# HG changeset patch # User Sverre Rabbelier # Date 1233270337 0 # Node ID 94bc2a9ae103ce47220c9cd4b8940cc68dc372fb # Parent feea88d0e1d83f9b6360d29ddbe32a1c1fb35716 Properly check if a program is active Also cleaned up checkIsHost, which got merge-mangled when refactoring the access module. Patch by: Sverre Rabbelier diff -r feea88d0e1d8 -r 94bc2a9ae103 app/soc/views/helper/access.py --- a/app/soc/views/helper/access.py Thu Jan 29 23:04:12 2009 +0000 +++ b/app/soc/views/helper/access.py Thu Jan 29 23:05:37 2009 +0000 @@ -46,6 +46,7 @@ from soc.logic.models.role import logic as role_logic from soc.logic.models.site import logic as site_logic from soc.logic.models.user import logic as user_logic +from soc.logic.models.program import logic as program_logic from soc.views import helper from soc.views import out_of_band from soc.views.helper import redirects @@ -567,25 +568,18 @@ self.checkIsUser(django_args) - user = user_logic.getForCurrentAccount() + scope_path = None - if django_args.get('scope_path'): + if 'scope_path' in django_args: scope_path = django_args['scope_path'] - else: + if 'link_id' in django_args: scope_path = django_args['link_id'] - fields = {'user': user, - 'scope_path': scope_path, + fields = {'user': self.user, 'state': 'active'} - host = host_logic.getForFields(fields, unique=True) - - self.checkIsUser(django_args) - - user = user_logic.getForCurrentAccount() - - fields = {'user': user, - 'state': 'active'} + if scope_path: + fields['scope_path'] = scope_path host = host_logic.getForFields(fields, unique=True) @@ -597,6 +591,21 @@ raise out_of_band.LoginRequest(message_fmt=login_message_fmt) + @denySidebar + @allowDeveloper + def checkIsHostForProgram(self, django_args): + """Checks if the user is a host for the specified program. + """ + + key_fields = program_logic.getKeyFieldsFromDict(django_args) + program = program_logic.getFromFields(**key_fields) + + if not program: + self.deny(django_args) + + new_args = { 'scope_path': program.scope_path } + self.checkIsHost(new_args) + @allowDeveloper def checkIsHostForSponsor(self, django_args): """Raises an alternate HTTP response if Google Account has no Host entity @@ -880,3 +889,29 @@ # TODO(srabbelier): A proper check needs to be done to see if the document # is public or not, probably involving analysing it's scope or such. self.allow(django_args) + + @allowIfCheckPasses('checkIsHost') + def checkIsProgramActive(self, django_args): + """Checks whether a program is active + """ + + if 'entity' in django_args: + program = django_args['entity'] + else: + key_fields = program_logic.getKeyFieldsFromDict(django_args) + program = program_logic.getFromFields(**key_fields) + + if not program: + self.deny(django_args) + + if program.is_enabled: + return + + context = django_args.get('context', {}) + context['title'] = 'Access denied' + + message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % { + 'role': ugettext('a Program Administrator')} + + raise out_of_band.AccessViolation(DEF_DEV_LOGOUT_LOGIN_MSG_FMT, + context=context) diff -r feea88d0e1d8 -r 94bc2a9ae103 app/soc/views/models/program.py --- a/app/soc/views/models/program.py Thu Jan 29 23:04:12 2009 +0000 +++ b/app/soc/views/models/program.py Thu Jan 29 23:05:37 2009 +0000 @@ -56,6 +56,9 @@ rights = access.Checker(params) rights['any_access'] = ['allow'] rights['show'] = ['allow'] + rights['create'] = ['checkIsHost'] + rights['edit'] = ['checkIsHostForProgram'] + rights['delete'] = ['checkIsHostForProgram'] new_params = {} new_params['logic'] = soc.logic.models.program.logic @@ -143,9 +146,9 @@ filter_args = {} for entity in entities: - filter_args['scope_path'] = entity.key().name() + filter_args['entity'] = entity try: - rights.doCheck('checkIsHost', filter_args, []) + rights.doCheck('checkIsProgramActive', filter_args, []) except out_of_band.Error: continue