From fba34ace7a1649baf980036745aeaa0c5c724475 Mon Sep 17 00:00:00 2001
From: Valentin Deniaud <vdeniaud@entrouvert.com>
Date: Thu, 4 Apr 2019 12:02:54 +0200
Subject: [PATCH 05/13] decorators: add check_auth_level for automatic increase

It should be used the same way as login_required, eventually at the same
time.
---
 src/authentic2/decorators.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/authentic2/decorators.py b/src/authentic2/decorators.py
index 7e544f79..cf778ece 100644
--- a/src/authentic2/decorators.py
+++ b/src/authentic2/decorators.py
@@ -13,6 +13,7 @@ from django.core.cache import cache as django_cache
 from django.core.exceptions import ValidationError
 from django.utils import six
 
+from django_rbac.exceptions import InsufficientAuthLevel
 from . import utils, app_settings, middleware
 from .utils import to_list, to_iter
 
@@ -313,3 +314,18 @@ def json(func):
         response.write(json_str)
         return response
     return f
+
+
+def check_auth_level(func):
+    from django.contrib.auth.views import redirect_to_login
+    @wraps(func)
+    def wrapped(request, *args, **kwargs):
+        try:
+            request.user.auth_level = request.session.get('auth_level', 1)
+            return func(request, *args, **kwargs)
+        except InsufficientAuthLevel as e:
+            required_auth_level = e.required_level
+            next_field_value = request.get_full_path()
+            login_url = utils.get_manager_login_url() + '?auth_level=%s' % required_auth_level
+            return redirect_to_login(next_field_value, login_url)
+    return wrapped
-- 
2.20.1