How to use the rules.contrib.views.PermissionRequiredMixin function in rules

To help you get started, we’ve selected a few rules examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github dfunckt / django-rules / tests / testapp / views.py View on Github external
@permission_required('testapp.delete_book', fn=objectgetter(Book, 'book_id'))
def delete_book(request, book_id):
    return HttpResponse('OK')


class BookDeleteView(LoginRequiredMixin, PermissionRequiredMixin, BookMixin, DeleteView):
    template_name = 'empty.html'
    permission_required = 'testapp.delete_book'


@permission_required('testapp.delete_book', fn=objectgetter(Book, 'book_id'), raise_exception=True)
def view_that_raises(request, book_id):
    return HttpResponse('OK')


class ViewThatRaises(LoginRequiredMixin, PermissionRequiredMixin, BookMixin, DeleteView):
    template_name = 'empty.html'
    raise_exception = True
    permission_required = 'testapp.delete_book'


@permission_required(['testapp.change_book', 'testapp.delete_book'], fn=objectgetter(Book, 'book_id'))
def view_with_permission_list(request, book_id):
    return HttpResponse('OK')


class ViewWithPermissionList(LoginRequiredMixin, PermissionRequiredMixin, BookMixin, DeleteView):
    template_name = 'empty.html'
    permission_required = ['testapp.change_book', 'testapp.delete_book']


@permission_required('testapp.delete_book', fn=objectgetter(Book, 'book_id'))
github erudit / eruditorg / eruditorg / core / account_actions / views / generic.py View on Github external
This views provides a "landing" page in order to consume an action.
    """
    http_method_names = ['get', ]

    def get(self, request, *args, **kwargs):
        self.object = self.get_object()
        context = self.get_context_data(object=self.object)
        return self.render_to_response(context)

    def get_template_names(self):
        if self.action.landing_page_template_name:
            return [self.action.landing_page_template_name, ]
        return super(AccountActionLandingView, self).get_template_names()


class AccountActionConsumeView(PermissionRequiredMixin, AccountActionTokenMixin, View):
    """
    This views can be used to "consume" an account action token. It will associate the token with
    the current user and execute the proper operations related to the considered action.
    """
    http_method_names = ['post', ]
    raise_exception = True

    def post(self, request, *args, **kwargs):
        self.request = request
        self.object = self.get_object()
        self.object.consume(request.user)
        return HttpResponseRedirect(self.get_redirect_url())

    def has_permission(self):
        return self.request.user.is_authenticated() \
            and self.action.can_be_consumed(self.get_object(), self.request.user)
github erudit / eruditorg / erudit / apps / userspace / permissions / views.py View on Github external
from django.contrib.contenttypes.models import ContentType
from django.core.urlresolvers import reverse
from django.views.generic import (
    CreateView,
    DeleteView,
    ListView
)
from rules.contrib.views import PermissionRequiredMixin

from core.permissions.models import Rule
from core.userspace.viewmixins import LoginRequiredMixin

from .forms import RuleForm


class PermissionsCheckMixin(PermissionRequiredMixin, LoginRequiredMixin):
    permission_required = 'userspace.manage_permissions'

    def get_queryset(self):
        qs = super(PermissionsCheckMixin, self).get_queryset()
        ct = ContentType.objects.get(app_label="erudit", model="journal")
        ids = [j.id for j in self.request.user.journals.all()]
        return qs.filter(content_type=ct, object_id__in=ids)


class PermissionsListView(PermissionsCheckMixin, ListView):
    model = Rule
    template_name = 'userspace/permissions/perm_list.html'


class PermissionsCreateView(PermissionsCheckMixin, CreateView):
    model = Rule
github letsmeet-click / letsmeet.click / letsmeet / communities / views.py View on Github external
template_name = 'communities/community_create.html'
    permission_required = 'community.can_create'

    def form_valid(self, form):
        with transaction.atomic():
            out = super().form_valid(form)
            CommunitySubscription.objects.create(
                community=self.object,
                user=self.request.user,
                role='owner'
            )

        return out


class CommunityUpdateView(LoginRequiredMixin, PermissionRequiredMixin, UpdateView):
    model = Community
    template_name = 'communities/community_update.html'
    permission_required = 'community.can_edit'
    form_class = CommunityUpdateForm


class CommunityDetailView(DetailView):
    model = Community


class CommunityEventCreateView(LoginRequiredMixin, PermissionRequiredMixin, CreateView):
    model = Event
    template_name = 'communities/community_event_create.html'
    form_class = EventCreateForm
    permission_required = 'community.can_create_event'
github liqd / a4-opin / euth / dashboard / views.py View on Github external
generic.UpdateView):

    model = user_models.User
    template_name = "euth_dashboard/profile_detail.html"
    form_class = forms.ProfileForm
    success_message = _("Your profile was successfully updated.")

    def get_object(self):
        return get_object_or_404(user_models.User, pk=self.request.user.id)

    def get_success_url(self):
        return self.request.path


class DashboardOrganisationUpdateView(DashboardBaseMixin,
                                      rules_views.PermissionRequiredMixin,
                                      SuccessMessageMixin,
                                      generic.UpdateView):
    model = org_models.Organisation
    form_class = forms.OrganisationForm
    slug_url_kwarg = 'organisation_slug'
    template_name = 'euth_dashboard/organisation_form.html'
    success_message = _('Organisation successfully updated.')
    permission_required = 'euth_organisations.modify_organisation'

    def get_success_url(self):
        return self.request.path


class DashboardProjectListView(DashboardBaseMixin,
                               rules_views.PermissionRequiredMixin,
                               generic.ListView):
github erudit / eruditorg / erudit / apps / userspace / journal / editor / viewmixins.py View on Github external
# -*- coding: utf-8 -*-

from rules.contrib.views import PermissionRequiredMixin


class IssueSubmissionCheckMixin(PermissionRequiredMixin):
    permission_required = 'editor.manage_issuesubmission'

    def get_queryset(self):
        qs = super(IssueSubmissionCheckMixin, self).get_queryset()
        ids = [issue.id for issue in qs if self.request.user.has_perm(
               'editor.manage_issuesubmission', issue.journal)]
        return qs.filter(id__in=ids)
github erudit / eruditorg / eruditorg / apps / userspace / library / viewmixins.py View on Github external
resolver_match = self.request.resolver_match
            args = resolver_match.args
            kwargs = resolver_match.kwargs.copy()
            kwargs.update({'organisation_pk': organisation.pk})
            return HttpResponseRedirect(
                reverse(':'.join([resolver_match.namespace, resolver_match.url_name]),
                        args=args, kwargs=kwargs))

        self.init_current_organisation(organisation)

    @cached_property
    def user_organisations(self):
        return self.get_user_organisations()


class OrganisationScopePermissionRequiredMixin(OrganisationScopeMixin, PermissionRequiredMixin):
    raise_exception = True

    def get_context_data(self, **kwargs):

        context = super(OrganisationScopePermissionRequiredMixin, self).get_context_data(**kwargs)
        context['library_permission_required'] = self.permission_required
        return context

    def get_permission_object(self):
        return self.current_organisation