tessl/pypi-django-rosetta
A Django application that facilitates the translation process of your Django projects
—
Pending
access-control.mddocs/
Access Control and Permissions
Configurable permission system controlling who can access translation features, with support for user groups, language-specific permissions, and custom access control functions. The system integrates with Django's authentication framework while providing translation-specific authorization.
Capabilities
User Permission Checking
Core functions for determining user access to Rosetta functionality.
def can_translate(user) -> bool:
"""
Check if user can access Rosetta translation interface.
Uses configured access control function to determine permissions.
Default behavior checks for superuser, staff status, or membership
in 'translators' group.
Parameters:
- user: Django User instance
Returns:
Boolean indicating translation access permission
"""
def can_translate_language(user, langid: str) -> bool:
"""
Check if user can translate specific language.
Supports language-specific permission control when
ROSETTA_LANGUAGE_GROUPS setting is configured.
Parameters:
- user: Django User instance
- langid: Language code (e.g., 'en', 'fr', 'de')
Returns:
Boolean indicating permission for specific language
"""Access Control Configuration
Functions for managing and retrieving access control configuration.
def get_access_control_function():
"""
Get configured access control predicate function.
Retrieves function specified by ROSETTA_ACCESS_CONTROL_FUNCTION
setting, or returns default implementation.
Returns:
Callable that takes User instance and returns boolean
"""
def is_superuser_staff_or_in_translators_group(user) -> bool:
"""
Default access control implementation.
Grants access to users who are:
- Superusers
- Staff members
- Members of 'translators' group
Parameters:
- user: Django User instance
Returns:
Boolean indicating access permission
"""Configuration Options
Access control behavior is configured through Django settings:
# Settings affecting access control
ROSETTA_ACCESS_CONTROL_FUNCTION: str = 'rosetta.access.is_superuser_staff_or_in_translators_group'
"""
Path to function that determines user access.
Function must accept User instance and return boolean.
"""
ROSETTA_REQUIRES_AUTH: bool = True
"""
Whether authentication is required for Rosetta access.
If False, allows anonymous access (not recommended for production).
"""
ROSETTA_LANGUAGE_GROUPS: dict = {}
"""
Language-specific group permissions.
Format: {'language_code': ['group1', 'group2']}
Example: {'fr': ['french_translators'], 'de': ['german_translators']}
"""
ROSETTA_LOGIN_URL: str = '/admin/login/'
"""
URL to redirect unauthenticated users for login.
"""Usage Examples
Basic Permission Setup
# settings.py - Use default permission system
INSTALLED_APPS = ['rosetta']
# Create a translators group in Django admin or programmatically
from django.contrib.auth.models import Group, User
# Create translators group
translators_group, created = Group.objects.get_or_create(name='translators')
# Add users to group
user = User.objects.get(username='translator_user')
user.groups.add(translators_group)
# Now user can access Rosetta at /rosetta/Custom Access Control Function
# myapp/permissions.py
def custom_can_translate(user):
"""
Custom access control for Rosetta.
Allow access based on custom business logic.
"""
if not user.is_authenticated:
return False
# Custom logic: check user profile or permissions
if hasattr(user, 'profile'):
return user.profile.can_translate
# Fallback to staff status
return user.is_staff
# settings.py
ROSETTA_ACCESS_CONTROL_FUNCTION = 'myapp.permissions.custom_can_translate'Language-Specific Permissions
# settings.py - Restrict languages by user groups
ROSETTA_LANGUAGE_GROUPS = {
'fr': ['french_translators', 'managers'],
'de': ['german_translators', 'managers'],
'es': ['spanish_translators', 'managers'],
}
# Create language-specific groups
from django.contrib.auth.models import Group, User
# Create groups
french_group = Group.objects.create(name='french_translators')
german_group = Group.objects.create(name='german_translators')
managers_group = Group.objects.create(name='managers')
# Assign users to language groups
french_translator = User.objects.get(username='marie')
french_translator.groups.add(french_group)
# Managers can translate all languages
manager = User.objects.get(username='admin')
manager.groups.add(managers_group)Programmatic Permission Checking
from rosetta.access import can_translate, can_translate_language
def my_view(request):
"""Custom view checking Rosetta permissions."""
if not can_translate(request.user):
return HttpResponseForbidden("Translation access denied")
# Check language-specific permission
if not can_translate_language(request.user, 'fr'):
return HttpResponseForbidden("French translation access denied")
# User has permission, proceed with view logic
return render(request, 'my_template.html')Integration with Django Views
from django.contrib.auth.decorators import user_passes_test
from rosetta.access import can_translate
@user_passes_test(can_translate)
def translation_management_view(request):
"""View requiring Rosetta translation permission."""
# View logic here
pass
# Or as class-based view
from django.contrib.auth.mixins import UserPassesTestMixin
class TranslationManagementView(UserPassesTestMixin, TemplateView):
"""Class-based view with Rosetta permission check."""
def test_func(self):
return can_translate(self.request.user)Custom Login Integration
# settings.py - Custom login URL
ROSETTA_LOGIN_URL = '/accounts/login/'
# Or integrate with custom authentication
ROSETTA_ACCESS_CONTROL_FUNCTION = 'myapp.auth.custom_rosetta_check'
# myapp/auth.py
def custom_rosetta_check(user):
"""Integrate with custom authentication system."""
if not user.is_authenticated:
return False
# Check against custom permissions system
return user.has_permission('translate_interface')Install with Tessl CLI
npx tessl i tessl/pypi-django-rosetta