Mercurial Mercurial > py_tasks_melange / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/soc/views/helper/access.py
changeset 1318 3f41f33a4ad2
parent 1315 7c58f5cdd5b8
child 1334 5009b63c247a 
--- a/app/soc/views/helper/access.py	Sat Feb 14 15:57:53 2009 +0000
+++ b/app/soc/views/helper/access.py	Sat Feb 14 16:43:20 2009 +0000
@@ -111,6 +111,9 @@
 DEF_SCOPE_INACTIVE_MSG = ugettext(
     'The scope for this request is not active.')
 
+DEF_NO_LIST_ACCESS_MSG = ugettext(
+    'You do not have the required rights to list documents for this scope and prefix.')
+
 DEF_PAGE_DENIED_MSG = ugettext(
     'Access to this page has been restricted')
 
@@ -949,6 +952,22 @@
                          document.write_access, django_args)
 
   @allowDeveloper
+  def checkDocumentList(self, django_args):
+    """Checks whether the user is allowed to list documents.
+    """
+
+    filter = django_args['filter']
+
+    prefix = filter['prefix']
+    scope_path = filter['scope_path']
+
+    checker = rights_logic.Checker(prefix)
+    roles = checker.getMembership('list')
+
+    if not self.hasMembership(roles, filter):
+      raise out_of_band.AccessViolation(message_fmt=DEF_NO_LIST_ACCESS_MSG)
+
+  @allowDeveloper
   def checkDocumentPick(self, django_args):
     """Checks whether the user has access to the specified pick url.
py_tasks_melange