Using Django 1.5.x
I have in my project urls.py entries like this:
url(r'^staff/people/', include('people.urls')),
url(r'^staff/admin/facility', include('facility.urls')),
url(r'^staff/admin', include('district.urls')),
url(r'^staff/section', include('classes.urls')),
url(r'^staff/product', include('product.urls')),
With class based views, it's
documented<https://docs.djangoproject.com/en/1.5/topics/class-based-views/intro/#decorating-class-based-views>
that
you can wrap CBV calls so that once inside, say, 'people.urls' I could do
something like:
(r'^vote/', permission_required('polls.can_vote')(VoteView*.*
as_view())),
I haven't found it in the docs yet, but it looks like I can do similar
things with function views:
url(r'^edit/(?P<pk>\d+)', login_required(people_detail)),
The thing is, there are crap-ton of those calls and it'd be nice to check
things higher up in the call chain. Specifically, I'd like to wrap all the
url includes above like:
url(r'^staff/people/',
permission_required('some_permission_that_youre_staff')
include('people.urls')),
I.e., check access based on the url path.
But, I've tried that and I get errors.
I found this:http://djangosnippets.org/snippets/1219/ which does what I
want, but I'm a little nervous about using something written 5 years ago
with django 1.5. Even assuming it works for me, I'm nervous about getting
too far off the built-in tools with authentication and permissions stuff.
it's documented that the core team is smarter than I am.
So, the question, is there a way to wrap url include calls in a permission
check?
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/groups/opt_out.
