Mixins and Decorators¶
Decorators¶
Decorators require that the current logged user attend some permission grant. They are meant to be used on function based views.
-
has_role_decorator
(role)¶
Accepts the same arguments as has_role
function and raises PermissionDenied in case it returns False
.
You can pass an optional key word argument redirect_to_login
to overhide the ROLEPERMISSIONS_REDIRECT_TO_LOGIN
setting.
You can also pass an optional key word argument redirect_url
to specify the view to return in case of permission denied.
redirect_url
takes precedence over redirect_to_login
and ROLEPERMISSIONS_REDIRECT_TO_LOGIN
.
from rolepermissions.decorators import has_role_decorator
@has_role_decorator('doctor')
def my_view(request, *args, **kwargs):
...
-
has_permission_decorator
(permission_name)¶
Accepts the same arguments as has_permission
function and raises PermissionDenied in case it returns False
.
You can pass an optional key word argument redirect_to_login
to overhide the ROLEPERMISSIONS_REDIRECT_TO_LOGIN
setting.
You can also pass an optional key word argument redirect_url
to specify the view to return in case of permission denied.
redirect_url
takes precedence over redirect_to_login
and ROLEPERMISSIONS_REDIRECT_TO_LOGIN
.
from rolepermissions.decorators import has_permission_decorator
@has_permission_decorator('create_medical_record')
def my_view(request, *args, **kwargs):
...
Mixins¶
Mixins require that the current logged user attend some permission grant. They are meant to be used on class based views.
-
class HasRoleMixin(object)
Add HasRoleMixin
mixin to the desired CBV (class based view) and use the allowed_roles
attribute to set the roles that can access the view.
allowed_roles
attribute will be passed to has_role
function, and PermissionDenied will be raised in case it returns False
.
You can set an optional redirect_to_login
attribute to overhide the ROLEPERMISSIONS_REDIRECT_TO_LOGIN
setting. Just like has_role_decorator
set
an optional redirect_url
to specify the view to return incase of permission denied. redirect_url
overrides redirect_to_login
and ROLEPERMISSIONS_REDIRECT_TO_LOGIN
.
from django.views.generic import TemplateView
from rolepermissions.mixins import HasRoleMixin
class MyView(HasRoleMixin, TemplateView):
allowed_roles = 'doctor'
...
-
class HasPermissionsMixin(object)
Add HasPermissionsMixin
mixin to the desired CBV (class based view) and use the required_permission
attribute to set the roles that can access the view.
required_permission
attribute will be passed to has_permission
function, and PermissionDenied will be raised in case it returns False
.
You can set an optional redirect_to_login
attribute to overhide the ROLEPERMISSIONS_REDIRECT_TO_LOGIN
setting.
from django.views.generic import TemplateView
from rolepermissions.mixins import HasPermissionsMixin
class MyView(HasPermissionsMixin, TemplateView):
required_permission = 'create_medical_record'
...