Hi, The auth-decorators to check for permission are nice, but it would be better, if the authorization could be decoupled from calling the view.
My goal: Check if a user can access a view without calling it, because I want to disable/hide a link if the user must not call it. I implemented it in my application, but it would be nice if something like this would inside django (This would improve plug-ability of applications) My implementation works like this: every view method as an attribute 'has_perm' which takes the same args, kwargs like the view: def myview(request, something) ... myview.has_perm=lambda ... For ease of usage you can set has_perm to True (no access restriction) or to a permission string (app_label.perm_codename) or to is_authenticated, is_staff, is_superuser. There is a small helper method for checking if a user/request would be allowed to access this view and a small middleware to render "403 forbidden" pages. Thomas -- Thomas Guettler, http://www.thomas-guettler.de/ E-Mail: guettli (*) thomas-guettler + de --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---