当django1.9版本,配置权限@permission_required("userauth.view_user")时,会提示permission TypeError,导致权限验证失败
检查源码发现,内部的权限调用的代码是
def _user_has_perm(user, perm, obj):
"""
A backend can raise PermissionDenied to short-circuit permission checking.
"""
for backend in auth.get_backends():
if not hasattr(backend, 'has_perm'):
continue
try:
if backend.has_perm(user, perm, obj):
return True
except PermissionDenied:
return False
return False
而对用django_auth_ldap的has_perm的函数是
def has_perm(self, user, perm):
return perm in self.get_all_permissions(user)
会导致函数参数不匹配,
可以修改为
def has_perm(self, user, perm,obj=None):
return perm in self.get_all_permissions(user)
当django1.9版本,配置权限@permission_required("userauth.view_user")时,会提示permission TypeError,导致权限验证失败
检查源码发现,内部的权限调用的代码是
def _user_has_perm(user, perm, obj):
"""
A backend can raise
PermissionDeniedto short-circuit permission checking."""
for backend in auth.get_backends():
if not hasattr(backend, 'has_perm'):
continue
try:
if backend.has_perm(user, perm, obj):
return True
except PermissionDenied:
return False
return False
而对用django_auth_ldap的has_perm的函数是
def has_perm(self, user, perm):
return perm in self.get_all_permissions(user)
会导致函数参数不匹配,
可以修改为
def has_perm(self, user, perm,obj=None):
return perm in self.get_all_permissions(user)