# HG changeset patch # User Daniel Diniz # Date 1246192855 -7200 # Node ID 0ba41e115dbceebadcaefce487d63248dc5a2fd1 # Parent 636dfd5381c243951ad40a771333cca6f6bf2b28 Added Access checks for Surveys. Patch by: Daniel Diniz, James Levy Reviewed by: Lennard de Rijk diff -r 636dfd5381c2 -r 0ba41e115dbc app/soc/views/helper/access.py --- a/app/soc/views/helper/access.py Sun Jun 28 14:32:21 2009 +0200 +++ b/app/soc/views/helper/access.py Sun Jun 28 14:40:55 2009 +0200 @@ -41,6 +41,7 @@ from soc.logic.models.club_admin import logic as club_admin_logic from soc.logic.models.club_member import logic as club_member_logic from soc.logic.models.document import logic as document_logic +from soc.logic.models.survey import logic as survey_logic from soc.logic.models.host import logic as host_logic from soc.logic.models.mentor import logic as mentor_logic from soc.logic.models.org_admin import logic as org_admin_logic @@ -1511,6 +1512,45 @@ @allowSidebar @allowDeveloper + def checkIsSurveyReadable(self, django_args, key_name_field=None): + """Checks whether a survey is readable. + + Args: + django_args: a dictionary with django's arguments + key_name_field: key name field + """ + + if key_name_field: + key_name = django_args[key_name_field] + survey = survey_logic.getFromKeyNameOr404(key_name) + else: + survey = survey_logic.getFromKeyFieldsOr404(django_args) + + self.checkMembership('read', survey.prefix, + survey.read_access, django_args) + + @denySidebar + @allowDeveloper + def checkIsSurveyWritable(self, django_args, key_name_field=None): + """Checks whether a survey is writable. + + Args: + django_args: a dictionary with django's arguments + key_name_field: key name field + """ + + if key_name_field: + key_name = django_args[key_name_field] + survey = survey_logic.getFromKeyNameOr404(key_name) + else: + survey = survey_logic.getFromKeyFieldsOr404(django_args) + + self.checkMembership('write', survey.prefix, + survey.write_access, django_args) + + + @allowSidebar + @allowDeveloper def checkIsDocumentReadable(self, django_args, key_name_field=None): """Checks whether a document is readable by the current user.