Mercurial Mercurial > py_tasks_melange / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/soc/views/helper/access.py
changeset 882 267e31f1a0b6
parent 872 70e0b6d8ff73
child 884 ded4850776c8
equal deleted inserted replaced
881:1ad41c8d05e9 882:267e31f1a0b6 
    38 
    38 
    39 from soc.logic import accounts
 
    39 from soc.logic import accounts
 
    40 from soc.logic import dicts
 
    40 from soc.logic import dicts
 
    41 from soc.logic.models import host as host_logic
 
    41 from soc.logic.models import host as host_logic
 
    42 from soc.logic.models import notification as notification_logic
 
    42 from soc.logic.models import notification as notification_logic
 
    43 from soc.logic.models import group_app  as group_app_logic
 
    43 from soc.logic.models import club_app  as club_app_logic
 
    44 from soc.logic.models import user as user_logic
 
    44 from soc.logic.models import user as user_logic
 
    45 from soc.logic.models import request as request_logic
 
    45 from soc.logic.models import request as request_logic
 
    46 from soc.views import helper
 
    46 from soc.views import helper
 
    47 from soc.views import out_of_band
 
    47 from soc.views import out_of_band
 
    48 
    48 
   388       'reviewed': True,
 
   388       'reviewed': True,
 
   389       'accepted': True,
 
   389       'accepted': True,
 
   390       'application_completed': False,
 
   390       'application_completed': False,
 
   391       }
 
   391       }
 
   392 
   392 
   393   group_app = group_app_logic.logic.getForFields(properties, unique=True)
 
   393   club_app = club_app_logic.logic.getForFields(properties, unique=True)
 
   394 
   394 
   395   if group_app:
 
   395   if club_app:
 
   396     return
 
   396     return
 
   397 
   397 
   398   # TODO(srabbelier) Make this give a proper error message
 
   398   # TODO(srabbelier) Make this give a proper error message
 
   399   deny(request, args, kwargs)
 
   399   deny(request, args, kwargs)
 
   400 
   400 
   441 
   441 
   442   # TODO(ljvderijk) Make this give a proper error message
 
   442   # TODO(ljvderijk) Make this give a proper error message
 
   443   deny(request, args, kwargs)
 
   443   deny(request, args, kwargs)
 
   444 
   444 
   445 
   445 
   446 def checkIsMyApplication(request, args, kwargs):
 
   446 def checkIsMyApplication(app_logic):
 
   447   """Returns an alternate HTTP response if this request is for a Application belonging
 
   447   """Returns an alternate HTTP response if this request is for a Application belonging
 
   448      to the current user.
 
   448      to the current user.
 
   449 
   449 
   450   Args:
 
   450   Args:
 
   451     request: a Django HTTP request
 
   451     request: a Django HTTP request
 
   454      AccessViolationResponse: if the required authorization is not met
 
   454      AccessViolationResponse: if the required authorization is not met
 
   455 
   455 
   456   Returns:
 
   456   Returns:
 
   457     None if the current User is allowed to access this Application.
 
   457     None if the current User is allowed to access this Application.
 
   458   """
 
   458   """
 
   459   
   459 
   460   try:
 
   460   def wrapper(request, args, kwargs):
 
   461     # if the current user is a developer we allow access
 
   461     try:
 
   462     checkIsDeveloper(request, args, kwargs)
 
   462       # if the current user is a developer we allow access
 
   463     return
 
   463       checkIsDeveloper(request, args, kwargs)
 
   464   except out_of_band.Error:
 
   464       return
 
   465     pass
 
   465     except out_of_band.Error:
 
   466 
   466       pass
 
   467   checkIsUser(request, args, kwargs)
 
   467 
   468 
   468     checkIsUser(request, args, kwargs)
 
   469   # Mine the url for params
 
   469 
   470   try:
 
   470     properties = dicts.filter(kwargs, ['link_id'])
 
   471     callback, args, kwargs = urlresolvers.resolve(request.path)
 
   471 
   472   except Exception:
 
   472     application = app_logic.logic.getForFields(properties, unique=True)
 
       
   473     user = user_logic.logic.getForCurrentAccount()
 
       
   474 
       
   475     # We need to check to see if the key's are equal since the User
 
       
   476     # objects are different and the default __eq__ method does not check
 
       
   477     # if the keys are equal (which is what we want).
 
       
   478     if user.key() == application.applicant.key():
 
       
   479       return None
 
       
   480 
       
   481     # TODO(srabbelier) Make this give a proper error message
 
   473     deny(request, args, kwargs)
 
   482     deny(request, args, kwargs)
 
   474 
   483 
   475   properties = dicts.filter(kwargs, ['link_id'])
 
   484   return wrapper
 
   476 
       
   477   application = group_app_logic.logic.getForFields(properties, unique=True)
 
       
   478   user = user_logic.logic.getForCurrentAccount()
 
       
   479 
       
   480   # We need to check to see if the key's are equal since the User
 
       
   481   # objects are different and the default __eq__ method does not check
 
       
   482   # if the keys are equal (which is what we want).
 
       
   483   if user.key() == application.applicant.key():
 
       
   484     return None
 
       
   485 
       
   486   # TODO(srabbelier) Make this give a proper error message
 
       
   487   deny(request, args, kwargs)
 
       
   488 
   485 
   489 
   486 
   490 def checkCanInvite(request, args, kwargs):
 
   487 def checkCanInvite(request, args, kwargs):
 
   491   """Checks to see if the current user can create an invite.
 
   488   """Checks to see if the current user can create an invite.
 
   492 
   489
py_tasks_melange