38 |
38 |
39 from soc.logic import accounts |
39 from soc.logic import accounts |
40 from soc.logic import dicts |
40 from soc.logic import dicts |
41 from soc.logic.models import host as host_logic |
41 from soc.logic.models import host as host_logic |
42 from soc.logic.models import notification as notification_logic |
42 from soc.logic.models import notification as notification_logic |
|
43 from soc.logic.models import group_app as group_app_logic |
43 from soc.logic.models import user as user_logic |
44 from soc.logic.models import user as user_logic |
44 from soc.logic.models import request as request_logic |
45 from soc.logic.models import request as request_logic |
45 from soc.views import helper |
46 from soc.views import helper |
46 from soc.views import out_of_band |
47 from soc.views import out_of_band |
47 |
48 |
361 return None |
362 return None |
362 |
363 |
363 # TODO(ljvderijk) Make this give a proper error message |
364 # TODO(ljvderijk) Make this give a proper error message |
364 deny(request) |
365 deny(request) |
365 |
366 |
|
367 def checkIsMyApplication(request): |
|
368 """Returns an alternate HTTP response if this request is for a Notification belonging |
|
369 to the current user. |
|
370 |
|
371 Args: |
|
372 request: a Django HTTP request |
|
373 |
|
374 Raises: |
|
375 AccessViolationResponse: if the required authorization is not met |
|
376 |
|
377 Returns: |
|
378 None if the current User is allowed to access this Notification. |
|
379 """ |
|
380 |
|
381 try: |
|
382 # if the current user is a developer we allow access |
|
383 checkIsDeveloper(request) |
|
384 return |
|
385 except out_of_band.Error: |
|
386 pass |
|
387 |
|
388 checkIsUser(request) |
|
389 |
|
390 # Mine the url for params |
|
391 try: |
|
392 callback, args, kwargs = urlresolvers.resolve(request.path) |
|
393 except Exception: |
|
394 deny(request) |
|
395 |
|
396 properties = dicts.filter(kwargs, ['link_id']) |
|
397 |
|
398 application = group_app_logic.logic.getForFields(properties, unique=True) |
|
399 user = user_logic.logic.getForCurrentAccount() |
|
400 |
|
401 # We need to check to see if the key's are equal since the User |
|
402 # objects are different and the default __eq__ method does not check |
|
403 # if the keys are equal (which is what we want). |
|
404 if user.key() == application.applicant.key(): |
|
405 return None |
|
406 |
|
407 # TODO(srabbelier) Make this give a proper error message |
|
408 deny(request) |
|
409 |
|
410 |
366 def checkCanInvite(request): |
411 def checkCanInvite(request): |
367 """Checks to see if the current user can create an invite. |
412 """Checks to see if the current user can create an invite. |
368 |
413 |
369 Note that if the current url is not in the default 'request' form |
414 Note that if the current url is not in the default 'request' form |
370 this method either deny()s or performs the wrong access check. |
415 this method either deny()s or performs the wrong access check. |