Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LOGIN page functionality #28

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

LOGIN page functionality #28

wants to merge 5 commits into from

Conversation

Natgho
Copy link

@Natgho Natgho commented Oct 25, 2023

No description provided.

@Tijani-Dia
Copy link
Owner

Thanks @Natgho. Please see my comment on #27.

@Natgho Natgho changed the title LOGIN and IGNORE_CONFLICT params LOGIN page functionality Oct 25, 2023
@Natgho
Copy link
Author

Natgho commented Oct 25, 2023

Hi,

Yes you are right, I only put the login feature in this PR. I leave the other issue to you, I can help the code if you open it as a PR.

@Tijani-Dia
Copy link
Owner

Tijani-Dia commented Oct 25, 2023
edited
Loading

A few thoughts/comments:

  1. I think we may want to make the user test configurable. Currently, this uses staff_member_required but I suspect other use cases may arise; for example user_is_authenticated or user is in group 'x'.
  2. This implementation assumes one has an authentication system in place (See notes on login_required decorator). If we continue this route, we'll need to document it somewhere and also update the configuration docs

A way to achieve point 1 is:

diff --git a/src/dj_tracker/constants.py b/src/dj_tracker/constants.py
index 0b311e1..1ef844a 100644
--- a/src/dj_tracker/constants.py
+++ b/src/dj_tracker/constants.py
@@ -34,6 +34,7 @@ def _set_dj_tracker_settings():
         "APPS_TO_EXCLUDE": (),
         "IGNORE_MODULES": (),
         "IGNORE_PATHS": (),
+        "USER_TEST_FUNC": lambda user: True,
     }
     DJ_TRACKER_SETTINGS.update(getattr(settings, "DJ_TRACKER", {}))
 
@@ -102,6 +103,19 @@ def _get_collection_interval():
     return DJ_TRACKER_SETTINGS.pop("COLLECTION_INTERVAL")
 
 
+def _get_user_test_func():
+    from django.contrib.auth.decorators import user_passes_test
+    from django.utils.module_loading import import_string
+
+    _set_dj_tracker_settings()
+
+    test_func = DJ_TRACKER_SETTINGS.pop("USER_TEST_FUNC")
+    if isinstance(test_func, str):
+        test_func = import_string(test_func)
+
+    return user_passes_test(test_func)
+
+
 def _get_trackings_db():
     from django.conf import settings
 
diff --git a/src/dj_tracker/urls.py b/src/dj_tracker/urls.py
index f45bd85..42fba7d 100644
--- a/src/dj_tracker/urls.py
+++ b/src/dj_tracker/urls.py
@@ -1,6 +1,8 @@
+from functools import update_wrapper
+
 from django.urls import path, register_converter
 
-from dj_tracker import views
+from dj_tracker import constants, views
 
 
 class CacheKeyConverter:
@@ -36,3 +38,7 @@ urlpatterns = [
         name="query-group",
     ),
 ]
+
+wrapper = constants.USER_TEST_FUNC
+for pattern in urlpatterns:
+    pattern.callback = update_wrapper(wrapper(pattern.callback), pattern.callback)

WIth these changes, one could limit access to staff by doing the following:

# settings.py

DJ_TRACKER = { "USER_TEST_FUNC": lambda user: user.is_staff}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Natgho @Tijani-Dia