From 61c847f39a7614cb823fb251d4f5ea955bec9975 Mon Sep 17 00:00:00 2001
From: Valentin Deniaud <vdeniaud@entrouvert.com>
Date: Thu, 4 Apr 2019 16:34:43 +0200
Subject: [PATCH 12/13] decorators: add a way to bypass auth level check

---
 src/authentic2/decorators.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/authentic2/decorators.py b/src/authentic2/decorators.py
index cf778ece..9ba4afdf 100644
--- a/src/authentic2/decorators.py
+++ b/src/authentic2/decorators.py
@@ -6,6 +6,7 @@ from contextlib import contextmanager
 import time
 from functools import wraps
 
+from django.conf import settings
 from django.contrib.auth.decorators import login_required
 from django.views.debug import technical_404_response
 from django.http import Http404, HttpResponseForbidden, HttpResponse, HttpResponseBadRequest
@@ -329,3 +330,11 @@ def check_auth_level(func):
             login_url = utils.get_manager_login_url() + '?auth_level=%s' % required_auth_level
             return redirect_to_login(next_field_value, login_url)
     return wrapped
+
+
+def fake_highest_auth_level(func):
+    @wraps(func)
+    def wrapped(request, *args, **kwargs):
+        request.user.auth_level = getattr(settings, 'DJANGO_RBAC_MAX_AUTH_LEVEL', 5)
+        return func(request, *args, **kwargs)
+    return wrapped
-- 
2.20.1