424 # try to see if they belong to any of the roles, if not, raise an |
424 # try to see if they belong to any of the roles, if not, raise an |
425 # access violation for the specified action, prefix and status. |
425 # access violation for the specified action, prefix and status. |
426 if not self.hasMembership(roles, django_args): |
426 if not self.hasMembership(roles, django_args): |
427 raise out_of_band.AccessViolation(message_fmt) |
427 raise out_of_band.AccessViolation(message_fmt) |
428 |
428 |
|
429 def checkHasAny(self, django_args, checks): |
|
430 """Checks if any of the checks passes. |
|
431 |
|
432 If none of the specified checks passes, the exception that the first of the |
|
433 checks raised is reraised. |
|
434 """ |
|
435 |
|
436 first = None |
|
437 |
|
438 for checker_name, args in checks: |
|
439 try: |
|
440 self.doCheck(checker_name, django_args, args) |
|
441 break |
|
442 except out_of_band.Error, e: |
|
443 # store the first esception |
|
444 first = first if first else e |
|
445 else: |
|
446 # one check passed, all is well |
|
447 return |
|
448 |
|
449 # none passed, re-raise the first exception |
|
450 raise first |
|
451 |
429 def allow(self, django_args): |
452 def allow(self, django_args): |
430 """Never raises an alternate HTTP response. (an access no-op, basically). |
453 """Never raises an alternate HTTP response. (an access no-op, basically). |
431 |
454 |
432 Args: |
455 Args: |
433 django_args: a dictionary with django's arguments |
456 django_args: a dictionary with django's arguments |