Hi Thomas, Ya, it would be really nice if there was a standard way of handling authorization for views, so that external code can check if a view is authorized. I have been doing identically the same thing, except I was naming the view attribute "authorized".
The current decorators could be modified to set this attribute, however this is probably unlikely now that 1.0 has hit. Perhaps you could post your code somewhere so that 3rd-party app developers can standardize their authorization (git-hub?). Eric On Oct 13, 7:11 am, Thomas Guettler <[EMAIL PROTECTED]> wrote: > Hi, > > The auth-decorators to check for permission are nice, but it would > be better, if the authorization could be decoupled from calling the view. > > My goal: Check if a user can access a view without calling it, because > I want to disable/hide a link if the user must not call it. > > I implemented it in my application, but it would be nice if something like > this would inside django (This would improve plug-ability of applications) > > My implementation works like this: > > every view method as an attribute 'has_perm' which takes the > same args, kwargs like the view: > > def myview(request, something) > ... > myview.has_perm=lambda ... > > For ease of usage you can set has_perm to True (no access restriction) > or to a permission string (app_label.perm_codename) or to is_authenticated, > is_staff, is_superuser. > > There is a small helper method for checking if a user/request would be > allowed > to access this view and a small middleware to render "403 forbidden" pages. > > Thomas > > -- > Thomas Guettler,http://www.thomas-guettler.de/ > E-Mail: guettli (*) thomas-guettler + de --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---
