How can make Django permission_required decorator not to redirect already logged-in users to login page, but display some message
A quick and dirty solution would be to write your own decorator to do this. Something like this:
decorator_with_arguments = lambda decorator: lambda *args, **kwargs: lambda func: decorator(func, *args, **kwargs)@decorator_with_argumentsdef custom_permission_required(function, perm): def _function(request, *args, **kwargs): if request.user.has_perm(perm): return function(request, *args, **kwargs) else: request.user.message_set.create(message = "What are you doing here?!") # Return a response or redirect to referrer or some page of your choice return _function
You can then decorate your view thus:
@custom_permission_required('my_perm')def my_view(request, *args, **kwargs): #Do stuff
Since django 1.4 permission_required
has a raise_exception
parameter that you can set to True to have an unauthorized PermissionDenied exception raised
Eg. to give an exemple on a Class Based View:
from django.contrib.auth.decorators import permission_required...class MyView(TemplateView): @method_decorator(permission_required('can_do_something', raise_exception=True)) def dispatch(self, *args, **kwargs): return super(MyView, self).dispatch(*args, **kwargs)
I'm assuming this question requires two pieces
- Users that are already logged in do not get redirected to the login page
- Users that are not logged in do not get redirected
@Manoj Govindan's answer nor @Stefano's answer will not work. @Lidor's answer will work, but he has fully re-implemented the permission_required
function.
Here is a simpler way:
@login_required@permission_required('hi there', raise_exception=True)def blah(request): pass
With this, if the user is not logged in, they will be redirected. If they are but they don't have permissions, they will be down an error.