app/soc/views/helper/access.py
changeset 884 ded4850776c8
parent 882 267e31f1a0b6
child 887 b8c1a6bc913e
equal deleted inserted replaced
883:1e0af43577ee 884:ded4850776c8
    38 
    38 
    39 from soc.logic import accounts
    39 from soc.logic import accounts
    40 from soc.logic import dicts
    40 from soc.logic import dicts
    41 from soc.logic.models import host as host_logic
    41 from soc.logic.models import host as host_logic
    42 from soc.logic.models import notification as notification_logic
    42 from soc.logic.models import notification as notification_logic
    43 from soc.logic.models import club_app  as club_app_logic
       
    44 from soc.logic.models import user as user_logic
    43 from soc.logic.models import user as user_logic
    45 from soc.logic.models import request as request_logic
    44 from soc.logic.models import request as request_logic
    46 from soc.views import helper
    45 from soc.views import helper
    47 from soc.views import out_of_band
    46 from soc.views import out_of_band
    48 
    47 
   354     return
   353     return
   355 
   354 
   356   raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
   355   raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
   357 
   356 
   358 
   357 
   359 def checkIsClubAppAccepted(request, args, kwargs):
   358 def checkIsApplicationAccepted(app_logic):
   360   """Returns an alternate HTTP response if Google Account has no Club App
   359   """Returns an alternate HTTP response if Google Account has no Club App
   361      entity for the specified Club.
   360      entity for the specified Club.
   362 
   361 
   363   Args:
   362   Args:
   364     request: a Django HTTP request
   363     request: a Django HTTP request
   368 
   367 
   369   Returns:
   368   Returns:
   370     None if Club App  exists for the specified program, or a subclass
   369     None if Club App  exists for the specified program, or a subclass
   371     of django.http.HttpResponse which contains the alternate response
   370     of django.http.HttpResponse which contains the alternate response
   372     should be returned by the calling view.
   371     should be returned by the calling view.
   373   """
       
   374 
       
   375   try:
       
   376     # if the current user is a developer we allow access
       
   377     checkIsDeveloper(request, args, kwargs)
       
   378     return
       
   379   except out_of_band.Error:
       
   380     pass
       
   381 
       
   382   checkIsUser(request, args, kwargs)
       
   383 
       
   384   user = user_logic.logic.getForCurrentAccount()
       
   385 
       
   386   properties = {
       
   387       'applicant': user,
       
   388       'reviewed': True,
       
   389       'accepted': True,
       
   390       'application_completed': False,
       
   391       }
       
   392 
       
   393   club_app = club_app_logic.logic.getForFields(properties, unique=True)
       
   394 
       
   395   if club_app:
       
   396     return
       
   397 
       
   398   # TODO(srabbelier) Make this give a proper error message
       
   399   deny(request, args, kwargs)
       
   400 
       
   401 
       
   402 def checkIsMyNotification(request, args, kwargs):
       
   403   """Returns an alternate HTTP response if this request is for a Notification belonging
       
   404      to the current user.
       
   405 
       
   406   Args:
       
   407     request: a Django HTTP request
       
   408 
       
   409    Raises:
       
   410      AccessViolationResponse: if the required authorization is not met
       
   411 
       
   412   Returns:
       
   413     None if the current User is allowed to access this Notification.
       
   414   """
       
   415   
       
   416   try:
       
   417     # if the current user is a developer we allow access
       
   418     checkIsDeveloper(request, args, kwargs)
       
   419     return
       
   420   except out_of_band.Error:
       
   421     pass
       
   422 
       
   423   checkIsUser(request, args, kwargs)
       
   424 
       
   425   # Mine the url for params
       
   426   try:
       
   427     callback, args, kwargs = urlresolvers.resolve(request.path)
       
   428   except Exception:
       
   429     deny(request, args, kwargs)
       
   430 
       
   431   properties = dicts.filter(kwargs, ['link_id', 'scope_path'])
       
   432 
       
   433   notification = notification_logic.logic.getForFields(properties, unique=True)
       
   434   user = user_logic.logic.getForCurrentAccount()
       
   435 
       
   436   # We need to check to see if the key's are equal since the User
       
   437   # objects are different and the default __eq__ method does not check
       
   438   # if the keys are equal (which is what we want).
       
   439   if user.key() == notification.scope.key():
       
   440     return None
       
   441 
       
   442   # TODO(ljvderijk) Make this give a proper error message
       
   443   deny(request, args, kwargs)
       
   444 
       
   445 
       
   446 def checkIsMyApplication(app_logic):
       
   447   """Returns an alternate HTTP response if this request is for a Application belonging
       
   448      to the current user.
       
