diff options
author | Jessica Tallon <jessica@megworld.co.uk> | 2014-07-25 18:58:57 +0100 |
---|---|---|
committer | Jessica Tallon <jessica@megworld.co.uk> | 2014-07-29 20:29:02 +0100 |
commit | 7bfc81b21af65c91dcbd9d33deae2f020d8bbbee (patch) | |
tree | 1b9cb32e5f8de29f8356b22cf38547c48c720810 /mediagoblin/decorators.py | |
parent | 97650abd784ba4c2ce902e7d00f7e007479c870f (diff) | |
download | mediagoblin-7bfc81b21af65c91dcbd9d33deae2f020d8bbbee.tar.lz mediagoblin-7bfc81b21af65c91dcbd9d33deae2f020d8bbbee.tar.xz mediagoblin-7bfc81b21af65c91dcbd9d33deae2f020d8bbbee.zip |
Fix #923 - add allow_admin to user_has_privilege decorator
Diffstat (limited to 'mediagoblin/decorators.py')
-rw-r--r-- | mediagoblin/decorators.py | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/mediagoblin/decorators.py b/mediagoblin/decorators.py index 90edf96b..5bf60048 100644 --- a/mediagoblin/decorators.py +++ b/mediagoblin/decorators.py @@ -74,7 +74,7 @@ def require_active_login(controller): return new_controller_func -def user_has_privilege(privilege_name): +def user_has_privilege(privilege_name, allow_admin=True): """ Requires that a user have a particular privilege in order to access a page. In order to require that a user have multiple privileges, use this @@ -85,14 +85,17 @@ def user_has_privilege(privilege_name): the privilege object. This object is the name of the privilege, as assigned in the Privilege.privilege_name column + + :param allow_admin If this is true then if the user is an admin + it will allow the user even if the user doesn't + have the privilage given in privilage_name. """ def user_has_privilege_decorator(controller): @wraps(controller) @require_active_login def wrapper(request, *args, **kwargs): - user_id = request.user.id - if not request.user.has_privilege(privilege_name): + if not request.user.has_privilege(privilege_name, allow_admin): raise Forbidden() return controller(request, *args, **kwargs) @@ -369,7 +372,8 @@ def require_admin_or_moderator_login(controller): @wraps(controller) def new_controller_func(request, *args, **kwargs): if request.user and \ - not request.user.has_privilege(u'admin',u'moderator'): + not (request.user.has_privilege(u'admin') + or request.user.has_privilege(u'moderator')): raise Forbidden() elif not request.user: |