lambdalisue /
django-permission
| @@ 74-138 (lines=65) @@ | ||
| 71 | self.delete_permission = \ |
|
| 72 | settings.PERMISSION_DEFAULT_GIPL_DELETE_PERMISSION |
|
| 73 | ||
| 74 | def has_perm(self, user_obj, perm, obj=None): |
|
| 75 | """ |
|
| 76 | Check if user have permission (of object) |
|
| 77 | ||
| 78 | If the user_obj is not authenticated, it return ``False``. |
|
| 79 | ||
| 80 | If no object is specified, it return ``True`` when the corresponding |
|
| 81 | permission was specified to ``True`` (changed from v0.7.0). |
|
| 82 | This behavior is based on the django system. |
|
| 83 | https://code.djangoproject.com/wiki/RowLevelPermissions |
|
| 84 | ||
| 85 | If an object is specified, it will return ``True`` if the user is |
|
| 86 | in group specified in ``group_names`` of this instance. |
|
| 87 | This permission logic is used mainly for group based role permission |
|
| 88 | system. |
|
| 89 | You can change this behavior to set ``any_permission``, |
|
| 90 | ``add_permission``, ``change_permission``, or ``delete_permission`` |
|
| 91 | attributes of this instance. |
|
| 92 | ||
| 93 | Parameters |
|
| 94 | ---------- |
|
| 95 | user_obj : django user model instance |
|
| 96 | A django user model instance which be checked |
|
| 97 | perm : string |
|
| 98 | `app_label.codename` formatted permission string |
|
| 99 | obj : None or django model instance |
|
| 100 | None or django model instance for object permission |
|
| 101 | ||
| 102 | Returns |
|
| 103 | ------- |
|
| 104 | boolean |
|
| 105 | Whether the specified user have specified permission (of specified |
|
| 106 | object). |
|
| 107 | """ |
|
| 108 | if not is_authenticated(user_obj): |
|
| 109 | return False |
|
| 110 | # construct the permission full name |
|
| 111 | add_permission = self.get_full_permission_string('add') |
|
| 112 | change_permission = self.get_full_permission_string('change') |
|
| 113 | delete_permission = self.get_full_permission_string('delete') |
|
| 114 | if obj is None: |
|
| 115 | if user_obj.groups.filter(name__in=self.group_names): |
|
| 116 | if self.add_permission and perm == add_permission: |
|
| 117 | return True |
|
| 118 | if self.change_permission and perm == change_permission: |
|
| 119 | return True |
|
| 120 | if self.delete_permission and perm == delete_permission: |
|
| 121 | return True |
|
| 122 | return self.any_permission |
|
| 123 | return False |
|
| 124 | elif user_obj.is_active: |
|
| 125 | if user_obj.groups.filter(name__in=self.group_names): |
|
| 126 | if self.any_permission: |
|
| 127 | # have any kind of permissions to the obj |
|
| 128 | return True |
|
| 129 | if (self.add_permission and |
|
| 130 | perm == add_permission): |
|
| 131 | return True |
|
| 132 | if (self.change_permission and |
|
| 133 | perm == change_permission): |
|
| 134 | return True |
|
| 135 | if (self.delete_permission and |
|
| 136 | perm == delete_permission): |
|
| 137 | return True |
|
| 138 | return False |
|
| 139 | ||
| @@ 69-131 (lines=63) @@ | ||
| 66 | self.delete_permission = \ |
|
| 67 | settings.PERMISSION_DEFAULT_SPL_DELETE_PERMISSION |
|
| 68 | ||
| 69 | def has_perm(self, user_obj, perm, obj=None): |
|
| 70 | """ |
|
| 71 | Check if user have permission (of object) |
|
| 72 | ||
| 73 | If the user_obj is not authenticated, it return ``False``. |
|
| 74 | ||
| 75 | If no object is specified, it return ``True`` when the corresponding |
|
| 76 | permission was specified to ``True`` (changed from v0.7.0). |
|
| 77 | This behavior is based on the django system. |
|
| 78 | https://code.djangoproject.com/wiki/RowLevelPermissions |
|
| 79 | ||
| 80 | If an object is specified, it will return ``True`` if the user is |
|
| 81 | staff. The staff can add, change or delete the object (you can change |
|
| 82 | this behavior to set ``any_permission``, ``add_permission``, |
|
| 83 | ``change_permission``, or ``delete_permission`` attributes of this |
|
| 84 | instance). |
|
| 85 | ||
| 86 | Parameters |
|
| 87 | ---------- |
|
| 88 | user_obj : django user model instance |
|
| 89 | A django user model instance which be checked |
|
| 90 | perm : string |
|
| 91 | `app_label.codename` formatted permission string |
|
| 92 | obj : None or django model instance |
|
| 93 | None or django model instance for object permission |
|
| 94 | ||
| 95 | Returns |
|
| 96 | ------- |
|
| 97 | boolean |
|
| 98 | Weather the specified user have specified permission (of specified |
|
| 99 | object). |
|
| 100 | """ |
|
| 101 | if not is_authenticated(user_obj): |
|
| 102 | return False |
|
| 103 | # construct the permission full name |
|
| 104 | add_permission = self.get_full_permission_string('add') |
|
| 105 | change_permission = self.get_full_permission_string('change') |
|
| 106 | delete_permission = self.get_full_permission_string('delete') |
|
| 107 | if obj is None: |
|
| 108 | if user_obj.is_staff: |
|
| 109 | if self.add_permission and perm == add_permission: |
|
| 110 | return True |
|
| 111 | if self.change_permission and perm == change_permission: |
|
| 112 | return True |
|
| 113 | if self.delete_permission and perm == delete_permission: |
|
| 114 | return True |
|
| 115 | return self.any_permission |
|
| 116 | return False |
|
| 117 | elif user_obj.is_active: |
|
| 118 | if user_obj.is_staff: |
|
| 119 | if self.any_permission: |
|
| 120 | # have any kind of permissions to the obj |
|
| 121 | return True |
|
| 122 | if (self.add_permission and |
|
| 123 | perm == add_permission): |
|
| 124 | return True |
|
| 125 | if (self.change_permission and |
|
| 126 | perm == change_permission): |
|
| 127 | return True |
|
| 128 | if (self.delete_permission and |
|
| 129 | perm == delete_permission): |
|
| 130 | return True |
|
| 131 | return False |
|
| 132 | ||
