Commit 8dbb1e34 authored by Tanner Prestegard's avatar Tanner Prestegard Committed by GraceDB

Add "switch-based" public access decorator

When applied, this makes a view publicly available *if* the
settings.UNAUTHENTICATED_ACCESS switch is True; otherwise you
must be authenticated. This will be useful to propagate to
most other views to make this settings switch globally effective
at some point.
parent 54c5fb99
......@@ -27,7 +27,7 @@ PROJECT_VERSION = '2.5.1'
# Unauthenticated access ------------------------------------------------------
# This variable should eventually control whether unauthenticated access is
# allowed *ANYWHERE* on this service, except the home page, which is always
# public. For now, it just controls the API.
# public. For now, it just controls the API and the public alerts page.
UNAUTHENTICATED_ACCESS = True
# Miscellaneous settings ------------------------------------------------------
......
import logging
from django.conf import settings
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.contrib.auth.decorators import user_passes_test
from django.core.exceptions import PermissionDenied
import logging
# Set up logger
logger = logging.getLogger(__name__)
......@@ -48,3 +50,17 @@ def lvem_observers_only(function=None, login_url=None, superuser_allowed=False,
if function:
return actual_decorator(function)
return actual_decorator
def public_if_public_access_allowed(function=None, login_url=None,
raise_exception=False):
# Either unauthenticated access is allowed or if not,
# the user is authenticated
test_func = lambda u: \
settings.UNAUTHENTICATED_ACCESS or u.is_authenticated
actual_decorator = user_passes_test(test_func, login_url=login_url)
if function:
return actual_decorator(function)
return actual_decorator
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment