-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iF4EAREIAAYFAlR7dIMACgkQtuvagsE+DE4L5AD8DeWestttJMMoeLx7J7RkquWn
fmAi1sCpirsZUJHmFsYBAKhh7MvCkRIzZhy0cykmBHwXgVSusDrlnKZu2iaCut/W
=kO9Y
-----END PGP SIGNATURE-----
On Sun, 30 Nov 2014 10:30:29 -0800 Richard Brockie
<richard@ontheday.net> wrote:
> I'm running into the situation where I have several views with the
> same set of decorators:
> @login_required()
> @user_passes_test(some_test_function, login_url='/',
> redirect_field_name=None)
> def some_view(request):
> # some code
> return render(request, 'some_template.html', locals())
>
> How would I go about combining the two (or more) decorators into a
> single decorator that can be used instead and retain the
> functionality?
Well, if the user has to pass a test, you have to have a user first.
And unless the AnonymousUser passes your permissions tests, the
combination of "@login_required" and "@user_passes_test" is a
redundancy… At least it was in my old project I worked for where we
replaced these duplicates and used only the permissions tests and it
worked great. No user -> no permissions to check for. (Actually it was
no user -> no company & no roles -> no permissions.)
Have fun,
Arnold
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/20141130204816.48a79081%40xingu.arnoldarts.de.
For more options, visit https://groups.google.com/d/optout.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment