Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

django.contrib.sites integration #130

Open
parruc opened this issue Dec 8, 2020 · 5 comments
Open

django.contrib.sites integration #130

parruc opened this issue Dec 8, 2020 · 5 comments

Comments

@parruc
Copy link

parruc commented Dec 8, 2020
edited

It would be really cool to have, in the predicates, an optional "site" parameter to easily integrate with the django.contrib.sites framework
@benwhalley
Copy link

This wouldn't work outside of a request. I can see it would be useful though — maybe even better to just expose the request to predicates, if it's available?

@dfunckt
Copy link
Owner

dfunckt commented Dec 8, 2020

Passing the request sounds much more useful, but I wouldn't want to make it a required argument. The request could be passed as a context argument however. For plain rules, the caller can provide that directly, and for permissions it's trivial to write a custom backend that forwards it. I'd happily accept a PR.

@parruc
Copy link
Author

parruc commented Dec 8, 2020

Getting the whole request would be fantastic and I think it is the way to go. I can try to watch into it if somebody guides me into where these modifications should be made: I use rules a lot but never looked into it deeply.

@parruc
Copy link
Author

parruc commented Dec 9, 2020

I've looked into it a bit and looks like when some view checks a permission the following happens:
1- rules.contrib.views.PermissionRequiredMixin.has_permission is called. Here we have the request. we than call
2- django.contrib.auth.models.User.has_perms that calls in turn all the authentication backends passing only user, permission and object. Here we don't have the request anymore
3- rules.permissions.ObjectPermissionBackend forwards all received aguments to
4- rules.ruleset.test_rule that delegates the check (forwarding all params) to
5- rules.predicates.test that creates a context and returns the result.
Is this analysis correct or there is something I'm missing?

What I should do, if I got it right, is:
1- add request=NO_VALUE to the rules.predicates.test signature and in predicate context so that in my predicates I can do self.context.get("request").
2- add the request to the has_perm call in rules.contrib.views.PermissionRequiredMixin.has_permission
3- Somehow override the django.contrib.auth.models.User.has_perms method in order to forward the request, This is the biggest obstacle I see atm cause I dont see a way around it.

Any idea/thoughts/suggestion?

Thanks for the support

@parruc
Copy link
Author

parruc commented Dec 10, 2020

Regarding the third point I tried to open a ticket on the django tracker:

https://code.djangoproject.com/ticket/32255

Feel free to join the discussion

@parruc parruc mentioned this issue Dec 12, 2020
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dfunckt @benwhalley @parruc