31 |
31 |
32 |
32 |
33 from google.appengine.api import users |
33 from google.appengine.api import users |
34 |
34 |
35 from django.utils.translation import ugettext_lazy |
35 from django.utils.translation import ugettext_lazy |
|
36 from django.core import urlresolvers |
36 |
37 |
37 from soc.logic import accounts |
38 from soc.logic import accounts |
|
39 from soc.logic import dicts |
38 from soc.logic.models import host as host_logic |
40 from soc.logic.models import host as host_logic |
39 from soc.logic.models import user as user_logic |
41 from soc.logic.models import user as user_logic |
40 from soc.logic.models import request as request_logic |
42 from soc.logic.models import request as request_logic |
41 from soc.views import helper |
43 from soc.views import helper |
42 from soc.views import out_of_band |
44 from soc.views import out_of_band |
231 django.http.HttpResponse which contains the alternate response |
233 django.http.HttpResponse which contains the alternate response |
232 should be returned by the calling view. |
234 should be returned by the calling view. |
233 """ |
235 """ |
234 |
236 |
235 try: |
237 try: |
236 # if the current user is a developer we allow access |
238 # if the current user is invited to create a host profile we allow access |
237 checkIsInvited(request) |
239 checkIsInvited(request) |
238 return |
240 return |
239 except out_of_band.Error: |
241 except out_of_band.Error: |
240 pass |
242 pass |
241 |
243 |
315 return |
317 return |
316 |
318 |
317 raise out_of_band.LoginRequest(message_fmt=login_message_fmt) |
319 raise out_of_band.LoginRequest(message_fmt=login_message_fmt) |
318 |
320 |
319 |
321 |
|
322 def checkCanInvite(request): |
|
323 """Checks to see if the current user can create an invite |
|
324 |
|
325 Note that if the current url is not in the default 'request' form |
|
326 this method either deny()s or performs the wrong access check. |
|
327 |
|
328 Args: |
|
329 request: a Django HTTP request |
|
330 """ |
|
331 |
|
332 try: |
|
333 # if the current user is a developer we allow access |
|
334 checkIsDeveloper(request) |
|
335 return |
|
336 except out_of_band.Error: |
|
337 pass |
|
338 |
|
339 # Mine the url for params |
|
340 try: |
|
341 callback, args, kwargs = urlresolvers.resolve(request.path) |
|
342 except Exception: |
|
343 deny(request) |
|
344 |
|
345 # Construct a new url by reshufling the kwargs |
|
346 order = ['role', 'access_type', 'scope_path', 'link_id'] |
|
347 url_params = dicts.unzip(kwargs, order) |
|
348 url = '/'.join([''] + list(url_params)) |
|
349 |
|
350 # Mine the reshufled url |
|
351 try: |
|
352 callback, args, kwargs = urlresolvers.resolve(url) |
|
353 except Exception: |
|
354 deny(request) |
|
355 |
|
356 # Get the everything we need for the access check |
|
357 params = callback.im_self.getParams() |
|
358 access_type = kwargs['access_type'] |
|
359 |
|
360 # Perform the access check |
|
361 helper.access.checkAccess(access_type, request, rights=params['rights']) |
|
362 |
|
363 |
320 def checkIsDocumentPublic(request): |
364 def checkIsDocumentPublic(request): |
321 """Checks whether a document is public. |
365 """Checks whether a document is public. |
322 |
366 |
323 Args: |
367 Args: |
324 request: a Django HTTP request |
368 request: a Django HTTP request |