0012-decorators-add-a-way-to-bypass-auth-level-check.patch
src/authentic2/decorators.py | ||
---|---|---|
6 | 6 |
import time |
7 | 7 |
from functools import wraps |
8 | 8 | |
9 |
from django.conf import settings |
|
9 | 10 |
from django.contrib.auth.decorators import login_required |
10 | 11 |
from django.views.debug import technical_404_response |
11 | 12 |
from django.http import Http404, HttpResponseForbidden, HttpResponse, HttpResponseBadRequest |
... | ... | |
329 | 330 |
login_url = utils.get_manager_login_url() + '?auth_level=%s' % required_auth_level |
330 | 331 |
return redirect_to_login(next_field_value, login_url) |
331 | 332 |
return wrapped |
333 | ||
334 | ||
335 |
def fake_highest_auth_level(func): |
|
336 |
@wraps(func) |
|
337 |
def wrapped(request, *args, **kwargs): |
|
338 |
request.user.auth_level = getattr(settings, 'DJANGO_RBAC_MAX_AUTH_LEVEL', 5) |
|
339 |
return func(request, *args, **kwargs) |
|
340 |
return wrapped |
|
332 |
- |