From 9adfad03bc40e56975d1cb3bb98e3cb612111906 Mon Sep 17 00:00:00 2001 From: Martin Gingras Date: Fri, 15 Dec 2023 18:06:34 -0500 Subject: [PATCH 1/3] Adds on_delete to RulePermission content_type fk --- django_rules/decorators.py | 2 +- django_rules/models.py | 14 +++++++++----- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/django_rules/decorators.py b/django_rules/decorators.py index bab8211..9721199 100644 --- a/django_rules/decorators.py +++ b/django_rules/decorators.py @@ -2,8 +2,8 @@ from django.conf import settings from django.contrib.auth import REDIRECT_FIELD_NAME from django.core.exceptions import PermissionDenied -from django.core.urlresolvers import NoReverseMatch, reverse from django.shortcuts import get_object_or_404 +from django.urls import NoReverseMatch, reverse from django.utils.functional import wraps from django.utils.http import urlquote diff --git a/django_rules/models.py b/django_rules/models.py index 68eddad..283e7e3 100644 --- a/django_rules/models.py +++ b/django_rules/models.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- import inspect + from django.contrib.contenttypes.models import ContentType from django.core.exceptions import ValidationError from django.db import models @@ -9,14 +10,14 @@ class RulePermission(models.Model): class Meta: - app_label = 'django_rules' + app_label = "django_rules" """ This model holds the rules for the authorization system """ codename = models.CharField(primary_key=True, max_length=30) field_name = models.CharField(max_length=30) - content_type = models.ForeignKey(ContentType) + content_type = models.ForeignKey(ContentType, on_delete=models.CASCADE) view_param_pk = models.CharField(max_length=30) description = models.CharField(max_length=140, null=True) @@ -26,11 +27,11 @@ def save(self, *args, **kwargs): raises ValidationError if it doesn't. We need to restrict security rules creation """ # If not set use codename as field_name as default - if self.field_name == '': + if self.field_name == "": self.field_name = self.codename # If not set use primary key attribute name as default - if self.view_param_pk == '': + if self.view_param_pk == "": self.view_param_pk = self.content_type.model_class()._meta.pk.get_attname() # First search for a method or property defined in the model class @@ -38,7 +39,10 @@ def save(self, *args, **kwargs): # If field_name does not exist a ValidationError is raised if not hasattr(self.content_type.model_class(), self.field_name): # Search within attributes field names - if not (self.field_name in self.content_type.model_class()._meta.get_all_field_names()): + if not ( + self.field_name + in self.content_type.model_class()._meta.get_all_field_names() + ): raise NonexistentFieldName( "Could not create rule: field_name %s of rule %s does not exist in model %s" % (self.field_name, self.codename, self.content_type.model) From f3f76b67e5aa73dcb9425d699c87deb3db4d9aa9 Mon Sep 17 00:00:00 2001 From: Matt Mascioni <639901+mm@users.noreply.github.com> Date: Fri, 26 Jul 2024 10:57:45 -0400 Subject: [PATCH 2/3] Use real import paths --- django_rules/backends.py | 7 ++++--- django_rules/decorators.py | 6 +++--- django_rules/models.py | 2 +- django_rules/utils.py | 5 +++-- 4 files changed, 11 insertions(+), 9 deletions(-) diff --git a/django_rules/backends.py b/django_rules/backends.py index 306ce43..4fa2ac4 100644 --- a/django_rules/backends.py +++ b/django_rules/backends.py @@ -10,9 +10,10 @@ except ImportError: # python = 2.6 from django.utils.importlib import import_module # NOQA -from .exceptions import (NonexistentFieldName, NonexistentPermission, - NotBooleanPermission, RulesError) -from .models import RulePermission +from django_rules.exceptions import (NonexistentFieldName, + NonexistentPermission, + NotBooleanPermission, RulesError) +from django_rules.models import RulePermission class RulePermCache(object): diff --git a/django_rules/decorators.py b/django_rules/decorators.py index 9721199..0ec0de3 100644 --- a/django_rules/decorators.py +++ b/django_rules/decorators.py @@ -7,9 +7,9 @@ from django.utils.functional import wraps from django.utils.http import urlquote -from .backends import ObjectPermissionBackend, rule_cache -from .exceptions import NonexistentPermission, RulesError -from .models import RulePermission +from django_rules.backends import ObjectPermissionBackend, rule_cache +from django_rules.exceptions import NonexistentPermission, RulesError +from django_rules.models import RulePermission def object_permission_required(perm, **kwargs): diff --git a/django_rules/models.py b/django_rules/models.py index 283e7e3..5df30a2 100644 --- a/django_rules/models.py +++ b/django_rules/models.py @@ -5,7 +5,7 @@ from django.core.exceptions import ValidationError from django.db import models -from .exceptions import NonexistentFieldName, RulesError +from django_rules.exceptions import NonexistentFieldName, RulesError class RulePermission(models.Model): diff --git a/django_rules/utils.py b/django_rules/utils.py index 3040c0c..b528a73 100644 --- a/django_rules/utils.py +++ b/django_rules/utils.py @@ -4,8 +4,9 @@ from django.contrib.contenttypes.models import ContentType -from models import RulePermission - +from django_rules.models import RulePermission + + def register(app_name, codename, model, field_name='', view_param_pk='', description=''): """ Call this function in your rules.py to register your RulePermissions From 57e850477f2d829e5ef661b8b196617460c0a8bc Mon Sep 17 00:00:00 2001 From: Matt Mascioni <639901+mm@users.noreply.github.com> Date: Fri, 26 Jul 2024 11:06:54 -0400 Subject: [PATCH 3/3] One more place where is_authenticated is not a method, rather its a property --- django_rules/backends.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/django_rules/backends.py b/django_rules/backends.py index 4fa2ac4..30072de 100644 --- a/django_rules/backends.py +++ b/django_rules/backends.py @@ -52,7 +52,7 @@ def has_perm(self, user_obj, perm, obj=None): if obj is None: return False - if not user_obj.is_authenticated(): + if not user_obj.is_authenticated: user_obj = User.objects.get(pk=settings.ANONYMOUS_USER_ID) # Centralized authorizations