makka...@gmail.com wrote: >> I'm working on a big project at my work myself. >> We came to this problem last week (we did something to check it, but it >> was unmanagable). >> We wanted to move the check to the models. This is a little bit >> difficult because you basicly doesn't have the user object at in the >> __init__ function of your model. So I've written a small middleware >> which makes the request model available and handles permission denied. >> It rather simple at the moment. The __init__ function of our model calls >> a function which knows where to get the user object, and raises a >> permission denied exception when this function isn't returning True. >> > Can u explain that a little bit ? The __init__ trick .. > > The __init__ function of the model does something like this: if not permission.hasPermission(): raise permission.PermissionsError()
The hasPermission function can be any function which accepts any arguments, just what you define ofcourse. The hasPermission function gets the user object and does the check which is needed, returns False when the user hasn't permission, return True when the user has permission. When you store the request object in your middleware, please make it thread-safe (look at transaction middleware and module of django for an example). >> The >> middleware picks up the exception and creates a permission denied page. >> >> > That one is a good idea > > Thanks, the middleware has the function process_exception which checks for the PermissionsError Exception, and returns a HttpResponse with the error page if it encounters that permission, otherwise it returns None. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---