Commits

Pedro Algarvio committed 525ca42

Allow not triggering identity loaders and savers for the current app's static path.

Comments (0)

Files changed (2)

flaskext/principal.py

     Identity management for Flask.
 
     :copyright: (c) 2010 by Ali Afshar.
+    :copyright: (c) 2011 by Pedro Algarvio.
     :license: MIT, see LICENSE for more details.
 
 """
 from collections import namedtuple, deque
 
 
-from flask import g, session, current_app, abort
+from flask import g, session, current_app, abort, request
 from flask.signals import Namespace
 
 
         """Does the same thing as ``self.union(other)``
         """
         return self.union(other)
-    
+
     def __or__(self, other):
         """Does the same thing as ``self.difference(other)``
         """
 
         If ``http_exception`` is passed then ``abort()`` will be called
         with the HTTP exception code. Otherwise a ``PermissionDenied``
-        exception will be raised if the identity does not meet the 
+        exception will be raised if the identity does not meet the
         requirements.
 
         :param http_exception: the HTTP exception code (403, 401 etc)
 
     def test(self, http_exception=None):
         """
-        Checks if permission available and raises relevant exception 
+        Checks if permission available and raises relevant exception
         if not. This is useful if you just want to check permission
         without wrapping everything in a require() block.
 
 
         with self.require(http_exception):
             pass
-        
+
     def reverse(self):
         """
-        Returns reverse of current state (needs->excludes, excludes->needs) 
+        Returns reverse of current state (needs->excludes, excludes->needs)
         """
 
         p = Permission()
         return p
 
     def difference(self, other):
-        """Create a new permission consisting of requirements in this 
+        """Create a new permission consisting of requirements in this
         permission and not in the other.
         """
 
             return False
 
         return True
-       
+
     def can(self):
         """Whether the required context for this permission has access
 
     :param app: The flask application to extend
     :param use_sessions: Whether to use sessions to extract and store
                          identification.
+    :param skip_static: Skip triggering identity loaders and saver for the
+                        current app's static path
     """
-    def __init__(self, app=None, use_sessions=True):
+    def __init__(self, app=None, use_sessions=True, skip_static=False):
         self.identity_loaders = deque()
         self.identity_savers = deque()
         # XXX This will probably vanish for a better API
         self.use_sessions = use_sessions
+        self.skip_static = skip_static
         if app is not None:
             self._init_app(app)
 
 
         :param identity: The identity to set
         """
+        if self.skip_static and \
+                            request.path.startswith(current_app.static_path):
+            return
+
         self._set_thread_identity(identity)
         for saver in self.identity_savers:
             saver(identity)
         self.set_identity(identity)
 
     def _on_before_request(self):
+        if self.skip_static and \
+                            request.path.startswith(current_app.static_path):
+            return
         g.identity = AnonymousIdentity()
         for loader in self.identity_loaders:
             identity = loader()
 
 setup(
     name='Flask-Principal',
-    version='0.2',
+    version='0.2.1',
     url='http://packages.python.org/Flask-Principal/',
     license='MIT',
     author='Ali Afshar',