cst1/kpsul
1
0
Fork 0
forked from DGNum/gestioCOF
Code Pull requests Activity

Enable authentication on KPsul websocket.

Browse source 
- PermConsumerMixin allows checking permissions on connection to a
  consumer.
- KPsul consumer uses this mixin to check if connecting user has the
  permission `kfet.is_team`.

Fixes #67.
This commit is contained in:
Aurélien Delobelle 2017-04-09 16:10:27 +02:00
parent 1e18c4043e
commit 029d59e615
1 changed files with 21 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
kfet/consumers.py
View file

@ -17,5 +17,25 @@ class DjangoJsonWebsocketConsumer(JsonWebsocketConsumer):
return json.dumps(content, cls=DjangoJSONEncoder) return json.dumps(content, cls=DjangoJSONEncoder)
class KPsul(DjangoJsonWebsocketConsumer): class PermConsumerMixin(object):
"""Add support to check permissions on Consumers.
Attributes:
perms_connect (list): Required permissions to connect to this
consumer.
"""
http_user = True # Enable message.user
perms_connect = []
def connect(self, message, **kwargs):
"""Check permissions on connection."""
if message.user.has_perms(self.perms_connect):
super().connect(message, **kwargs)
else:
self.close()
class KPsul(PermConsumerMixin, DjangoJsonWebsocketConsumer):
groups = ['kfet.kpsul'] groups = ['kfet.kpsul']
perms_connect = ['kfet.is_team']