py_tasks_melange: app/soc/views/helper/access.py@e30462354e26 (annotated)

293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	1	#!/usr/bin/python2.5
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	2	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	3	# Copyright 2008 the Melange authors.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	4	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	5	# Licensed under the Apache License, Version 2.0 (the "License");
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	6	# you may not use this file except in compliance with the License.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	7	# You may obtain a copy of the License at
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	8	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	9	# http://www.apache.org/licenses/LICENSE-2.0
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	10	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	11	# Unless required by applicable law or agreed to in writing, software
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	12	# distributed under the License is distributed on an "AS IS" BASIS,
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	13	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	14	# See the License for the specific language governing permissions and
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	15	# limitations under the License.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	16
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	17	"""Access control helper.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	18
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	19	The functions in this module can be used to check access control
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	20	related requirements. When the specified required conditions are not
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	21	met, an exception is raised. This exception contains a views that
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	22	either prompts for authentication, or informs the user that they
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	23	do not meet the required criteria.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	24	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	25
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	26	__authors__ = [
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	27	'"Todd Larsen" <tlarsen@google.com>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	28	'"Sverre Rabbelier" <sverre@rabbelier.nl>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	29	'"Pawel Solyga" <pawel.solyga@gmail.com>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	30	]
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	31
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	32
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	33	from google.appengine.api import users
315 c4f1a07ee340 Add missing blank lines between imports in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 309 diff changeset	34
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	35	from django.utils.translation import ugettext_lazy
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	36
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	37	from soc.logic import accounts
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	38	from soc.logic.models import user as user_logic
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	39	from soc.logic.models import request as request_logic
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	40	from soc.views import helper
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	41	from soc.views.simple import requestLogin
315 c4f1a07ee340 Add missing blank lines between imports in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 309 diff changeset	42
304 812abb9a7e3b Missing changes to soc.views.helper.access Sverre Rabbelier <srabbelier@gmail.com> parents: 303 diff changeset	43	import soc.views.out_of_band
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	44
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	45
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	46	DEF_LOGIN_TMPL = 'soc/login.html'
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	47
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	48	DEF_LOGIN_MSG_FMT = ugettext_lazy(
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	49	'Please <a href="%(sign_in)s">sign in</a> to continue.')
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	50
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	51	DEF_NO_USER_LOGIN_MSG_FMT = ugettext_lazy(
446 0b479d573a4c Refactoring of {site/home}_settings to make them use base.View Sverre Rabbelier <srabbelier@gmail.com> parents: 389 diff changeset	52	'Please create <a href="/user/edit">User Profile</a>'
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	53	' in order to view this page.')
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	54
320 a0a86306e7f6 Some indentations fixes and ugettext_lazy() wrap up for DEF_DEV_LOGOUT_LOGIN_MSG_FMT in access.py. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 315 diff changeset	55	DEF_DEV_LOGOUT_LOGIN_MSG_FMT = ugettext_lazy(
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	56	'Please <a href="%%(sign_out)s">sign out</a>'
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	57	' and <a href="%%(sign_in)s">sign in</a>'
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	58	' again as %(role)s to view this page.')
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	59
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	60	DEF_PAGE_DENIED_MSG = ugettext_lazy(
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	61	'Access to this page has been restricted')
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	62
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	63
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	64	def allow(request):
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	65	"""Never returns an alternate HTTP response
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	66
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	67	Args:
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	68	request: a django HTTP request
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	69	"""
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	70
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	71	return
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	72
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	73	def deny(request):
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	74	"""Returns an alternate HTTP response
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	75
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	76	Args:
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	77	request: a django HTTP request
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	78
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	79	Returns: a subclass of django.http.HttpResponse which contains the
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	80	alternate response that should be returned by the calling view.
