equal
deleted
inserted
replaced
107 for check in rights[access_type]: |
107 for check in rights[access_type]: |
108 check(request, args, kwargs) |
108 check(request, args, kwargs) |
109 |
109 |
110 |
110 |
111 def allow(request, args, kwargs): |
111 def allow(request, args, kwargs): |
112 """Never raises an alternate HTTP response. (an access no-op, basically) |
112 """Never raises an alternate HTTP response. (an access no-op, basically). |
113 |
113 |
114 Args: |
114 Args: |
115 request: a Django HTTP request |
115 request: a Django HTTP request |
116 """ |
116 """ |
117 return |
117 return |
255 user_entity = user_logic.getForCurrentAccount() |
255 user_entity = user_logic.getForCurrentAccount() |
256 |
256 |
257 if user_entity.link_id != kwargs['link_id']: |
257 if user_entity.link_id != kwargs['link_id']: |
258 deny(request, args, kwargs) |
258 deny(request, args, kwargs) |
259 |
259 |
260 fields = {'link_id' : kwargs['link_id'], |
260 fields = {'link_id': kwargs['link_id'], |
261 'scope_path' : kwargs['scope_path'], |
261 'scope_path': kwargs['scope_path'], |
262 'role' : role_name} |
262 'role': role_name} |
263 |
263 |
264 request_entity = request_logic.getFromFieldsOr404(**fields) |
264 request_entity = request_logic.getFromFieldsOr404(**fields) |
265 |
265 |
266 if request_entity.state != 'group_accepted': |
266 if request_entity.state != 'group_accepted': |
267 # TODO tell the user that this request has not been accepted yet |
267 # TODO tell the user that this request has not been accepted yet |
281 |
281 |
282 if user_entity.link_id != kwargs['link_id']: |
282 if user_entity.link_id != kwargs['link_id']: |
283 # not the current user's request |
283 # not the current user's request |
284 return deny(request, args, kwargs) |
284 return deny(request, args, kwargs) |
285 |
285 |
286 fields = {'link_id' : kwargs['link_id'], |
286 fields = {'link_id': kwargs['link_id'], |
287 'scope_path' : kwargs['scope_path'], |
287 'scope_path': kwargs['scope_path'], |
288 'role' : kwargs['role']} |
288 'role': kwargs['role']} |
289 |
289 |
290 request_entity = request_logic.getForFields(fields, unique=True) |
290 request_entity = request_logic.getForFields(fields, unique=True) |
291 |
291 |
292 if not request_entity: |
292 if not request_entity: |
293 # TODO return 404 |
293 # TODO return 404 |
323 checkAgreesToSiteToS(request, args, kwargs) |
323 checkAgreesToSiteToS(request, args, kwargs) |
324 |
324 |
325 user = user_logic.getForFields({'account': users.get_current_user()}, |
325 user = user_logic.getForFields({'account': users.get_current_user()}, |
326 unique=True) |
326 unique=True) |
327 |
327 |
328 fields = {'user' : user, |
328 fields = {'user': user, |
329 'state' : 'active'} |
329 'state': 'active'} |
330 |
330 |
331 host = host_logic.getForFields(fields, unique=True) |
331 host = host_logic.getForFields(fields, unique=True) |
332 |
332 |
333 if host: |
333 if host: |
334 return |
334 return |
356 checkAgreesToSiteToS(request, args, kwargs) |
356 checkAgreesToSiteToS(request, args, kwargs) |
357 |
357 |
358 user = user_logic.getForFields({'account': users.get_current_user()}, |
358 user = user_logic.getForFields({'account': users.get_current_user()}, |
359 unique=True) |
359 unique=True) |
360 |
360 |
361 fields = {'user' : user, |
361 fields = {'user': user, |
362 'scope_path' : kwargs['scope_path'], |
362 'scope_path': kwargs['scope_path'], |
363 'state' : 'active'} |
