24 """ |
24 """ |
25 |
25 |
26 __authors__ = [ |
26 __authors__ = [ |
27 '"Todd Larsen" <tlarsen@google.com>', |
27 '"Todd Larsen" <tlarsen@google.com>', |
28 '"Sverre Rabbelier" <sverre@rabbelier.nl>', |
28 '"Sverre Rabbelier" <sverre@rabbelier.nl>', |
|
29 '"Lennard de Rijk" <ljvderijk@gmail.com>', |
29 '"Pawel Solyga" <pawel.solyga@gmail.com>', |
30 '"Pawel Solyga" <pawel.solyga@gmail.com>', |
30 ] |
31 ] |
31 |
32 |
32 |
33 |
33 from google.appengine.api import users |
34 from google.appengine.api import users |
36 from django.core import urlresolvers |
37 from django.core import urlresolvers |
37 |
38 |
38 from soc.logic import accounts |
39 from soc.logic import accounts |
39 from soc.logic import dicts |
40 from soc.logic import dicts |
40 from soc.logic.models import host as host_logic |
41 from soc.logic.models import host as host_logic |
|
42 from soc.logic.models import notification as notification_logic |
41 from soc.logic.models import user as user_logic |
43 from soc.logic.models import user as user_logic |
42 from soc.logic.models import request as request_logic |
44 from soc.logic.models import request as request_logic |
43 from soc.views import helper |
45 from soc.views import helper |
44 from soc.views import out_of_band |
46 from soc.views import out_of_band |
45 |
47 |
316 if request: |
318 if request: |
317 return |
319 return |
318 |
320 |
319 raise out_of_band.LoginRequest(message_fmt=login_message_fmt) |
321 raise out_of_band.LoginRequest(message_fmt=login_message_fmt) |
320 |
322 |
|
323 def checkIsMyNotification(request): |
|
324 """Returns an alternate HTTP response if this request is for a Notification belonging |
|
325 to the current user. |
|
326 |
|
327 Args: |
|
328 request: a Django HTTP request |
|
329 |
|
330 Raises: |
|
331 AccessViolationResponse: if the required authorization is not met |
|
332 |
|
333 Returns: |
|
334 None if the current User is allowed to access this Notification. |
|
335 """ |
|
336 |
|
337 try: |
|
338 # if the current user is a developer we allow access |
|
339 checkIsDeveloper(request) |
|
340 return |
|
341 except out_of_band.Error: |
|
342 pass |
|
343 |
|
344 checkIsUser(request) |
|
345 |
|
346 splitpath = request.path.split('/') |
|
347 splitpath = splitpath[1:] # cut off leading '' |
|
348 |
|
349 # get the notification scope (user link_id) from the request path |
|
350 user_link_id = splitpath[2] |
|
351 # get the notification link_id from the request path |
|
352 notification_link_id = splitpath[3] |
|
353 |
|
354 properties = { |
|
355 'link_id': notification_link_id, |
|
356 'scope_path': user_link_id, |
|
357 } |
|
358 |
|
359 notification = notification_logic.logic.getForFields(properties, unique=True) |
|
360 |
|
361 user = user_logic.logic.getForFields( |
|
362 {'account': users.get_current_user()}, unique=True) |
|
363 |
|
364 # check if the key of the current user matches the key from the scope of the message |
|
365 if user.key() == notification.scope.key(): |
|
366 # access granted |
|
367 return None |
|
368 else: |
|
369 # access denied |
|
370 deny(request) |
321 |
371 |
322 def checkCanInvite(request): |
372 def checkCanInvite(request): |
323 """Checks to see if the current user can create an invite |
373 """Checks to see if the current user can create an invite |
324 |
374 |
325 Note that if the current url is not in the default 'request' form |
375 Note that if the current url is not in the default 'request' form |
358 access_type = kwargs['access_type'] |
408 access_type = kwargs['access_type'] |
359 |
409 |
360 # Perform the access check |
410 # Perform the access check |
361 helper.access.checkAccess(access_type, request, rights=params['rights']) |
411 helper.access.checkAccess(access_type, request, rights=params['rights']) |
362 |
412 |
363 |
|
364 def checkIsDocumentPublic(request): |
413 def checkIsDocumentPublic(request): |
365 """Checks whether a document is public. |
414 """Checks whether a document is public. |
366 |
415 |
367 Args: |
416 Args: |
368 request: a Django HTTP request |
417 request: a Django HTTP request |