In my Django application, I have certain permissions which users need in order to access certain views (using django.contrib.auth
). This works fine, using the @permission_required
decorator on my view functions.
However, some of my URLs resolve to views which I did not write, such as the built-in django.contrib.auth.views.password_change
, as in the following urls.py
:
urlpatterns = patterns(
(r'^$', "users.views.index"),
(r'^password_change/$', 'django.contrib.auth.views.password_change'))
In this instance, I have nowhere to apply my @permission_required
decorator -- or do I? Is there any way to apply a permissions restriction at the URL dispatcher level?