363 'state': 'active'} |
364 |
364 |
365 host = host_logic.getForFields(fields, unique=True) |
365 host = host_logic.getForFields(fields, unique=True) |
366 |
366 |
367 if host: |
367 if host: |
368 return |
368 return |
403 if kwargs.get('scope_path'): |
403 if kwargs.get('scope_path'): |
404 scope_path = kwargs['scope_path'] |
404 scope_path = kwargs['scope_path'] |
405 else: |
405 else: |
406 scope_path = kwargs['link_id'] |
406 scope_path = kwargs['link_id'] |
407 |
407 |
408 fields = {'user' : user, |
408 fields = {'user': user, |
409 'scope_path' : scope_path, |
409 'scope_path': scope_path, |
410 'state' : 'active'} |
410 'state': 'active'} |
411 |
411 |
412 club_admin_entity = club_admin_logic.getForFields(fields, unique=True) |
412 club_admin_entity = club_admin_logic.getForFields(fields, unique=True) |
413 |
413 |
414 if club_admin_entity: |
414 if club_admin_entity: |
415 return |
415 return |
463 |
463 |
464 return wrapper |
464 return wrapper |
465 |
465 |
466 |
466 |
467 def checkIsMyNotification(request, args, kwargs): |
467 def checkIsMyNotification(request, args, kwargs): |
468 """Returns an alternate HTTP response if this request is for a Notification belonging |
468 """Returns an alternate HTTP response if this request is for |
469 to the current user. |
469 a Notification belonging to the current user. |
470 |
470 |
471 Args: |
471 Args: |
472 request: a Django HTTP request |
472 request: a Django HTTP request |
473 |
473 |
474 Raises: |
474 Raises: |
507 # TODO(ljvderijk) Make this give a proper error message |
507 # TODO(ljvderijk) Make this give a proper error message |
508 deny(request, args, kwargs) |
508 deny(request, args, kwargs) |
509 |
509 |
510 |
510 |
511 def checkIsMyApplication(app_logic): |
511 def checkIsMyApplication(app_logic): |
512 """Returns an alternate HTTP response if this request is for a Application belonging |
512 """Returns an alternate HTTP response if this request is for |
513 to the current user. |
513 a Application belonging to the current user. |
514 |
514 |
515 Args: |
515 Args: |
516 request: a Django HTTP request |
516 request: a Django HTTP request |
517 |
517 |
518 Raises: |
518 Raises: |
576 |
576 |
577 if not user or user.link_id != kwargs['link_id']: |
577 if not user or user.link_id != kwargs['link_id']: |
578 # not my role |
578 # not my role |
579 deny(request, args, kwargs) |
579 deny(request, args, kwargs) |
580 |
580 |
581 fields = {'link_id' : kwargs['link_id'], |
581 fields = {'link_id': kwargs['link_id'], |
582 'scope_path' : kwargs['scope_path'] |
582 'scope_path': kwargs['scope_path'] |
583 } |
583 } |
584 |
584 |
585 role_entity = role_logic.logic.getForFields(fields, unique=True) |
585 role_entity = role_logic.logic.getForFields(fields, unique=True) |
586 |
586 |
587 if not role_entity: |
587 if not role_entity: |
639 # Perform the access check |
639 # Perform the access check |
640 checkAccess(access_type, request, rights=params['rights']) |
640 checkAccess(access_type, request, rights=params['rights']) |
641 |
641 |
642 |
642 |
643 def checkHasPickGetArgs(request, arg, kwargs): |
643 def checkHasPickGetArgs(request, arg, kwargs): |
644 """Raises an alternate HTTP response if the request misses get args |
644 """Raises an alternate HTTP response if the request misses get args. |
645 |
645 |
646 Args: |
646 Args: |
647 request: a Django HTTP request |
647 request: a Django HTTP request |
648 |
648 |
649 Raises: |
649 Raises: |