self.get_full_permission_string('change') |
|
| 112 | delete_permission = self.get_full_permission_string('delete') |
|
| 113 | if obj is None: |
|
| 114 | if user_obj.groups.filter(name__in=self.group_names): |
|
| 115 | if self.add_permission and perm == add_permission: |
|
| 116 | return True |
|
| 117 | if self.change_permission and perm == change_permission: |
|
| 118 | return True |
|
| 119 | if self.delete_permission and perm == delete_permission: |
|
| 120 | return True |
|
| 121 | return self.any_permission |
|
| 122 | return False |
|
| 123 | elif user_obj.is_active: |
|
| 124 | if user_obj.groups.filter(name__in=self.group_names): |
|
| 125 | if self.any_permission: |
|
| 126 | # have any kind of permissions to the obj |
|
| 127 | return True |
|
| 128 | if (self.add_permission and |
|
| 129 | perm == add_permission): |
|
| 130 | return True |
|
| 131 | if (self.change_permission and |
|
| 132 | perm == change_permission): |
|
| 133 | return True |
|
| 134 | if (self.delete_permission and |
|
| 135 | perm == delete_permission): |
|
| 136 | return True |
|
| 137 | return False |
|
| 138 | ||
| @@ 68-130 (lines=63) @@ | ||
| 65 | self.delete_permission = \ |
|
| 66 | settings.PERMISSION_DEFAULT_SPL_DELETE_PERMISSION |
|
| 67 | ||
| 68 | def has_perm(self, user_obj, perm, obj=None): |
|
| 69 | """ |
|
| 70 | Check if user have permission (of object) |
|
| 71 | ||
| 72 | If the user_obj is not authenticated, it return ``False``. |
|
| 73 | ||
| 74 | If no object is specified, it return ``True`` when the corresponding |
|
| 75 | permission was specified to ``True`` (changed from v0.7.0). |
|
| 76 | This behavior is based on the django system. |
|
| 77 | https://code.djangoproject.com/wiki/RowLevelPermissions |
|
| 78 | ||
| 79 | If an object is specified, it will return ``True`` if the user is |
|
| 80 | staff. The staff can add, change or delete the object (you can change |
|
| 81 | this behavior to set ``any_permission``, ``add_permission``, |
|
| 82 | ``change_permission``, or ``delete_permission`` attributes of this |
|
| 83 | instance). |
|
| 84 | ||
| 85 | Parameters |
|
| 86 | ---------- |
|
| 87 | user_obj : django user model instance |
|
| 88 | A django user model instance which be checked |
|
| 89 | perm : string |
|
| 90 | `app_label.codename` formatted permission string |
|
| 91 | obj : None or django model instance |
|
| 92 | None or django model instance for object permission |
|
| 93 | ||
| 94 | Returns |
|
| 95 | ------- |
|
| 96 | boolean |
|
| 97 | Weather the specified user have specified permission (of specified |
|
| 98 | object). |
|
| 99 | """ |
|
| 100 | if not user_obj.is_authenticated(): |
|
| 101 | return False |
|
| 102 | # construct the permission full name |
|
| 103 | add_permission = self.get_full_permission_string('add') |
|
| 104 | change_permission = self.get_full_permission_string('change') |
|
| 105 | delete_permission = self.get_full_permission_string('delete') |
|
| 106 | if obj is None: |
|
| 107 | if user_obj.is_staff: |
|
| 108 | if self.add_permission and perm == add_permission: |
|
| 109 | return True |
|
| 110 | if self.change_permission and perm == change_permission: |
|
| 111 | return True |
|
| 112 | if self.delete_permission and perm == delete_permission: |
|
| 113 | return True |
|
| 114 | return self.any_permission |
|
| 115 | return False |
|
| 116 | elif user_obj.is_active: |
|
| 117 | if user_obj.is_staff: |
|
| 118 | if self.any_permission: |
|
| 119 | # have any kind of permissions to the obj |
|
| 120 | return True |
|
| 121 | if (self.add_permission and |
|
| 122 | perm == add_permission): |
|
| 123 | return True |
|
| 124 | if (self.change_permission and |
|
| 125 | perm == change_permission): |
|
| 126 | return True |
|
| 127 | if (self.delete_permission and |
|
| 128 | perm == delete_permission): |
|
| 129 | return True |
|
| 130 | return False |
|
| 131 | ||
