Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Why has_permission decorator is being deprecated ? #338

Open
lucasm0ta opened this issue Aug 7, 2020 · 1 comment
Open

Why has_permission decorator is being deprecated ? #338

lucasm0ta opened this issue Aug 7, 2020 · 1 comment

Comments

@lucasm0ta
Copy link

Checking on the code, the decorator has_permission option is being deprecated in favor of check_permission which has no decorator option. Why?
My best guess is is that it should not be the responsibility of the package to implement such feature, but I could not find the documented reason.
@oplik0
Copy link

oplik0 commented Aug 13, 2020
edited

See #169

TL;DR (though it's a short thread):
the only difference in practice is that you put the new calls after function definition and not before and it helps with debugging and is better in class-based views.

There is little difference between

@has_permission("read")
async def handler(request):
    (your code)

And

async def handler(request):
    await check_permission(request, "read")
    (your code)

And both do exactly the same thing in the app - raise HTTPForbidden if user is unauthorized

No idea why it wasn't documented anywhere though, since that thread even mentions explaining the reasoning in documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lucasm0ta @oplik0