Add has_perm() etc. to request during the NewRequest event

still get the occasional server error when handling what should be a
simple 404 request e.g. for /wp-login.php

error indicates there is no `request.has_perm()` at the time, so
hoping this moves it earlier in the life cycle so it *will* exist..
This commit is contained in:
Lance Edgar 2023-03-25 01:01:52 -05:00
parent 714c0a6cfd
commit 2f8411ba2f

View file

@ -62,6 +62,16 @@ def new_request(event):
This of course assumes that a Rattail ``config`` object *has* in fact
already been placed in the application registry settings. If this is
not the case, this function will do nothing.
Also, attach some goodies to the request object:
* The currently logged-in user instance (if any), as ``user``.
* ``is_admin`` flag indicating whether user has the Administrator role.
* ``is_root`` flag indicating whether user is currently elevated to root.
* A shortcut method for permission checking, as ``has_perm()``.
"""
request = event.request
rattail_config = request.registry.settings.get('rattail_config')
@ -87,12 +97,27 @@ def new_request(event):
request.is_admin = bool(request.user) and request.user.is_admin()
request.is_root = request.is_admin and request.session.get('is_root', False)
# TODO: why would this ever be null?
if rattail_config:
app = rattail_config.get_app()
auth = app.get_auth_handler()
request.tailbone_cached_permissions = auth.get_permissions(
Session(), request.user)
def has_perm(name):
if name in request.tailbone_cached_permissions:
return True
return request.is_root
request.has_perm = has_perm
def has_any_perm(*names):
for name in names:
if has_perm(name):
return True
return False
request.has_any_perm = has_any_perm
def before_render(event):
"""
@ -206,36 +231,16 @@ def add_inbox_count(event):
def context_found(event):
"""
Attach some goodies to the request object.
Attach some more goodies to the request object:
The following is attached to the request:
* The currently logged-in user instance (if any), as ``user``.
* ``get_referrer()`` function
* ``is_admin`` flag indicating whether user has the Administrator role.
* ``is_root`` flag indicating whether user is currently elevated to root.
* A shortcut method for permission checking, as ``has_perm()``.
* A shortcut method for fetching the referrer, as ``get_referrer()``.
* ``get_session_timeout()`` function
"""
request = event.request
def has_perm(name):
if name in request.tailbone_cached_permissions:
return True
return request.is_root
request.has_perm = has_perm
def has_any_perm(*names):
for name in names:
if has_perm(name):
return True
return False
request.has_any_perm = has_any_perm
def get_referrer(default=None, **kwargs):
if request.params.get('referrer'):
return request.params['referrer']