app/soc/views/helper/access.py
changeset 729 7fe218e3d359
parent 727 ddf44af087a0
child 746 018efb9863dc
--- a/app/soc/views/helper/access.py	Sat Dec 13 12:48:49 2008 +0000
+++ b/app/soc/views/helper/access.py	Sat Dec 13 12:49:11 2008 +0000
@@ -342,31 +342,26 @@
     pass
 
   checkIsUser(request)
-  
-  splitpath = request.path.split('/')
-  splitpath = splitpath[1:] # cut off leading ''
-  
-  # get the notification scope (user link_id) from the request path
-  user_link_id = splitpath[2]
-  # get the notification link_id from the request path
-  notification_link_id = splitpath[3]
-  
-  properties = {
-      'link_id': notification_link_id,
-      'scope_path': user_link_id,
-      }
-  
+
+  # Mine the url for params
+  try:
+    callback, args, kwargs = urlresolvers.resolve(request.path)
+  except Exception:
+    deny(request)
+
+  properties = dicts.filter(kwargs, ['link_id', 'scope_path'])
+
   notification = notification_logic.logic.getForFields(properties, unique=True)
-  
   user = user_logic.logic.getForCurrentAccount()
-  
-  # check if the key of the current user matches the key from the scope of the message
+
+  # We need to check to see if the key's are equal since the User
+  # objects are different and the default __eq__ method does not check
+  # if the keys are equal (which is what we want).
   if user.key() == notification.scope.key():
-    # access granted
     return None
-  else:
-    # access denied
-    deny(request)  
+
+  # TODO(ljvderijk) Make this give a proper error message
+  deny(request)
 
 def checkCanInvite(request):
   """Checks to see if the current user can create an invite