django-rosetta/rosetta/access.py

import importlib
from django.conf import settings
from rosetta.conf import settings as rosetta_settings
from django.core.exceptions import ImproperlyConfigured


def can_translate(user):
    return get_access_control_function()(user)


def get_access_control_function():
    """
    Return a predicate for determining if a user can access the Rosetta views
    """
    fn_path = getattr(settings, 'ROSETTA_ACCESS_CONTROL_FUNCTION', None)
    if fn_path is None:
        return is_superuser_staff_or_in_translators_group
    # Dynamically load a permissions function
    perm_module, perm_func = fn_path.rsplit('.', 1)
    perm_module = importlib.import_module(perm_module)
    return getattr(perm_module, perm_func)


# Default access control test
def is_superuser_staff_or_in_translators_group(user):
    if not getattr(settings, 'ROSETTA_REQUIRES_AUTH', True):
        return True
    try:
        if not user.is_authenticated:
            return False
        elif user.is_superuser and user.is_staff:
            return True
        else:
            return user.groups.filter(name='translators').exists()
    except AttributeError:
        if not hasattr(user, 'is_authenticated') or not hasattr(user, 'is_superuser') or not hasattr(user, 'groups'):
            raise ImproperlyConfigured('If you are using custom User Models you must implement a custom authentication method for Rosetta. See ROSETTA_ACCESS_CONTROL_FUNCTION here: https://django-rosetta.readthedocs.org/en/latest/settings.html')
        raise


def can_translate_language(user, langid):
    try:
        if not rosetta_settings.ROSETTA_LANGUAGE_GROUPS:
            return can_translate(user)
        elif not user.is_authenticated:
            return False
        elif user.is_superuser and user.is_staff:
            return True
        else:
            return user.groups.filter(name='translators-%s' % langid).exists()

    except AttributeError:
        if not hasattr(user, 'is_authenticated') or not hasattr(user, 'is_superuser') or not hasattr(user, 'groups'):
            raise ImproperlyConfigured('If you are using custom User Models you must implement a custom authentication method for Rosetta. See ROSETTA_ACCESS_CONTROL_FUNCTION here: https://django-rosetta.readthedocs.org/en/latest/settings.html')
        raise
Removed old compatibility code for Django < 1.8 2018-08-23 18:25:09 +00:00			`import importlib`
Allow access control function to be replaced The current access control function `can_translate` is not always sufficient. For instance, some projects require access to translation to be controlled using a permission rather than using groups. This change introduces a new setting `ROSETTA_ACCESS_CONTROL_FUNCTION` that allows an alternative predicate to be specified. The default is to use the current function so this change is backwards compatible. 2013-04-16 10:31:36 +00:00			`from django.conf import settings`
Added docs, tests and fine tuned ROSETTA_LANGUAGE_GROUPS setting 2014-05-02 10:04:41 +00:00			`from rosetta.conf import settings as rosetta_settings`
Better handling for Custom User Models. Fixes Issue #131 2015-06-04 09:44:42 +00:00			`from django.core.exceptions import ImproperlyConfigured`
Added docs, tests and fine tuned ROSETTA_LANGUAGE_GROUPS setting 2014-05-02 10:04:41 +00:00
Allow access control function to be replaced The current access control function `can_translate` is not always sufficient. For instance, some projects require access to translation to be controlled using a permission rather than using groups. This change introduces a new setting `ROSETTA_ACCESS_CONTROL_FUNCTION` that allows an alternative predicate to be specified. The default is to use the current function so this change is backwards compatible. 2013-04-16 10:31:36 +00:00
			`def can_translate(user):`
			`return get_access_control_function()(user)`


			`def get_access_control_function():`
			`"""`
			`Return a predicate for determining if a user can access the Rosetta views`
			`"""`
			`fn_path = getattr(settings, 'ROSETTA_ACCESS_CONTROL_FUNCTION', None)`
			`if fn_path is None:`
			`return is_superuser_staff_or_in_translators_group`
			`# Dynamically load a permissions function`
			`perm_module, perm_func = fn_path.rsplit('.', 1)`
			`perm_module = importlib.import_module(perm_module)`
			`return getattr(perm_module, perm_func)`


			`# Default access control test`
			`def is_superuser_staff_or_in_translators_group(user):`
			`if not getattr(settings, 'ROSETTA_REQUIRES_AUTH', True):`
			`return True`
Better handling for Custom User Models. Fixes Issue #131 2015-06-04 09:44:42 +00:00			`try:`
Tests passing on Django 2.0a1 2017-09-23 19:16:16 +00:00			`if not user.is_authenticated:`
Better handling for Custom User Models. Fixes Issue #131 2015-06-04 09:44:42 +00:00			`return False`
			`elif user.is_superuser and user.is_staff:`
			`return True`
			`else:`
			`return user.groups.filter(name='translators').exists()`
			`except AttributeError:`
			`if not hasattr(user, 'is_authenticated') or not hasattr(user, 'is_superuser') or not hasattr(user, 'groups'):`
			`raise ImproperlyConfigured('If you are using custom User Models you must implement a custom authentication method for Rosetta. See ROSETTA_ACCESS_CONTROL_FUNCTION here: https://django-rosetta.readthedocs.org/en/latest/settings.html')`
			`raise`
Added docs, tests and fine tuned ROSETTA_LANGUAGE_GROUPS setting 2014-05-02 10:04:41 +00:00

			`def can_translate_language(user, langid):`
Better handling for Custom User Models. Fixes Issue #131 2015-06-04 09:44:42 +00:00			`try:`
			`if not rosetta_settings.ROSETTA_LANGUAGE_GROUPS:`
			`return can_translate(user)`
Tests passing on Django 2.0a1 2017-09-23 19:16:16 +00:00			`elif not user.is_authenticated:`
Better handling for Custom User Models. Fixes Issue #131 2015-06-04 09:44:42 +00:00			`return False`
			`elif user.is_superuser and user.is_staff:`
			`return True`
			`else:`
			`return user.groups.filter(name='translators-%s' % langid).exists()`

			`except AttributeError:`
			`if not hasattr(user, 'is_authenticated') or not hasattr(user, 'is_superuser') or not hasattr(user, 'groups'):`
			`raise ImproperlyConfigured('If you are using custom User Models you must implement a custom authentication method for Rosetta. See ROSETTA_ACCESS_CONTROL_FUNCTION here: https://django-rosetta.readthedocs.org/en/latest/settings.html')`
			`raise`