permissions backends, with a simple implementation

[loolmeh]

Django's permissions is objects based and uses the ContentType framework which isn't terribly performant and requires a row per object or something terrible like that. A simple implementation would be using class_function namespacing in a class as an attribute to refer to pyapi calls, and have those attribute return True or False using a backend call like has_perms.

backend api sketch:

has_perms('method', user)
get_perms('method', user)
@check_perms decorator to dynamically send method names and user from the call using .__name__ and .im_class.__name__ on the wrapped function

sketch implementation:

# perms.py
class UserPerms(object):
    sentence_add = True

    def messages_inbox(self, *args, **kwargs):
        return user.username == 'liori'

perms = {
   'u': UserPerms()
}

# perm_backends.simple_perms.py

from pytoeba.perms import perms
import inspect

class SimplePermsBackend(PermsBackend):

    def has_perms(self, target, user, *args, **kwargs):
        perm_class = perms[user.user_status]
        target_perm = getattr(perm_class, target, False)

        if inspect.isfunction(target_perm):
            target_perm = target_perm(args, user=user, kwargs)

        return target_perm

# managers.py

perms_backend = SimplePermsBackend()

class SentenceManager(Manager):

    def add(self, text, lang='auto'):
        user = get_user()

        has_perms = perms_backend.has_perms('sentence_add', user)
        if has_perms: continue
        else: raise InsufficientPerms

        sent = self.create(
            added_by=user, owner=user, text=text, lang=lang
            )
        Log = get_model('pytoeba', 'Log')
        Log.objects.create(
            sentence=sent, type='sad', done_by=user, change_set=text,
            target_id=sent.id, target_hash_id=sent.hash_id
            )
        return sent