   449 
       
   450   Args:
       
   451     request: a Django HTTP request
       
   452 
       
   453    Raises:
       
   454      AccessViolationResponse: if the required authorization is not met
       
   455 
       
   456   Returns:
       
   457     None if the current User is allowed to access this Application.
       
   458   """
   372   """
   459 
   373 
   460   def wrapper(request, args, kwargs):
   374   def wrapper(request, args, kwargs):
   461     try:
   375     try:
   462       # if the current user is a developer we allow access
   376       # if the current user is a developer we allow access
   465     except out_of_band.Error:
   379     except out_of_band.Error:
   466       pass
   380       pass
   467 
   381 
   468     checkIsUser(request, args, kwargs)
   382     checkIsUser(request, args, kwargs)
   469 
   383 
       
   384     user = user_logic.logic.getForCurrentAccount()
       
   385 
       
   386     properties = {
       
   387         'applicant': user,
       
   388         'reviewed': True,
       
   389         'accepted': True,
       
   390         'application_completed': False,
       
   391         }
       
   392 
       
   393     application = app_logic.logic.getForFields(properties, unique=True)
       
   394 
       
   395     if application:
       
   396       return
       
   397 
       
   398     # TODO(srabbelier) Make this give a proper error message
       
   399     deny(request, args, kwargs)
       
   400 
       
   401   return wrapper
       
   402 
       
   403 
       
   404 def checkIsMyNotification(request, args, kwargs):
       
   405   """Returns an alternate HTTP response if this request is for a Notification belonging
       
   406      to the current user.
       
   407 
       
   408   Args:
       
   409     request: a Django HTTP request
       
   410 
       
   411    Raises:
       
   412      AccessViolationResponse: if the required authorization is not met
       
   413 
       
   414   Returns:
       
   415     None if the current User is allowed to access this Notification.
       
   416   """
       
   417   
       
   418   try:
       
   419     # if the current user is a developer we allow access
       
   420     checkIsDeveloper(request, args, kwargs)
       
   421     return
       
   422   except out_of_band.Error:
       
   423     pass
       
   424 
       
   425   checkIsUser(request, args, kwargs)
       
   426 
       
   427   # Mine the url for params
       
   428   try:
       
   429     callback, args, kwargs = urlresolvers.resolve(request.path)
       
   430   except Exception:
       
   431     deny(request, args, kwargs)
       
   432 
       
   433   properties = dicts.filter(kwargs, ['link_id', 'scope_path'])
       
   434 
       
   435   notification = notification_logic.logic.getForFields(properties, unique=True)
       
   436   user = user_logic.logic.getForCurrentAccount()
       
   437 
       
   438   # We need to check to see if the key's are equal since the User
       
   439   # objects are different and the default __eq__ method does not check
       
   440   # if the keys are equal (which is what we want).
       
   441   if user.key() == notification.scope.key():
       
   442     return None
       
   443 
       
   444   # TODO(ljvderijk) Make this give a proper error message
       
   445   deny(request, args, kwargs)
       
   446 
       
   447 
       
   448 def checkIsMyApplication(app_logic):
       
   449   """Returns an alternate HTTP response if this request is for a Application belonging
       
   450      to the current user.
       
   451 
       
   452   Args:
       
   453     request: a Django HTTP request
       
   454 
       
   455    Raises:
       
   456      AccessViolationResponse: if the required authorization is not met
       
   457 
       
   458   Returns:
       
   459     None if the current User is allowed to access this Application.
       
   460   """
       
   461 
       
   462   def wrapper(request, args, kwargs):
       
   463     try:
       
   464       # if the current user is a developer we allow access
       
   465       checkIsDeveloper(request, args, kwargs)
       
   466       return
       
   467     except out_of_band.Error:
       
   468       pass
       
   469 
       
   470     checkIsUser(request, args, kwargs)
       
   471 
   470     properties = dicts.filter(kwargs, ['link_id'])
   472     properties = dicts.filter(kwargs, ['link_id'])
   471 
   473 
   472     application = app_logic.logic.getForFields(properties, unique=True)
   474     application = app_logic.logic.getForFields(properties, unique=True)
       
   475     
       
   476     if not application:
       
   477       deny(request, args, kwargs)
       
   478     
   473     user = user_logic.logic.getForCurrentAccount()
   479     user = user_logic.logic.getForCurrentAccount()
   474 
   480 
   475     # We need to check to see if the key's are equal since the User
   481     # We need to check to see if the key's are equal since the User
   476     # objects are different and the default __eq__ method does not check
   482     # objects are different and the default __eq__ method does not check
   477     # if the keys are equal (which is what we want).
   483     # if the keys are equal (which is what we want).