- permissions.utils.grant_permission(obj, role, permission)¶
Grants passed permission to passed role. Returns True if the permission was able to be added, otherwise False.
Parameters:
- obj
- The content object for which the permission should be granted.
- role
- The role for which the permission should be granted.
- permission
- The permission which should be granted. Either a permission object or the codename of a permission.
- permissions.utils.remove_permission(obj, role, permission)¶
Removes passed permission from passed role and object. Returns True if the permission has been removed.
Parameters:
- obj
- The content object for which a permission should be removed.
- role
- The role for which a permission should be removed.
- permission
- The permission which should be removed. Either a permission object or the codename of a permission.
- permissions.utils.has_permission(obj, user, codename, roles=None)¶
Checks whether the passed user has passed permission for passed object.
Parameters:
- obj
- The object for which the permission should be checked.
- codename
- The permission’s codename which should be checked.
- user
- The user for which the permission should be checked.
- roles
- If given these roles will be assigned to the user temporarily before the permissions are checked.
- permissions.utils.reset(obj)¶
- Resets all permissions and inheritance blocks of passed object.
- permissions.utils.add_role(principal, role)¶
Adds a global role to a principal.
Parameters:
- principal
- The principal (user or group) which gets the role added.
- role
- The role which is assigned.
- permissions.utils.add_local_role(obj, principal, role)¶
Adds a local role to a principal.
Parameters:
- obj
- The object for which the principal gets the role.
- principal
- The principal (user or group) which gets the role.
- role
- The role which is assigned.
- permissions.utils.get_roles(principal, obj=None)¶
Returns all roles of passed user for passed content object. This takes direct and roles via a group into account. If an object is passed local roles will also added.
Parameters:
- obj
- The object from which the roles are removed.
- principal
- The principal (user or group) from which the roles are removed.
- permissions.utils.get_global_roles(principal)¶
- Returns global roles of passed principal (user or group).
- permissions.utils.get_local_roles(obj, principal)¶
- Returns local for passed user and content object.
- permissions.utils.remove_role(principal, role)¶
Removes role from passed principal.
Parameters:
- principal
- The principal (user or group) from which the role is removed.
- role
- The role which is removed.
- permissions.utils.remove_local_role(obj, principal, role)¶
Removes role from obj and principle.
Parameters:
- obj
- The object from which the role is removed.
- principal
- The principal (user or group) from which the role is removed.
- role
- The role which is removed.
- permissions.utils.remove_roles(principal)¶
Removes all roles passed principal (user or group).
Parameters:
- principal
- The principal (user or group) from which all roles are removed.
- permissions.utils.remove_local_roles(obj, principal)¶
Removes all local roles from passed object and principal (user or group).
Parameters:
- obj
- The object from which the roles are removed.
- principal
- The principal (user or group) from which the roles are removed.
- permissions.utils.add_inheritance_block(obj, permission)¶
Adds an inheritance for the passed permission on the passed obj.
Parameters:
- permission
- The permission for which an inheritance block should be added. Either a permission object or the codename of a permission.
- obj
- The content object for which an inheritance block should be added.
- permissions.utils.remove_inheritance_block(obj, permission)¶
Removes a inheritance block for the passed permission from the passed object.
Parameters:
- obj
- The content object for which an inheritance block should be added.
- permission
- The permission for which an inheritance block should be removed. Either a permission object or the codename of a permission.
- permissions.utils.is_inherited(obj, codename)¶
Returns True if the passed permission is inherited for passed object.
Parameters:
- obj
- The content object for which the permission should be checked.
- codename
- The permission which should be checked. Must be the codename of the permission.
- permissions.utils.register_permission(name, codename, ctypes=[])¶
Registers a permission to the framework. Returns the permission if the registration was successfully, otherwise False.
Parameters:
- name
- The unique name of the permission. This is displayed to the customer.
- codename
- The unique codename of the permission. This is used internally to identify the permission.
- content_types
- The content type for which the permission is active. This can be used to display only reasonable permissions for an object. This must be a Django ContentType
- permissions.utils.unregister_permission(codename)¶
Unregisters a permission from the framework
Parameters:
- codename
- The unique codename of the permission.
- permissions.utils.register_role(name)¶
Registers a role with passed name to the framework. Returns the new role if the registration was successfully, otherwise False.
Parameters:
- name
- The unique role name.
- permissions.utils.unregister_role(name)¶
Unregisters the role with passed name.
Parameters:
- name
- The unique role name.
- permissions.utils.register_group(name)¶
Registers a group with passed name to the framework. Returns the new group if the registration was successfully, otherwise False.
Actually this creates just a default Django Group.
Parameters:
- name
- The unique group name.
- permissions.utils.unregister_group(name)¶
Unregisters the group with passed name. Returns True if the unregistration was succesfull otherwise False.
Actually this deletes just a default Django Group.
Parameters:
- name
- The unique role name.
ifhasperm
Checks whether the current user has passed permission:
{% ifhasperm view %}
<span>Has permission</span>
{% else %}
<span>Doesn't have permission</span>
{% endifhasperm %}
Mix-in class for permissions.
Adds an inheritance block for the passed permission.
Parameters:
Adds a local role for the principal.
Parameters:
Raise Unauthorized if the the passed user hasn’t passed permission for this instance.
Parameters:
Grants passed permission to passed role. Returns True if the permission was able to be added, otherwise False.
Parameters:
Returns True if the passed user has passed permission for this instance. Otherwise False.
Parameters:
Returns True if the passed permission is inherited.
Parameters:
Removes a inheritance block for the passed permission.
Parameters:
Removes passed permission from passed role. Returns True if the permission has been removed.
Parameters:
Adds a local role for the principal to the object.
Parameters:
Removes all local roles for the passed principal from the object.
Parameters:
A permission which can be granted to users/groups and objects.
Attributes:
Grants permission for specific user/group and object.
Attributes:
Blocks the inheritance for specific permission and object.
Attributes:
A role gets permissions to do something. Principals (users and groups) can only get permissions via roles.
Attributes:
A role given to a principal (user or group). If a content object is given this is a local role, i.e. the principal has this role only for this content object. Otherwise it is a global role, i.e. the principal has this role generally.