0012-decorators-add-a-way-to-bypass-auth-level-check.patch

Valentin Deniaud, 04 April 2019 05:07 PM

View differences: inline side by side

Subject: [PATCH 12/13] decorators: add a way to bypass auth level check

 src/authentic2/decorators.py | 9 +++++++++
 1 file changed, 9 insertions(+)

     import time
     from functools import wraps
     from django.conf import settings
     from django.contrib.auth.decorators import login_required
     from django.views.debug import technical_404_response
     from django.http import Http404, HttpResponseForbidden, HttpResponse, HttpResponseBadRequest
-...
                 login_url = utils.get_manager_login_url() + '?auth_level=%s' % required_auth_level
                 return redirect_to_login(next_field_value, login_url)
         return wrapped
     def fake_highest_auth_level(func):
         @wraps(func)
         def wrapped(request, *args, **kwargs):
             request.user.auth_level = getattr(settings, 'DJANGO_RBAC_MAX_AUTH_LEVEL', 5)
             return func(request, *args, **kwargs)
         return wrapped

Produits Entr'ouvert » Authentic 2