I'm trying to make a decorator that checks if a user is staff and
redirects to the login page if not logged in or returns a 403 for
logged in users that aren't staff.

I found permission_required_with_403 (http://www.djangosnippets.org/
snippets/254/) which works well so I've added is_staff_with_403 as
below. When I try to use it I get the error at the bottom of this
post.


from django.contrib.auth import REDIRECT_FIELD_NAME
from django.shortcuts import render_to_response
from django.template import RequestContext
from django.http import HttpResponseRedirect

def user_passes_test_with_403(test_func, login_url=None):
    """
    Decorator for views that checks that the user passes the given
test.

    Anonymous users will be redirected to login_url, while users that
fail
    the test will be given a 403 error.
    """
    if not login_url:
        from django.conf import settings
        login_url = settings.LOGIN_URL
    def _dec(view_func):
        def _checklogin(request, *args, **kwargs):
            if test_func(request.user):
                return view_func(request, *args, **kwargs)
            elif not request.user.is_authenticated():
                return HttpResponseRedirect('%s?%s=%s' % (login_url,
REDIRECT_FIELD_NAME, request.get_full_path()))
            else:
                resp = render_to_response('403.html',
context_instance=RequestContext(request))
                resp.status_code = 403
                return resp
        _checklogin.__doc__ = view_func.__doc__
        _checklogin.__dict__ = view_func.__dict__
        return _checklogin
    return _dec


def permission_required_with_403(perm, login_url=None):
    """
    Decorator for views that checks whether a user has a particular
permission
    enabled, redirecting to the log-in page or rendering a 403 as
necessary.
    """
    return user_passes_test_with_403(lambda u: u.has_perm(perm),
login_url=login_url)


def is_staff_with_403(login_url=None):
    """
    Decorator for views that checks whether a user is_staff,
redirecting to
    the log-in page or rendering a 403 as necessary.
    """
    return user_passes_test_with_403(lambda u: u.is_staff(),
login_url=login_url)


Here's the line from my urlconf
    url(r'^mymodel/add$', views.my_model_add, name='my_model_add'),


Here's the error I get

Traceback (most recent call last):

  File "/Users/peter/.virtualenvs/dive/lib/python2.5/site-packages/
django/core/servers/basehttp.py", line 279, in run
    self.result = application(self.environ, self.start_response)

  File "/Users/peter/.virtualenvs/dive/lib/python2.5/site-packages/
django/core/servers/basehttp.py", line 651, in __call__
    return self.application(environ, start_response)

  File "/Users/peter/.virtualenvs/dive/lib/python2.5/site-packages/
django/core/handlers/wsgi.py", line 245, in __call__
    response = middleware_method(request, response)

  File "/Users/peter/.virtualenvs/dive/lib/python2.5/site-packages/
django/middleware/common.py", line 83, in process_response
    if response.status_code == 404:

AttributeError: 'function' object has no attribute 'status_code'


Since both user.has_perm and user.is_staff both are boolean they
should be interchangeable so I don't understand why I'm getting this
error, and I don't know how to remedy it.



-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to 
[email protected].
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Reply via email to