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	81	"""
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	82
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	83	context = helper.responses.getUniversalContext(request)
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	84	context['login_title'] = 'Access denied'
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	85	context['login_header'] = 'Access denied'
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	86	context['login_message'] = DEF_PAGE_DENIED_MSG
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	87
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	88	denied_response = helper.responses.respond(request, DEF_LOGIN_TMPL, context=context)
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	89
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	90	raise soc.views.out_of_band.AccessViolationResponse(denied_response)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	91
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	92	def checkIsLoggedIn(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	93	"""Returns an alternate HTTP response if Google Account is not logged in.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	94
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	95	Args:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	96	request: A Django HTTP request
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	97
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	98	Raises:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	99	AccessViolationResponse: If the required authorization is not met.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	100
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	101	Returns:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	102	None if the user is logged in, or a subclass of
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	103	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	104	that should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	105	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	106
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	107	if users.get_current_user():
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	108	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	109
361 465e4df617de Make page argument required for errorResponse and requestLogin functions in simple.py and update affected files. Some keyword argument changes to in user/profile.py. All the changes are based on comments to r817. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 357 diff changeset	110	login_response = requestLogin(request, None, DEF_LOGIN_TMPL,
357 9bd78a5073c2 Some indention fixes in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 356 diff changeset	111	login_message_fmt=DEF_LOGIN_MSG_FMT)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	112
356 9218691183a6 Change name of login_request variable in access.py module to login_response. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 321 diff changeset	113	raise soc.views.out_of_band.AccessViolationResponse(login_response)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	114
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	115
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	116	def checkIsUser(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	117	"""Returns an alternate HTTP response if Google Account has no User entity.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	118
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	119	Args:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	120	request: A Django HTTP request
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	121
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	122	Raises:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	123	AccessViolationResponse: If the required authorization is not met.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	124
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	125	Returns:
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	126	None if User exists for a Google Account, or a subclass of
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	127	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	128	should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	129	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	130
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	131	checkIsLoggedIn(request)
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	132
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	133	user = user_logic.logic.getForFields(
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	134	{'account': users.get_current_user()}, unique=True)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	135
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	136	if user:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	137	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	138
361 465e4df617de Make page argument required for errorResponse and requestLogin functions in simple.py and update affected files. Some keyword argument changes to in user/profile.py. All the changes are based on comments to r817. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 357 diff changeset	139	login_response = requestLogin(request, None, DEF_LOGIN_TMPL,
357 9bd78a5073c2 Some indention fixes in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 356 diff changeset	140	login_message_fmt=DEF_NO_USER_LOGIN_MSG_FMT)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	141
356 9218691183a6 Change name of login_request variable in access.py module to login_response. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 321 diff changeset	142	raise soc.views.out_of_band.AccessViolationResponse(login_response)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	143
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	144
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	145	def checkIsDeveloper(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	146	"""Returns an alternate HTTP response if Google Account is not a Developer.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	147
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	148	Args:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	149	request: A Django HTTP request
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	150
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	151	Raises:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	152	AccessViolationResponse: If the required authorization is not met.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	153
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	154	Returns:
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	155	None if Google Account is logged in and logged-in user is a Developer,
94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	156	or a subclass of django.http.HttpResponse which contains the alternate
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	157	response should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	158	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	159
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	160	checkIsUser(request)
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	161
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	162	if accounts.isDeveloper(account=users.get_current_user()):
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	163	return None
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	164
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	165	login_message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	166	'role' : 'a site developer ',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	167	}
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	168
361 465e4df617de Make page argument required for errorResponse and requestLogin functions in simple.py and update affected files. Some keyword argument changes to in user/profile.py. All the changes are based on comments to r817. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 357 diff changeset	169	login_response = requestLogin(request, None, DEF_LOGIN_TMPL,
357 9bd78a5073c2 Some indention fixes in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 356 diff changeset	170	login_message_fmt=login_message_fmt)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	171
356 9218691183a6 Change name of login_request variable in access.py module to login_response. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 321 diff changeset	172	raise soc.views.out_of_band.AccessViolationResponse(login_response)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	173
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	174
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	175	def checkIsInvited(request, role):
389 9b873166d7d5 Fix identions, too long lines, unused imports and some other mistakes. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 361 diff changeset	176	"""Returns an alternate HTTP response if Google Account has no Host entity
9b873166d7d5 Fix identions, too long lines, unused imports and some other mistakes. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 361 diff changeset	177	for the specified program.
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	178
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	179	Args:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	180	request: A Django HTTP request
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	181
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	182	Raises:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	183	AccessViolationResponse: If the required authorization is not met.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	184
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	185	Returns:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	186	None if Host exists for the specified program, or a subclass of
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	187	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	188	should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	189	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	190
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	191	checkIsUser(request)
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	192
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	193	user = user_logic.logic.getForFields(
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	194	{'account': users.get_current_user()}, unique=True)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	195
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	196	properties = {
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	197	'requester': user,
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	198	'role': role,
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	199	'accepted': True,
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	200	}
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	201
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	202	request = request_logic.logic.getForFields(properties, unique=True)
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	203
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	204	if request:
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	205	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	206
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	207	login_message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	208	'role' : 'a host for this program',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	209	}
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	210
361 465e4df617de Make page argument required for errorResponse and requestLogin functions in simple.py and update affected files. Some keyword argument changes to in user/profile.py. All the changes are based on comments to r817. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 357 diff changeset	211	login_response = requestLogin(request, None, DEF_LOGIN_TMPL,
357 9bd78a5073c2 Some indention fixes in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 356 diff changeset	212	login_message_fmt=login_message_fmt)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	213
356 9218691183a6 Change name of login_request variable in access.py module to login_response. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 321 diff changeset	214	raise soc.views.out_of_band.AccessViolationResponse(login_response)

author	Sverre Rabbelier <srabbelier@gmail.com>
	Fri, 21 Nov 2008 23:45:37 +0000
changeset 539	e30462354e26
parent 525	1dc62d570eff
child 543	280a1ac6bcc1
permissions	-rw-r--r--