Using UserPassesTestMixin (class based view) AND redirect as well












0














I'm trying to instead use the Class based view, and all I end up with the default 403 Forbidden page.. Is the order of the mixin classes correct? Does the code even get used -as in get/post or does everything get bypassed and the default 403 redirect occur?



All working examples seen so far, only point to the decorator @login_required in a function based view and use the request object to redirect to the login page.
The documentation provides some tips, but I can't get it to work with the code below.. Putting the error stack as well.



check 



 "GET / HTTP/1.1" 200 2580

Forbidden (Permission denied): /app/custom-view

Traceback (most recent call last):

  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersexception.py", line 34, in inner

    response = get_response(request)

  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 126, in _get_response

    response = self.process_exception_by_middleware(e, request)

  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 124, in _get_response

    response = wrapped_callback(request, *callback_args, **callback_kwargs)

  File "C:Usersme.envsprojectlibsite-packagesdjangoviewsgenericbase.py", line 68, in view

    return self.dispatch(request, *args, **kwargs)

  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 52, in dispatch

    return super().dispatch(request, *args, **kwargs)

  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 108, in dispatch

    return self.handle_no_permission()

  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 43, in handle_no_permission

    raise PermissionDenied(self.get_permission_denied_message())

django.core.exceptions.PermissionDenied


Code:



 class UserIsAdminMixin(UserPassesTestMixin):

        def test_func(self):

            return request.user.groups.filter(name='CustomAdmin').exists()



    class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):

        template_name = 'template.html'

        # login_url = '/login/'

        # redirect_field_name = 'my_link_name'



        def get(self, request):

            form = CustomForm()

            # This does not work neither does setting up login_url 

            if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():

                return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))


I am willing to trying out this solution, if the above approach doesn't work






django-authentication django-class-based-views django-users







share|improve this question





























    0














    I'm trying to instead use the Class based view, and all I end up with the default 403 Forbidden page.. Is the order of the mixin classes correct? Does the code even get used -as in get/post or does everything get bypassed and the default 403 redirect occur?



    All working examples seen so far, only point to the decorator @login_required in a function based view and use the request object to redirect to the login page.
    The documentation provides some tips, but I can't get it to work with the code below.. Putting the error stack as well.



    check 



     "GET / HTTP/1.1" 200 2580
    
Forbidden (Permission denied): /app/custom-view
    
Traceback (most recent call last):
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersexception.py", line 34, in inner
    
    response = get_response(request)
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 126, in _get_response
    
    response = self.process_exception_by_middleware(e, request)
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 124, in _get_response
    
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
    
  File "C:Usersme.envsprojectlibsite-packagesdjangoviewsgenericbase.py", line 68, in view
    
    return self.dispatch(request, *args, **kwargs)
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 52, in dispatch
    
    return super().dispatch(request, *args, **kwargs)
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 108, in dispatch
    
    return self.handle_no_permission()
    
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 43, in handle_no_permission
    
    raise PermissionDenied(self.get_permission_denied_message())
    
django.core.exceptions.PermissionDenied


    Code:



     class UserIsAdminMixin(UserPassesTestMixin):
    
        def test_func(self):
    
            return request.user.groups.filter(name='CustomAdmin').exists()
    

    
    class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):
    
        template_name = 'template.html'
    
        # login_url = '/login/'
    
        # redirect_field_name = 'my_link_name'
    

    
        def get(self, request):
    
            form = CustomForm()
    
            # This does not work neither does setting up login_url 
    
            if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():
    
                return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))


    I am willing to trying out this solution, if the above approach doesn't work






    django-authentication django-class-based-views django-users







    share|improve this question



























      0












      0








      0







      I'm trying to instead use the Class based view, and all I end up with the default 403 Forbidden page.. Is the order of the mixin classes correct? Does the code even get used -as in get/post or does everything get bypassed and the default 403 redirect occur?



      All working examples seen so far, only point to the decorator @login_required in a function based view and use the request object to redirect to the login page.
      The documentation provides some tips, but I can't get it to work with the code below.. Putting the error stack as well.



      check 



       "GET / HTTP/1.1" 200 2580
      
Forbidden (Permission denied): /app/custom-view
      
Traceback (most recent call last):
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersexception.py", line 34, in inner
      
    response = get_response(request)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 126, in _get_response
      
    response = self.process_exception_by_middleware(e, request)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 124, in _get_response
      
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangoviewsgenericbase.py", line 68, in view
      
    return self.dispatch(request, *args, **kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 52, in dispatch
      
    return super().dispatch(request, *args, **kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 108, in dispatch
      
    return self.handle_no_permission()
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 43, in handle_no_permission
      
    raise PermissionDenied(self.get_permission_denied_message())
      
django.core.exceptions.PermissionDenied


      Code:



       class UserIsAdminMixin(UserPassesTestMixin):
      
        def test_func(self):
      
            return request.user.groups.filter(name='CustomAdmin').exists()
      

      
    class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):
      
        template_name = 'template.html'
      
        # login_url = '/login/'
      
        # redirect_field_name = 'my_link_name'
      

      
        def get(self, request):
      
            form = CustomForm()
      
            # This does not work neither does setting up login_url 
      
            if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():
      
                return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))


      I am willing to trying out this solution, if the above approach doesn't work






      django-authentication django-class-based-views django-users







      share|improve this question















      I'm trying to instead use the Class based view, and all I end up with the default 403 Forbidden page.. Is the order of the mixin classes correct? Does the code even get used -as in get/post or does everything get bypassed and the default 403 redirect occur?



