[ACCEPTED]-How can make Django permission_required decorator not to redirect already logged-in users to login page, but display some message-django-authentication

A quick and dirty solution would be to write 3 your own decorator to do this. Something 2 like this:

decorator_with_arguments = lambda decorator: lambda *args, **kwargs: lambda func: decorator(func, *args, **kwargs)

@decorator_with_arguments
def custom_permission_required(function, perm):
    def _function(request, *args, **kwargs):
        if request.user.has_perm(perm):
            return function(request, *args, **kwargs)
        else:
            request.user.message_set.create(message = "What are you doing here?!")
            # Return a response or redirect to referrer or some page of your choice
    return _function

You can then decorate your view 1 thus:

@custom_permission_required('my_perm')
def my_view(request, *args, **kwargs):
    #Do stuff

Since django 1.4 permission_required has a raise_exception parameter that 3 you can set to True to have an unauthorized 2 PermissionDenied exception raised

Eg. to give an exemple 1 on a Class Based View:

from django.contrib.auth.decorators import permission_required
...

class MyView(TemplateView):

    @method_decorator(permission_required('can_do_something', raise_exception=True))
    def dispatch(self, *args, **kwargs):
        return super(MyView, self).dispatch(*args, **kwargs)

Ref:permission_required decorator doc

I'm assuming this question requires two 7 pieces

• Users that are already logged in do not get redirected to the login page
• Users that are not logged in do not get redirected

@Manoj Govindan's answer nor @Stefano's 6 answer will not work. @Lidor's answer will 5 work, but he has fully re-implemented the 4 permission_required function.

Here is a simpler way:

@login_required
@permission_required('hi there', raise_exception=True)
def blah(request):
    pass

With this, if 3 the user is not logged in, they will be 2 redirected. If they are but they don't have 1 permissions, they will be down an error.

I had the same problem but learned about 7 raise_exception parameter at the @permission_required decorator! this parameter 6 is False by default, but once you pass it the 5 True value, it will automatically redirect the 4 without permission user to the 403.html page! (if 3 there was any 403.html page in the root of your 2 project, otherwise shows the server 403 1 forbidden page! read more in Django docs here

@permission_required('app_name.view_model', raise_exception=True)
    def some_model_view(request):
        ...

You can write your own decorator to replace 5 django's permission_required decorator:

from django.utils import six
from django.core.exceptions import PermissionDenied
from django.contrib.auth.decorators import user_passes_test

def permission_required(perm, login_url=None, raise_exception=True):
    def check_perms(user):
        if isinstance(perm, six.string_types):
            perms = (perm, )
        else:
            perms = perm
        if user.has_perms(perms):
            return True
        if raise_exception and user.pk:
            raise PermissionDenied
        return False
    return user_passes_test(check_perms, login_url=login_url)

And use it the same 4 way:

@permission_required('app.permission')
def view_page(request):
    # your view function

Logged in users with no permission will 3 get a 403 forbidden error. Those who are 2 not logged in will be redirected to the 1 login page.