ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4834/python/rule.adoc
Fred Tingaud 16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
2023-05-25 14:18:12 +02:00

98 lines
2.8 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
----
# limiting access via "has_perm" and adding permission with "user_permissions.add"
from django.contrib.auth.models import Permission, User, Group
from django.contrib.contenttypes.models import ContentType
from django.shortcuts import get_object_or_404
from django.core.exceptions import PermissionDenied
def test_permissions(request, user_id): # Sensitive. This method checks permissions/authentication or changes permissions
user = get_object_or_404(User, pk=user_id)
# Or
user = request.user
user.has_perm('thisis.a_perm') # Check permission
user.has_perms(['thisis.a_perm']) # Check permission
request.user.is_authenticated # Check permission
content_type = ContentType.objects.get_for_model(User)
permission = Permission.objects.get(
codename='change_something',
content_type=content_type,
)
user.user_permissions.add(permission) # Changes permissions
user.user_permissions.set([permission]) # Changes permissions
user.user_permissions.remove(permission) # Changes permissions
user.user_permissions.clear() # Changes permissions
group, created = Group.objects.get_or_create(name='mygroup')
group = Group.objects.get(name='mygroup') # Or
group.permissions.add(permission) # Changes permissions
group.permissions.set([permission]) # Changes permissions
group.permissions.remove(permission) # Changes permissions
group.permissions.clear() # Changes permissions
user.groups.set([group]) # Changes permissions
user.groups.add(group) # Changes permissions
user.groups.remove(group) # Changes permissions
user.groups.clear() # Changes permissions
raise PermissionDenied # Denies permission
# limiting access to the models with Model->Meta->permissions
from django.db import models
class Person(models.Model):
class Meta:
permissions = (('can_sleep_in_bed', 'Can sleep in bed'),) # Sensitive.
# Limiting access with the decorators
from django.contrib.auth.decorators import permission_required, login_required
@login_required # Checks authentication
@permission_required('app.can_sleep') # Checks permission
def index(request): # Sensitive.
pass
# Limiting access with "PermissionRequiredMixin"
from django.contrib.auth.mixins import PermissionRequiredMixin
from django.views.generic import View
class MyView(PermissionRequiredMixin, View):
permission_required = ('app.can_sleep', 'app.can_drive') # Sensitive.
----
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
=== Highlighting
secondary location on XXX
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink