1577 self.checkMembership('read', survey.prefix, |
1577 self.checkMembership('read', survey.prefix, |
1578 survey.read_access, django_args) |
1578 survey.read_access, django_args) |
1579 |
1579 |
1580 @denySidebar |
1580 @denySidebar |
1581 @allowDeveloper |
1581 @allowDeveloper |
|
1582 def checkIsMySurveyRecord(self, django_args, survey_logic, id_field): |
|
1583 """Checks if the SurveyRecord given in the GET arguments as id_field is |
|
1584 from the current user. |
|
1585 |
|
1586 Args: |
|
1587 django_args: a dictionary with django's arguments |
|
1588 survey_logic: Survey Logic which contains the needed Record logic |
|
1589 id_field: name of the field in the GET dictionary that contains the Record ID. |
|
1590 |
|
1591 Raises: |
|
1592 AccesViolation if: |
|
1593 - There is no valid numeric record ID present in the GET dict |
|
1594 - There is no SurveyRecord with the found ID |
|
1595 - The SurveyRecord has not been taken by the current user |
|
1596 """ |
|
1597 |
|
1598 self.checkIsUser(django_args) |
|
1599 user_entity = self.user |
|
1600 |
|
1601 get_dict = django_args['GET'] |
|
1602 record_id = get_dict.get(id_field) |
|
1603 |
|
1604 if not record_id or not record_id.isdigit(): |
|
1605 raise out_of_band.AccessViolation( |
|
1606 message_fmt='No valid numeric record ID given') |
|
1607 else: |
|
1608 record_id = int(record_id) |
|
1609 |
|
1610 record_logic = survey_logic.getRecordLogic() |
|
1611 record_entity = record_logic.getFromIDOr404(record_id) |
|
1612 |
|
1613 if record_entity.user.key() != user_entity.key(): |
|
1614 raise out_of_band.AccessViolation( |
|
1615 message_fmt='This is not your SurveyRecord') |
|
1616 |
|
1617 @denySidebar |
|
1618 @allowDeveloper |
1582 def checkIsSurveyWritable(self, django_args, survey_logic, |
1619 def checkIsSurveyWritable(self, django_args, survey_logic, |
1583 key_name_field=None): |
1620 key_name_field=None): |
1584 """Checks whether a survey is writable. |
1621 """Checks whether a survey is writable. |
1585 |
1622 |
1586 Args: |
1623 Args: |