diff --git a/authlib/permissions.py b/authlib/permissions.py index 3645445..46d0b61 100644 --- a/authlib/permissions.py +++ b/authlib/permissions.py @@ -1,10 +1,10 @@ from fnmatch import fnmatch -from functools import partial from django import forms from django.conf import settings from django.core.exceptions import PermissionDenied from django.db import models +from django.utils.module_loading import import_string from django.utils.translation import gettext_lazy as _ @@ -21,15 +21,17 @@ def allow_deny_globs(user, perm, obj, allow=(), deny=()): }, "deny_admin": { "title": _("deny accounts"), - "callback": partial( - allow_deny_globs, - allow=["*"], - deny=[ - "auth.*", - "admin_sso.*", - "accounts.*", - "little_auth.*", - ], + "callback": ( + "authlib.permissions.allow_deny_globs", + { + "allow": ["*"], + "deny": [ + "auth.*", + "admin_sso.*", + "accounts.*", + "little_auth.*", + ], + }, ), }, } @@ -59,5 +61,6 @@ class Meta: abstract = True def _role_has_perm(self, *, perm, obj): - if callback := AUTHLIB_ROLES[self.role].get("callback"): - return self.is_active and callback(user=self, perm=perm, obj=obj) + if cb := AUTHLIB_ROLES[self.role].get("callback"): + callback = import_string(cb[0]) + return self.is_active and callback(user=self, perm=perm, obj=obj, **cb[1])