# HG changeset patch
# User Lennard de Rijk <ljvderijk@gmail.com>
# Date 1252951090 -7200
# Node ID d24b80677879cf32d3f8b29e6b99b7f24b5d5cef
# Parent  b9f600436e89cbdbab19d31a2a7aad0eecb1adab
Added checkIsMyActiveRole check to the access module.

diff -r b9f600436e89 -r d24b80677879 app/soc/views/helper/access.py
--- a/app/soc/views/helper/access.py	Mon Sep 14 18:52:57 2009 +0200
+++ b/app/soc/views/helper/access.py	Mon Sep 14 19:58:10 2009 +0200
@@ -1511,6 +1511,29 @@
     raise out_of_band.AccessViolation(message_fmt=DEF_NOT_YOUR_ENTITY_MSG)
 
   @allowDeveloper
+  def checkIsMyActiveRole(self, django_args, role_logic):
+    """Checks whether the current user has the active role given by django_args.
+
+    Args:
+      django_args: a dictionary with django's arguments
+      logic: the logic that should be used to fetch the role
+    """
+
+    self.checkIsUser(django_args)
+
+    entity = role_logic.getFromKeyFieldsOr404(django_args)
+
+    if entity.user.key() != self.user.key() or (
+        entity.link_id != self.user.link_id):
+      raise out_of_band.AccessViolation(message_fmt=DEF_NOT_YOUR_ENTITY_MSG)
+
+    if entity.status != 'active':
+      raise out_of_band.AccessViolation(message_fmt=DEF_NO_ACTIVE_ROLE_MSG)
+
+    # this role belongs to the current user and is active
+    return
+
+  @allowDeveloper
   @denySidebar
   def checkIsAllowedToManageRole(self, django_args, logic_for_role, 
       manage_role_logic):