'permission_required' fails on anonymous view callbacks

[vakorol]

rules.contrib.views.permission_required fails with AttributeError: 'functools.partial' object has no attribute '__name__', if it is applied to an anonymous partial function. Such situation may occur, when, for example, Sentry SDK is used in a Django project.

Maybe permission_required shouldn't always rely on view_func.__name__?

[dfunckt]

I suppose it could drop the __name__ requirement but this is arguably a bug in Sentry as it isn't fully wrapping the function it's decorating and it should be reported there.

[vakorol]

I agree, but I can also imagine other middleware triggering this issue, which, btw, can be quite a pain to debug. Maybe django-rules can act smartly to prevent such problems?

[dfunckt]

Acting smartly to prevent problems that arise from external code that breaks standard functionality is a non-goal for rules. I don't think we should stop relying on standard functionality because there's a package out there that breaks it when used.

rules uses the function name to help you fix misconfiguration and that is useful. IIRC I copied that code over from Django in order to preserve the semantics but it has since moved on and it appears it isn't warning at that point anymore either because it's detecting misconfiguration elsewhere or it's not needed anymore. If you could rewrite rules' decorator in terms on Django's user_passes_test and behave exactly like its permission_required decorator, I'd be happy to accept a PR.

[AaronTorgerson]

Turns out sentry-python fixed this issue in 1.5.8 (PR). I agree with the sentiment that django-rules ought not to code defensively for other packages breaking standard functionality. 👍

[federicobond]

Closing as this issue appears fixed.