py_tasks_melange: comparison app/soc/views/helper/access.py

equal deleted inserted replaced

-:73a9bc6a85d9
+:6b65707f4248
 '"Lennard de Rijk" <ljvderijk@gmail.com>',
 '"Pawel Solyga" <pawel.solyga@gmail.com>',
 ]
-from google.appengine.api import users
 from google.appengine.api import memcache
-from django.core import urlresolvers
 from django.utils.translation import ugettext
-from soc.logic import accounts
 from soc.logic import dicts
 from soc.logic import rights as rights_logic
 from soc.logic.helper import timeline as timeline_helper
 from soc.logic.models.club_admin import logic as club_admin_logic
 from soc.logic.models.club_member import logic as club_member_logic
 from soc.logic.models.document import logic as document_logic
 from soc.logic.models.host import logic as host_logic
 from soc.logic.models.mentor import logic as mentor_logic
-from soc.logic.models.notification import logic as notification_logic
 from soc.logic.models.org_admin import logic as org_admin_logic
 from soc.logic.models.organization import logic as org_logic
 from soc.logic.models.program import logic as program_logic
 from soc.logic.models.request import logic as request_logic
 from soc.logic.models.role import logic as role_logic
 from soc.logic.models.student import logic as student_logic
 from soc.logic.models.student_proposal import logic as student_proposal_logic
 from soc.logic.models.timeline import logic as timeline_logic
 from soc.logic.models.user import logic as user_logic
 from soc.views.helper import redirects
-from soc.views import helper
 from soc.views import out_of_band
-DEF_NO_USER_LOGIN_MSG= ugettext(
+DEF_NO_USER_LOGIN_MSG = ugettext(
 'Please create <a href="/user/create_profile">User Profile</a>'
 ' in order to view this page.')
 DEF_AGREE_TO_TOS_MSG_FMT = ugettext(
 'You must agree to the <a href="%(tos_link)s">site-wide Terms of'
 'There is no application that would allow you to visit this page.')
 DEF_NEED_PICK_ARGS_MSG = ugettext(
 'The "continue" and "field" args are not both present.')
-DEF_REVIEW_COMPLETED_MSG = ugettext(
+DEF_REVIEW_COMPLETED_MSG = ugettext('This Application can not be reviewed '
-'This Application can not be reviewed anymore (it has been completed or rejected).')
+'anymore (it has been completed or rejected).')
 DEF_REQUEST_COMPLETED_MSG = ugettext(
 'This request cannot be accepted (it is either completed or denied).')
 DEF_SCOPE_INACTIVE_MSG = ugettext(
 'The scope for this request is not active.')
 DEF_SIGN_UP_AS_STUDENT_MSG = ugettext(
 'You need to sign up as a Student first.')
-DEF_NO_LIST_ACCESS_MSG = ugettext(
+DEF_NO_LIST_ACCESS_MSG = ugettext('You do not have the required rights to '
-'You do not have the required rights to list documents for this scope and prefix.')
+'list documents for this scope and prefix.')
 DEF_PAGE_DENIED_MSG = ugettext(
 'Access to this page has been restricted.')
 DEF_PREFIX_NOT_IN_ARGS_MSG = ugettext(
 if cached is None:
 try:
 self.doCheck(checker_name, django_args, args)
 self.put(checker_name, True)
 return
-except out_of_band.Error, e:
+except out_of_band.Error, exception:
-self.put(checker_name, e)
+self.put(checker_name, exception)
 raise
 if cached is True:
 return
 for checker_name, args in checks:
 try:
 self.doCheck(checker_name, django_args, args)
 # one check passed, all is well
 return
-except out_of_band.Error, e:
+except out_of_band.Error, exception:
 # store the first esception
-first = first if first else e
+first = first if first else exception
 # none passed, re-raise the first exception
 raise first
 def allow(self, django_args):
 def checkGroupIsActiveForScopeAndLinkId(self, django_args, logic):
 """Checks that the specified group is active.
 Only group where both the link_id and the scope_path match the value
 of the link_id and the scope_path from the django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 fields = ['scope_path', 'link_id']
 self._checkIsActive(django_args, logic, fields)
 def checkGroupIsActiveForLinkId(self, django_args, logic):
 """Checks that the specified group is active.
