ó ¸9—^c@sÿddlZddlZddlZddlmZddlmZddlm Z ddl m Z m Z ddl mZmZddlmZmZmZmZmZddlmZdd lmZdd lmZdd lmZed'krd„Zn d„Zdefd„ƒYZ de fd„ƒYZ!defd„ƒYZ"de fd„ƒYZ#de#fd„ƒYZ$de fd„ƒYZ%de fd„ƒYZ&de fd „ƒYZ'd!e fd"„ƒYZ(d#efd$„ƒYZ)d%e!fd&„ƒYZ*dS((iÿÿÿÿN(tVERSION(tsettings(tREDIRECT_FIELD_NAME(tredirect_to_logintlogout_then_login(tImproperlyConfiguredtPermissionDenied(tHttpResponseRedirecttHttpResponsePermanentRedirecttHttp404t HttpResponsetStreamingHttpResponse(t resolve_url(tsix(t force_text(tnowii icCs|jS(N(tis_authenticated(tuser((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyttcCs |jƒS(N(R(R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRRt AccessMixincBsMeZdZdZeZeZeZ d„Z d„Z d„Z dd„Z RS(s\ 'Abstract' mixin that gives access mixins the same customizable functionality. cCs@|jptj}|s6tdj|jjƒƒ‚nt|ƒS(sB Override this method to customize the login_url. sKDefine {0}.login_url or settings.LOGIN_URL or override {0}.get_login_url().(t login_urlRt LOGIN_URLRtformatt __class__t__name__R(tselfR((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyt get_login_url#s cCs4|jdkr-tdj|jjƒƒ‚n|jS(sL Override this method to customize the redirect_field_name. sq{0} is missing the redirect_field_name. Define {0}.redirect_field_name or override {0}.get_redirect_field_name().N(tredirect_field_nametNoneRRRR(R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pytget_redirect_field_name/s cCs¯|jr¢|jr/t|jƒ r/|j|ƒStj|jƒr_t|jtƒr_|j‚nt |jƒr™|j|ƒ}t |t t fƒr™|Snt ‚n|j|ƒS(N(traise_exceptiontredirect_unauthenticated_userst_is_authenticatedRtno_permissions_failtinspecttisclasst issubclasst Exceptiontcallablet isinstanceR R R(Rtrequesttret((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pythandle_no_permission;s     cCs"t|jƒ|jƒ|jƒƒS(s· Called when the user has no permissions and no exception was raised. This should only return a valid HTTP response. By default we redirect to login. (Rt get_full_pathRR(RR)((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR"Ls  N(Rt __module__t__doc__RRtFalseRRRR RRR+R"(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRs tLoginRequiredMixincBseZdZd„ZRS(sò View mixin which verifies that the user is authenticated. NOTE: This should be the left-most mixin of a view, except when combined with CsrfExemptMixin - which in that case should be the left-most mixin. cOs8t|jƒs|j|ƒStt|ƒj|||ŽS(N(R!RR+tsuperR0tdispatch(RR)targstkwargs((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2as (RR-R.R2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR0XstAnonymousRequiredMixincBs)eZdZejZd„Zd„ZRS(s± View mixin which redirects to a specified URL if authenticated. Can be useful if you wanted to prevent authenticated users from accessing signup pages etc. NOTE: This should be the left-most mixin of a view. Example Usage class SomeView(AnonymousRequiredMixin, ListView): ... # required authenticated_redirect_url = "/accounts/profile/" ... cOs;t|jƒrt|jƒƒStt|ƒj|||ŽS(N(R!RRtget_authenticated_redirect_urlR1R5R2(RR)R3R4((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2|scCs4|js'tdj|jjƒƒ‚nt|jƒS(s1 Return the reversed authenticated redirect url. s˜{0} is missing an authenticated_redirect_url url to redirect to. Define {0}.authenticated_redirect_url or override {0}.get_authenticated_redirect_url().