      All working examples seen so far, only point to the decorator @login_required in a function based view and use the request object to redirect to the login page.
      The documentation provides some tips, but I can't get it to work with the code below.. Putting the error stack as well.



      check 



       "GET / HTTP/1.1" 200 2580
      
Forbidden (Permission denied): /app/custom-view
      
Traceback (most recent call last):
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersexception.py", line 34, in inner
      
    response = get_response(request)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 126, in _get_response
      
    response = self.process_exception_by_middleware(e, request)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocorehandlersbase.py", line 124, in _get_response
      
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangoviewsgenericbase.py", line 68, in view
      
    return self.dispatch(request, *args, **kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 52, in dispatch
      
    return super().dispatch(request, *args, **kwargs)
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 108, in dispatch
      
    return self.handle_no_permission()
      
  File "C:Usersme.envsprojectlibsite-packagesdjangocontribauthmixins.py", line 43, in handle_no_permission
      
    raise PermissionDenied(self.get_permission_denied_message())
      
django.core.exceptions.PermissionDenied


      Code:



       class UserIsAdminMixin(UserPassesTestMixin):
      
        def test_func(self):
      
            return request.user.groups.filter(name='CustomAdmin').exists()
      

      
    class CustomAdminView(LoginRequiredMixin, UserIsAdminMixin, TemplateView):
      
        template_name = 'template.html'
      
        # login_url = '/login/'
      
        # redirect_field_name = 'my_link_name'
      

      
        def get(self, request):
      
            form = CustomForm()
      
            # This does not work neither does setting up login_url 
      
            if not request.user.is_authenticated or not request.user.is_staff or not self.request.user.groups.filter(name='CustomAdmin').exists():
      
                return redirect('%s?next=%s' % (settings.LOGIN_URL, request.path))


      I am willing to trying out this solution, if the above approach doesn't work






      django-authentication django-class-based-views django-users




      django-authentication django-class-based-views django-users






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Dec 28 '18 at 0:41

























      asked Dec 28 '18 at 0:36









      Loser Coder

      1,09262754




      1,09262754
























          0






          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53952412%2fusing-userpassestestmixin-class-based-view-and-redirect-as-well%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Stack Overflow!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.





          Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


          Please pay close attention to the following guidance:


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53952412%2fusing-userpassestestmixin-class-based-view-and-redirect-as-well%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          Monofisismo

          Image
          Monofisismo (do grego: monos - "único, singular" e physis - "natureza") é o ponto de vista cristológico que defende que, depois da união do divino e do humano na encarnação histórica, Jesus Cristo, como encarnação do Filho ou Verbo ( Logos ) de Deus, teria apenas uma única "natureza", a divina, e não uma síntese de ambas. O monofisismo é contraposto pelo diofisismo (ou "diafisismo"), que defende que Jesus preservou em si as duas naturezas. Historicamente, o monofisismo se refere primordialmente à posição dos que (especialmente no Egito e, em menor grau, na Síria) rejeitaram as decisões do Concílio de Calcedônia em 451 (o quarto concílio ecumênico). Os membros mais moderados entre eles, porém, defendem a teologia "miafisita", que se tornou a oficial para as Igrejas Ortodoxas Orientais. Muitos ortodoxos orientais, porém, rejeitam essa classificação, mesmo como um termo genérico, mas ele é amplamente utilizado na literatura históri...
          Read more

          Angular Downloading a file using contenturl with Basic Authentication

          Image
          0 I have a contentUrl when user clicks on that,file should be downloaded. If I try to browse the contentUrl in the browser it asks for Userid and password.I believe this is Basic Authentication.I dont want user to enter UserId and Password so I am passing it Authorization(Please see below code). Url looks some thing like this: http://XXX.XXX.XX.XXX:8080/flowable-rest/service/runtime/tasks/90875/attachments/90555/content let username : string = 'admin'; let pwd : string = 'test'; let headers = new Headers(); headers.set('Accept', 'text/json'); headers.append('Content-Type', 'application/json'); headers.set('Access-Control-Allow-Origin', '*'); headers.set('Access-Control-Allow-Methods','POST, GET, OPTIONS, PUT, DELETE'); head...
          Read more

          Olmecas

          Image
          Monumento 1, uma das quatro cabeças colossais encontradas em La Venta, com altura aproximada de 3 metros Olmecas é a designação do povo e da civilização que estiveram na origem da antiga cultura pré-colombiana da Mesoamérica e que se desenvolveram nas regiões tropicais do centro-sul do atual México durante o pré-clássico, próximo de onde hoje estão localizados os estados mexicanos de Veracruz e Tabasco, no Istmo de Tehuantepec, numa zona designada área nuclear olmeca. A cultura olmeca floresceu nesta região aproximadamente entre 1500 e 400 a.C., [ 1 ] e crê-se que tenha sido a civilização-mãe de todas as civilizações mesoamericanas que se desenvolveram posteriormente. [ 2 ] No entanto, desconhece-se a sua exacta filiação étnica, ainda que existam numerosas hipóteses colocadas para tentar resolver esta questão. O etnónimo olmeca foi cunhado pelos arqueólogos do século XX, e não devem confundir-se com os muito posteriores olmecas-xicalancas que ocuparam vários locais do México...
          Read more