user_acl_middleware
middleware to set user_acl
property on the request
. This user_acl
property is plain dictionary that contains user acl as well as additional data useful for permission checks:user_id
- ID of the user this user_acl
belongs to.cache_versions
- copy of cache versions used to create this user_acl
.is_authenticated
is_anonymous
is_staff
is_superuser
user_acl
outside of http request, you will need to use get_user_acl
function from misago.acl.useracl
module, and get_cache_versions
function from misago.cache.versions
to obtain cache versions:user_acl
:categories
entry is dict of dicts:add_acl_to_obj
utility function from misago.acl.objectacl
. Doing so will create an acl
property on the object for you to instrospect its permissions easily:user_acl
variable:Misago User ACL
option to the Django Debug Toolbar menu. This page display user roles permissions as well as final ACL assigned to current request.MISAGO_ACL_EXTENSIONS
setting. By convention, those modules are either named "permissions", or they are located in "permissions" package.change_permissions_form(role)
YesNoSwitch
form field that renders nice "Yes/No" switch as input. This field is simple wrapper around TypedChoiceField
that coerces to int
. If you use use it for your permissions, make sure your ACL implementation handles their values as 1
or 0
, not as True
or False
, or your forms will break!build_acl(acl, roles, key_name)
permissions
attributes. Its expected to access roles permissions
attributes which are dicts of values coming from permission change forms and return updated acl
dict.register_with(registry)
registry
- istance of PermissionProviders that imported module.register_with
function is called, its passed PermissionProviders
instance that exposes following methods:acl_annotator(hashable_type, func)
func
as ACL annotator for hashable_type
.user_acl_serializer(func)
func
as user ACL serializer. This function will be called with copy of user_acl
(excluding the cache_versions
key), and is expected to perform any required changes before ACL will be converted to JSON and sent to client. For example, an serializer simplifies the categories
entry to only contain ACL for categories that are browseable by the user.get_type_annotators(obj)
obj
or empty list is none exist.get_user_acl_serializers()
user
- user asking to make target aware of its ACL'starget
- target instance, guaranteed to be an single object, not list or other iterable (like queryset)misago.acl.algebra
module.sum_acls(result_acl, acls=None, roles=None, key=None, **permissions)
sum_acls
support for new tests specific for your ACLs.