(tauthenticated_redirect_urlRRRRR (R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR6‚s  (RR-R.RtLOGIN_REDIRECT_URLR7R2R6(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR5is  tPermissionRequiredMixincBs8eZdZdZeZdd„Zd„Zd„Z RS(s‹ View mixin which verifies that the logged in user has the specified permission. Class Settings `permission_required` - the permission to check for. `login_url` - the login url of site `redirect_field_name` - defaults to "next" `raise_exception` - defaults to False - raise 403 if set to True Example Usage class SomeView(PermissionRequiredMixin, ListView): ... # required permission_required = "app.permission" # optional login_url = "/signup/" redirect_field_name = "hollaback" raise_exception = True ... cCs4|jdkr-tdj|jjƒƒ‚n|jS(s† Get the required permissions and return them. Override this to allow for custom permission_required values. s;{0} requires the "permission_required" attribute to be set.N(tpermission_requiredRRRRR(RR)((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pytget_permission_required©s cCsÇ|j|ƒ}t}|jr¨t|dƒr`|jdk r`|jj|j|ƒ|jƒ}qÃt|dƒrÃt|j ƒrÃ|jj|j|ƒ|j ƒƒ}qÃn|jj|j|ƒƒ}|S(sA Returns whether or not the user has permissions tobjectt get_objectN( R;R/tobject_level_permissionsthasattrR<RRthas_permR'R=(RR)tpermsthas_permission((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pytcheck_permissions¸s $*cOs>|j|ƒ}|s"|j|ƒStt|ƒj|||ŽS(s^ Check to see if the user in the request has the required permission. (RCR+R1R9R2(RR)R3R4RB((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2Ès  N( RR-R.RR:R/R>R;RCR2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR9Žs   t MultiplePermissionsRequiredMixincBsPeZdZdZdd„Zd„Zd„Zddd„Zddd„Z RS(s± View mixin which allows you to specify two types of permission requirements. The `permissions` attribute must be a dict which specifies two keys, `all` and `any`. You can use either one on its own or combine them. The value of each key is required to be a list or tuple of permissions. The standard Django permissions style is not strictly enforced. If you have created your own permissions in a different format, they should still work. By specifying the `all` key, the user must have all of the permissions in the passed in list. By specifying The `any` key , the user must have ONE of the set permissions in the list. Class Settings `permissions` - This is required to be a dict with one or both keys of `all` and/or `any` containing a list or tuple of permissions. `login_url` - the login url of site `redirect_field_name` - defaults to "next" `raise_exception` - defaults to False - raise 403 if set to True Example Usage class SomeView(MultiplePermissionsRequiredMixin, ListView): ... #required permissions = { "all": ("blog.add_post", "blog.change_post"), "any": ("blog.delete_post", "user.change_user") } #optional login_url = "/signup/" redirect_field_name = "hollaback" raise_exception = True cCs|jƒ|jS(N(t_check_permissions_attrt permissions(RR)((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR;þs cCsÒ|j|ƒ}|jdƒp!d}|jdƒp6d}|j||ƒ|jd|ƒ|jd|ƒ|rˆ|jj|ƒsˆtSn|rÎt}x*|D]"}|jj|ƒr›t }Pq›q›W|sÎtSnt S(Ntalltany( R;tgetRt_check_permissions_keys_sett_check_perms_keysRt has_permsR/R@tTrue(RR)RFt perms_allt perms_anyt has_one_permtperm((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRCs$ cCsD|jdks"t|jtƒ r@tdj|jjƒƒ‚ndS(sK Check permissions attribute is set and that it is a dict. s={0} requires the "permissions" attribute to be set as a dict.N(RFRR(tdictRRRR(R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyREs"cCs:|dkr6|dkr6tdj|jjƒƒ‚ndS(sÚ Check to make sure the keys `any` or `all` are not both blank. If both are blank either an empty dict came in or the wrong keys came in. Both are invalid and should raise an exception. sb{0} requires the "permissions" attribute to be set to a dict and the "any" or "all" key to be set.N(RRRRR(RRNRO((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRJ&scCsA|r=t|ttfƒ r=tdj|jj|ƒƒ‚ndS(s‚ If the permissions list/tuple passed in is set, check to make sure that it is of the type list or tuple. sA{0} requires the permisions dict {1} value to be a list or tuple.N(R(tlistttupleRRRR(RtkeyRA((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRK2sN( RR-R.RRFR;RCRERJRK(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRDÖs%    tGroupRequiredMixincBs)eZdZd„Zd„Zd„ZRS(cCs~|jdks/t|jttftjƒ rMtdj|j j ƒƒ‚nt|jttfƒsw|jf|_n|jS(Nsw{0} requires the "group_required" attribute to be set and be one of the following types: string, unicode, list or tuple( tgroup_requiredRR(RSRTR t string_typesRRRR(R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pytget_group_required@s cCsJ|jjjrtS|jjjjddtƒ}t|ƒjt|ƒƒS(s Check required group(s) tnametflat(R)Rt is_superuserRMtgroupst values_listtsett intersection(RR]t user_groups((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pytcheck_membershipNscOse||_t}t|jƒr6|j|jƒƒ}n|sI|j|ƒStt|ƒj |||ŽS(N( R)R/R!RRbRYR+R1RVR2(RR)R3R4tin_group((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2Us  N(RR-RRWRYRbR2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRV=s  tUserPassesTestMixincBs)eZdZd„Zd„Zd„ZRS(s± CBV Mixin allows you to define test that every user should pass to get access into view. Class Settings `test_func` - This is required to be a method that takes user instance and return True or False after checking conditions. `login_url` - the login url of site `redirect_field_name` - defaults to "next" `raise_exception` - defaults to False - raise 403 if set to True cCstdj|jjƒƒ‚dS(NsL{0} is missing implementation of the test_func method. You should write one.(tNotImplementedErrorRRR(RR((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyt test_funcoscCs t|dƒS(NRf(tgetattr(R((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyt get_test_funcuscOsD|jƒ|jƒ}|s(|j|ƒStt|ƒj|||ŽS(N(RhRR+R1RdR2(RR)R3R4tuser_test_result((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2xs  (RR-R.RfRhR2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRdbs   tSuperuserRequiredMixincBseZdZd„ZRS(sM Mixin allows you to require a user with `is_superuser` set to True. cOs5|jjs|j|ƒStt|ƒj|||ŽS(N(RR\R+R1RjR2(RR)R3R4((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2†s  (RR-R.R2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRj‚stStaffuserRequiredMixincBseZdZd„ZRS(sI Mixin allows you to require a user with `is_staff` set to True. cOs5|jjs|j|ƒStt|ƒj|||ŽS(N(Rtis_staffR+R1RkR2(RR)R3R4((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2’s  (RR-R.R2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRkŽstSSLRequiredMixincBs&eZdZeZd„Zd„ZRS(sT Simple mixin that allows you to force a view to be accessed via https. cOs{ttdtƒr.tt|ƒj|||ŽS|jƒs_|jrLt‚nt |j |ƒƒStt|ƒj|||ŽS(NtDEBUG( RgRR/R1RmR2t is_secureRR Rt_build_https_url(RR)R3R4((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2¡s    cCs(|j|jƒƒ}tjdd|ƒS(s+ Get the full url, replace http with https s^httpthttps(tbuild_absolute_uriR,tretsub(RR)turl((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRp¯s(RR-R.R/RR2Rp(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRmšs tRecentLoginRequiredMixincBseZdZdZd„ZRS(sO Mixin allows you to require a login to be within a number of seconds. icOsytt|ƒj|||Ž}|jdkrutjd|jƒ}tƒ|jj |krnt ||j ƒƒS|Sn|S(NiÈtseconds( R1RvR2t status_codetdatetimet timedeltatmax_last_login_deltaRRt last_loginRR(RR)R3R4tresptdelta((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyR2»s(RR-R.R{R2(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyRvµs(ii i(+R#RyRstdjangoRtDJANGO_VERSIONt django.confRtdjango.contrib.authRtdjango.contrib.auth.viewsRRtdjango.core.exceptionsRRt django.httpRRR R R tdjango.shortcutsR t django.utilsR tdjango.utils.encodingRtdjango.utils.timezoneRR!R<RR0R5R9RDRVRdRjRkRmRv(((s6/tmp/pip-unpacked-wheel-20cZHT/braces/views/_access.pyts4   (   ?%Hg%