 Only group where the link_id matches the value of the link_id
 from the django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 self._checkIsActive(django_args, logic, ['link_id'])
 def checkHasActiveRole(self, django_args, logic):
 """Checks that the user has the specified active role.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 django_args = django_args.copy()
 django_args['user'] = self.user
 self._checkIsActive(django_args, logic, ['user'])
 def _checkHasActiveRoleFor(self, django_args, logic, field_name):
 """Checks that the user has the specified active role.
 Only roles where the field as specified by field_name matches the
 scope_path from the django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 fields = [field_name, 'user']
 django_args = django_args.copy()
 django_args['user'] = self.user
 def checkHasActiveRoleForScope(self, django_args, logic):
 """Checks that the user has the specified active role.
 Only roles where the scope_path matches the scope_path from the
 django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 self._checkHasActiveRoleFor(django_args, logic, 'scope_path')
 def checkHasActiveRoleForLinkId(self, django_args, logic):
 """Checks that the user has the specified active role.
 Only roles where the link_id matches the link_id from the
 django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 self._checkHasActiveRoleFor(django_args, logic, 'link_id')
 def checkHasActiveRoleForLinkIdAsScope(self, django_args, logic):
 """Checks that the user has the specified active role.
 Only roles where the scope_path matches the link_id from the
 django_args are considered.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 django_args = django_args.copy()
 django_args['scope_path'] = django_args['link_id']
 self._checkHasActiveRoleFor(django_args, logic, 'scope_path')
 def checkHasDocumentAccess(self, django_args, logic, target_scope):
 """Checks that the user has access to the specified document scope.
+Args:
+django_args: a dictionary with django's arguments
+logic: the logic that should be used to look up the entity
 """
 prefix = django_args['prefix']
 if self.SCOPE_DEPTH.get(prefix):
 scope_logic, depths = self.SCOPE_DEPTH[prefix]
 def checkCanMakeRequestToGroup(self, django_args, group_logic):
 """Raises an alternate HTTP response if the specified group is not in an
 active status.
 Args:
+django_args: a dictionary with django's arguments
 group_logic: Logic module for the type of group which the request is for
 """
 self.checkIsUser(django_args)
 def checkCanCreateFromRequest(self, django_args, role_name):
 """Raises an alternate HTTP response if the specified request does not exist
 or if it's status is not group_accepted. Also when the group this request
 is from is in an inactive or invalid status access will be denied.
+Args:
+django_args: a dictionary with django's arguments
+role_name: name of the role
 """
 self.checkIsUserSelf(django_args, 'link_id')
 fields = {
 raise out_of_band.AccessViolation(message_fmt=DEF_NO_REQUEST_MSG)
 def checkIsMyGroupAcceptedRequest(self, django_args):
 """Checks whether the user can accept the specified request.
+Args:
+django_args: a dictionary with django's arguments
 """
 self.checkCanCreateFromRequest(django_args, django_args['role'])
 def checkCanProcessRequest(self, django_args, role_name):
 """Raises an alternate HTTP response if the specified request does not exist
 or if it's status is completed or denied. Also Raises an alternate HTTP response
 whenever the group in the request is not active.
+Args:
+django_args: a dictionary with django's arguments
+role_name: name of the role
 """
 self.checkIsUser(django_args)
 fields = {
 @allowDeveloper
 @denySidebar
 def checkIsHostForProgram(self, django_args):
 """Checks if the user is a host for the specified program.
+Args:
+django_args: a dictionary with django's arguments
 """
 program = program_logic.getFromKeyFields(django_args)
 if not program or program.status == 'invalid':
 @allowDeveloper
 @denySidebar
 def checkIsHostForProgramInScope(self, django_args):
 """Checks if the user is a host for the specified program.
+Args:
+django_args: a dictionary with django's arguments
 """
 program = program_logic.getFromKeyName(django_args['scope_path'])
 if not program or program.status == 'invalid':
 @denySidebar
 def checkIsActivePeriod(self, django_args, period_name, key_name_arg):
 """Checks if the given period is active for the given program.
 Args:
-django_args: a dictionary with django's arguments.
+django_args: a dictionary with django's arguments
-period_name: the name of the period which is checked.
+period_name: the name of the period which is checked
 key_name_arg: the entry in django_args that specifies the given program
 keyname. If none is given the key_name is constructed from django_args
 itself.
