py_tasks_melange: app/soc/views/helper/access.py@e71b20847eb0 (annotated)

293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	1	#!/usr/bin/python2.5
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	2	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	3	# Copyright 2008 the Melange authors.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	4	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	5	# Licensed under the Apache License, Version 2.0 (the "License");
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	6	# you may not use this file except in compliance with the License.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	7	# You may obtain a copy of the License at
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	8	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	9	# http://www.apache.org/licenses/LICENSE-2.0
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	10	#
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	11	# Unless required by applicable law or agreed to in writing, software
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	12	# distributed under the License is distributed on an "AS IS" BASIS,
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	13	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	14	# See the License for the specific language governing permissions and
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	15	# limitations under the License.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	16
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	17	"""Access control helper.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	18
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	19	The functions in this module can be used to check access control
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	20	related requirements. When the specified required conditions are not
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	21	met, an exception is raised. This exception contains a views that
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	22	either prompts for authentication, or informs the user that they
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	23	do not meet the required criteria.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	24	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	25
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	26	__authors__ = [
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	27	'"Todd Larsen" <tlarsen@google.com>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	28	'"Sverre Rabbelier" <sverre@rabbelier.nl>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	29	'"Pawel Solyga" <pawel.solyga@gmail.com>',
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	30	]
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	31
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	32
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	33	from google.appengine.api import users
315 c4f1a07ee340 Add missing blank lines between imports in access.py module. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 309 diff changeset	34
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	35	from django.utils.translation import ugettext_lazy
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	36
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	37	from soc.logic import accounts
709 e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	38	from soc.logic.models import host as host_logic
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	39	from soc.logic.models import user as user_logic
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	40	from soc.logic.models import request as request_logic
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	41	from soc.views import helper
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	42	from soc.views import out_of_band
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	43
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	44
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	45	DEF_NO_USER_LOGIN_MSG_FMT = ugettext_lazy(
446 0b479d573a4c Refactoring of {site/home}_settings to make them use base.View Sverre Rabbelier <srabbelier@gmail.com> parents: 389 diff changeset	46	'Please create <a href="/user/edit">User Profile</a>'
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	47	' in order to view this page.')
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	48
320 a0a86306e7f6 Some indentations fixes and ugettext_lazy() wrap up for DEF_DEV_LOGOUT_LOGIN_MSG_FMT in access.py. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 315 diff changeset	49	DEF_DEV_LOGOUT_LOGIN_MSG_FMT = ugettext_lazy(
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	50	'Please <a href="%%(sign_out)s">sign out</a>'
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	51	' and <a href="%%(sign_in)s">sign in</a>'
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	52	' again as %(role)s to view this page.')
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	53
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	54	DEF_PAGE_DENIED_MSG = ugettext_lazy(
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	55	'Access to this page has been restricted')
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	56
590 37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	57	DEF_LOGOUT_MSG_FMT = ugettext_lazy(
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	58	'Please <a href="%(sign_out)s">sign out</a> in order to view this page')
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	59
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	60
612 3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	61	def checkAccess(access_type, request, rights):
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	62	"""Runs all the defined checks for the specified type.
612 3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	63
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	64	Args:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	65	access_type: the type of request (such as 'list' or 'edit')
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	66	request: the Django request object
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	67	rights: a dictionary containing access check functions
612 3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	68
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	69	Rights usage:
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	70	The rights dictionary is used to check if the current user is allowed
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	71	to view the page specified. The functions defined in this dictionary
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	72	are always called with the django request object as argument. On any
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	73	request, regardless of what type, the functions in the 'any_access' value
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	74	are called. If the specified type is not in the rights dictionary, all
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	75	the functions in the 'unspecified' value are called. When the specified
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	76	type _is_ in the rights dictionary, all the functions in that access_type's
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	77	value are called.
612 3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	78
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	79	Returns:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	80	True: If all the required access checks have been made successfully
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	81	False: If a check failed, in this case self._response will contain
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	82	the response provided by the failed access check.
612 3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	83	"""
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	84
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	85	# Call each access checker
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	86	for check in rights['any_access']:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	87	check(request)
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	88
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	89	if access_type not in rights:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	90	for check in rights['unspecified']:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	91	# No checks defined, so do the 'generic' checks and bail out
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	92	check(request)
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	93	return
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	94
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	95	for check in rights[access_type]:
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	96	check(request)
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	97
3cca81b1e5a1 Moved checkAccess and getCleanedFields into access and forms Sverre Rabbelier <srabbelier@gmail.com> parents: 590 diff changeset	98
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	99	def allow(request):
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	100	"""Never returns an alternate HTTP response.
