CODEWITHSUNDEEP
django
Dmitriy Smirnov
Dmitriy Smirnov

Reputation: 449

Django Guardian - How to use a permission_required decorator with a class based view?

I have a CB DeleteView that I am trying to decorate with Guardian's permission_required. The permission should be for the logged in user and for the object of the DeleteView. The Guardian docs aren't too clear about this, so I'm wondering if anyone could clarify.

Upvotes: 6

Views: 3100

Answers (2)

Vlad T.
Vlad T.

Reputation: 2608

I encountered almost the same problem and here is my solution (adapted to your case):

views.py

class MyModelDeleteView(DeleteView):
    model=MyModel

    @method_decorator(permission_required_or_403('myapp.delete_mymodel',
        (MyModel, 'slug', 'slug'), accept_global_perms=True))
    def dispatch(self, *args, **kwargs):
        return super(MyModelDeleteView, self).dispatch(*args, **kwargs)

Note that you can pass accept_global_perms parameter, that is False by default. It allows users with 'myapp.delete_mymodel' permission to delete any object of MyModel class. This can be useful for moderators, for example.

Guardian Decorators documentation.

Upvotes: 5

Vivek S
Vivek S

Reputation: 5540

To decorate every instance of a class-based view, you need to decorate the class definition itself. To do this you apply the decorator to the dispatch() method of the class.For xample,

class ExampleView(TemplateView):
    template_name = 'Example.html'

    @method_decorator(login_required)
    def dispatch(self, *args, **kwargs):
        return super(ExampleView, self).dispatch(*args, **kwargs)

Upvotes: 0

Related Questions