 Raises:
 raise out_of_band.AccessViolation(message_fmt=DEF_PAGE_INACTIVE_MSG)
 def checkCanCreateOrgApp(self, django_args, period_name):
 """Checks to see if the program in the scope_path is accepting org apps
+Args:
+django_args: a dictionary with django's arguments
+period_name: the name of the period which is checked
 """
 if 'seed' in django_args:
 return self.checkIsActivePeriod(django_args['seed'],
 period_name, 'scope_path')
 else:
 return
 @allowDeveloper
 def checkCanEditGroupApp(self, django_args, group_app_logic):
-"""Checks if the group_app in args is valid to be edited by the current user.
+"""Checks if the group_app in args is valid to be edited by
+the current user.
-Args:
+Args:
+django_args: a dictionary with django's arguments
 group_app_logic: A logic instance for the Group Application
 """
 self.checkIsUser(django_args)
 @allowSidebar
 def checkCanReviewGroupApp(self, django_args, group_app_logic):
 """Checks if the group_app in args is valid to be reviewed.
 Args:
+django_args: a dictionary with django's arguments
 group_app_logic: A logic instance for the Group Application
 """
 if 'link_id' not in django_args:
 # calling review overview, so we can't check a specified entity
 return
 raise out_of_band.AccessViolation(message_fmt=DEF_NO_APPLICATION_MSG)
 def checkIsNotParticipatingInProgramInScope(self, django_args):
-"""Checks if the current user has no roles for the given program in django_args.
+"""Checks if the current user has no roles for the given
+program in django_args.
 Args:
 django_args: a dictionary with django's arguments
 Raises:
 def checkIsMyEntity(self, django_args, logic,
 field_name='user', user=False):
 """Checks whether the entity belongs to the user.
 Args:
+django_args: a dictionary with django's arguments
 logic: the logic that should be used to fetch the entity
 field_name: the name of the field the entity uses to store it's owner
 user: whether the entity stores the user's key name, or a reference
 """
 def checkIsAllowedToManageRole(self, django_args, role_logic, manage_role_logic):
 """Returns an alternate HTTP response if the user is not allowed to manage
 the role given in args.
 Args:
+django_args: a dictionary with django's arguments
 role_logic: determines the logic for the role in args.
 manage_role_logic: determines the logic for the role which is allowed
 to manage this role.
 Raises:
 def checkIsDocumentReadable(self, django_args, key_name_field=None):
 """Checks whether a document is readable.
 Args:
 django_args: a dictionary with django's arguments
+key_name_field: key name field
 """
 if key_name_field:
 key_name = django_args[key_name_field]
 document = document_logic.getFromKeyName(key_name)
 def checkIsDocumentWritable(self, django_args, key_name_field=None):
 """Checks whether a document is writable.
 Args:
 django_args: a dictionary with django's arguments
+key_name_field: key name field
 """
 if key_name_field:
 key_name = django_args[key_name_field]
 document = document_logic.getFromKeyName(key_name)
 document.write_access, django_args)
 @allowDeveloper
 def checkDocumentList(self, django_args):
 """Checks whether the user is allowed to list documents.
+Args:
+django_args: a dictionary with django's arguments
 """
 filter = django_args['filter']
 prefix = filter['prefix']
-scope_path = filter['scope_path']
 checker = rights_logic.Checker(prefix)
 roles = checker.getMembership('list')
 if not self.hasMembership(roles, filter):
 @allowDeveloper
 def checkDocumentPick(self, django_args):
 """Checks whether the user has access to the specified pick url.
 Will update the 'read_access' field of django_args['GET'].
+Args:
+django_args: a dictionary with django's arguments
 """
 get_args = django_args['GET']
 # make mutable in order to inject the proper read_access filter
 mutable = get_args._mutable
 get_args._mutable = True
 if 'prefix' not in get_args:
 get_args.setlist('read_access', roles)
 get_args._mutable = mutable
 def checkCanEditTimeline(self, django_args):
 """Checks whether this program's timeline may be edited.
-"""
+Args:
+django_args: a dictionary with django's arguments
+"""
 time_line_keyname = timeline_logic.getKeyFieldsFromFields(django_args)
 timeline_entity = timeline_logic.getFromKeyName(time_line_keyname)
 if not timeline_entity:
 # timeline does not exists so deny

changeset 1633	6b65707f4248
parent 1606	6f7e5a566d9a
child 1716	a387bb7a39d4