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	101
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	102	Args:
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	103	request: a Django HTTP request
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	104	"""
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	105
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	106	return
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	107
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	108	def deny(request):
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	109	"""Returns an alternate HTTP response.
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	110
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	111	Args:
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	112	request: a Django HTTP request
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	113
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	114	Returns:
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	115	a subclass of django.http.HttpResponse which contains the
1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	116	alternate response that should be returned by the calling view.
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	117	"""
2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	118
709 e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	119	context = {}
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	120	context['title'] = 'Access denied'
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	121
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	122	raise out_of_band.AccessViolation(DEF_PAGE_DENIED_MSG, context=context)
508 2b90baceac88 Add a access.deny and access.allow method Sverre Rabbelier <srabbelier@gmail.com> parents: 481 diff changeset	123
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	124
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	125	def checkIsLoggedIn(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	126	"""Returns an alternate HTTP response if Google Account is not logged in.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	127
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	128	Args:
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	129	request: a Django HTTP request
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	130
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	131	Raises:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	132	AccessViolationResponse: if the required authorization is not met
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	133
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	134	Returns:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	135	None if the user is logged in, or a subclass of
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	136	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	137	that should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	138	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	139
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	140	if users.get_current_user():
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	141	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	142
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	143	raise out_of_band.LoginRequest()
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	144
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	145
590 37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	146	def checkNotLoggedIn(request):
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	147	"""Returns an alternate HTTP response if Google Account is not logged in.
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	148
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	149	Args:
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	150	request: a Django HTTP request
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	151
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	152	Raises:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	153	AccessViolationResponse: if the required authorization is not met
590 37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	154
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	155	Returns:
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	156	None if the user is logged in, or a subclass of
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	157	django.http.HttpResponse which contains the alternate response
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	158	that should be returned by the calling view.
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	159	"""
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	160
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	161	if not users.get_current_user():
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	162	return
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	163
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	164	raise out_of_band.LoginRequest(message_fmt=DEF_LOGOUT_MSG_FMT)
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	165
37735d97b541 Created a seperate module for editSelf things Sverre Rabbelier <srabbelier@gmail.com> parents: 543 diff changeset	166
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	167	def checkIsUser(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	168	"""Returns an alternate HTTP response if Google Account has no User entity.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	169
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	170	Args:
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	171	request: a Django HTTP request
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	172
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	173	Raises:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	174	AccessViolationResponse: if the required authorization is not met
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	175
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	176	Returns:
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	177	None if User exists for a Google Account, or a subclass of
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	178	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	179	should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	180	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	181
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	182	checkIsLoggedIn(request)
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	183
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	184	user = user_logic.logic.getForFields(
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	185	{'account': users.get_current_user()}, unique=True)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	186
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	187	if user:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	188	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	189
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	190	raise out_of_band.LoginRequest(message_fmt=DEF_NO_USER_LOGIN_MSG_FMT)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	191
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	192
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	193	def checkIsDeveloper(request):
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	194	"""Returns an alternate HTTP response if Google Account is not a Developer.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	195
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	196	Args:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	197	request: a Django HTTP request
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	198
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	199	Raises:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	200	AccessViolationResponse: if the required authorization is not met
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	201
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	202	Returns:
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	203	None if Google Account is logged in and logged-in user is a Developer,
94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	204	or a subclass of django.http.HttpResponse which contains the alternate
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	205	response should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	206	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	207
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	208	checkIsUser(request)
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	209
481 94834a1e6c01 Attempt to rename User.id to User.account, in preparation for making User be Todd Larsen <tlarsen@google.com> parents: 448 diff changeset	210	if accounts.isDeveloper(account=users.get_current_user()):
699 4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	211	return
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	212
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	213	login_message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	214	'role': 'a site developer '}
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	215
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	216	raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	217
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	218
709 e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	219	def checkIsHost(request):
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	220	"""Returns an alternate HTTP response if Google Account has no Host entity
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	221	for the specified program.
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	222
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	223	Args:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	224	request: a Django HTTP request
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	225
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	226	Raises:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	227	AccessViolationResponse: if the required authorization is not met
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	228
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	229	Returns:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	230	None if Host exists for the specified program, or a subclass of
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	231	django.http.HttpResponse which contains the alternate response
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	232	should be returned by the calling view.
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	233	"""
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	234
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	235	try:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	236	# if the current user is a developer we allow access
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	237	checkIsInvited(request)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	238	return
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	239	except out_of_band.Error:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	240	pass
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	241
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	242	checkIsUser(request)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	243
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	244	user = user_logic.logic.getForFields(
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	245	{'account': users.get_current_user()}, unique=True)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	246
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	247	host = host_logic.logic.getForFields(
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	248	{'user': user}, unique=True)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	249
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	250	if host:
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	251	return
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	252
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	253	login_message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	254	'role': 'a host '}
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	255
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	256	raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	257
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	258
617 9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	259	def checkIsInvited(request):
389 9b873166d7d5 Fix identions, too long lines, unused imports and some other mistakes. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 361 diff changeset	260	"""Returns an alternate HTTP response if Google Account has no Host entity
9b873166d7d5 Fix identions, too long lines, unused imports and some other mistakes. Pawel Solyga <Pawel.Solyga@gmail.com> parents: 361 diff changeset	261	for the specified program.
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	262
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	263	Args:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	264	request: a Django HTTP request
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	265
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	266	Raises:
639 1f92bd41b914 Some docstring fixes in few modules (soc.views.helper soc.views.models.base). Pawel Solyga <Pawel.Solyga@gmail.com> parents: 633 diff changeset	267	AccessViolationResponse: if the required authorization is not met
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	268
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	269	Returns:
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	270	None if Host exists for the specified program, or a subclass of
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	271	django.http.HttpResponse which contains the alternate response
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	272	should be returned by the calling view.
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	273	"""
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	274
633 899ec5d546bd Allow developers access to anything that does a checkIsInvited. Lennard de Rijk <ljvderijk@gmail.com> parents: 617 diff changeset	275	try:
899ec5d546bd Allow developers access to anything that does a checkIsInvited. Lennard de Rijk <ljvderijk@gmail.com> parents: 617 diff changeset	276	# if the current user is a developer we allow access
709 e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	277	checkIsDeveloper(request)
633 899ec5d546bd Allow developers access to anything that does a checkIsInvited. Lennard de Rijk <ljvderijk@gmail.com> parents: 617 diff changeset	278	return
899ec5d546bd Allow developers access to anything that does a checkIsInvited. Lennard de Rijk <ljvderijk@gmail.com> parents: 617 diff changeset	279	except out_of_band.Error:
899ec5d546bd Allow developers access to anything that does a checkIsInvited. Lennard de Rijk <ljvderijk@gmail.com> parents: 617 diff changeset	280	pass
709 e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	281
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	282	checkIsUser(request)
e71b20847eb0 Add checkIsHost in access Sverre Rabbelier <srabbelier@gmail.com> parents: 699 diff changeset	283
617 9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	284	login_message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	285	'role': 'a host for this program'}
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	286
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	287	splitpath = request.path.split('/')
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	288
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	289	if len(splitpath) < 4:
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	290	# TODO: perhaps this needs a better explanation?
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	291	deny(request)
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	292
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	293	role = splitpath[1]
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	294	group_id = splitpath[3]
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	295	user_id = splitpath[4]
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	296
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	297	user = user_logic.logic.getForFields(
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	298	{'account': users.get_current_user()}, unique=True)
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	299
617 9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	300	if user_id != user.link_id:
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	301	# TODO: perhaps this needs a better explanation?
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	302	deny(request)
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	303
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	304	properties = {
617 9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	305	'link_id': user_id,
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	306	'role': role,
617 9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	307	'scope_path': group_id,
9cc42981d40a Now invited users can create a new Host profile Sverre Rabbelier <srabbelier@gmail.com> parents: 612 diff changeset	308	'group_accepted': True,
525 1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	309	}
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	310
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	311	request = request_logic.logic.getForFields(properties, unique=True)
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	312
1dc62d570eff Created a checkIsInvited method Sverre Rabbelier <srabbelier@gmail.com> parents: 508 diff changeset	313	if request:
293 1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	314	return
1edd01373e71 Add an access control module Sverre Rabbelier <srabbelier@gmail.com> parents: diff changeset	315
543 280a1ac6bcc1 Merge soc/logic/out_of_band.py into soc/views/out_of_band.py. Merge Todd Larsen <tlarsen@google.com> parents: 525 diff changeset	316	raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
699 4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	317
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	318
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	319	def checkIsDocumentPublic(request):
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	320	"""Checks whether a document is public
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	321
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	322	Args:
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	323	request: a Django HTTP request
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	324	"""
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	325
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	326	# TODO: A proper check needs to be done to see if the document
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	327	# is public or not, probably involving analysing it's scope or such.
4e8eefe95748 Add and use a placeholder for checkIsDocumentPublic Sverre Rabbelier <srabbelier@gmail.com> parents: 639 diff changeset	328	allow(request)

author	Sverre Rabbelier <srabbelier@gmail.com>
	Sun, 07 Dec 2008 19:02:02 +0000
changeset 709	e71b20847eb0
parent 699	4e8eefe95748
child 713	bcd480745f44
permissions	-rw-r--r--