Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Redone access checks concerning groups to deal with the state property.
authorLennard de Rijk <ljvderijk@gmail.com>
Thu, 29 Jan 2009 15:53:35 +0000
changeset 1061 09c243461de8
parent 1060 eb6231138307
child 1062 f7ee38ebfe1c
Redone access checks concerning groups to deal with the state property. Patch by: Lennard de Rijk Reviewed by: to-be-reviewed
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Thu Jan 29 15:46:33 2009 +0000
+++ b/app/soc/views/helper/access.py	Thu Jan 29 15:53:35 2009 +0000
@@ -410,6 +410,34 @@
 
     raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
 
+  @allowDeveloper
+  @denySidebar
+  def checkIsGroupActive(self, django_args, group_logic):
+    """Raises an alternate HTTP response if Group state is not active.
+
+    Args:
+      django_args: a dictionary with django's arguments
+
+    Raises:
+      AccessViolationResponse:
+      * if no Group is found
+      * if the Group state is not active
+    """
+
+    fields = {'link_id': django_args['link_id']}
+
+    if django_args.get('scope_path'):
+      fields['scope_path'] = django_args['scope_path']
+
+    group_entity = group_logic.logic.getFromFieldsOr404(**fields)
+
+    if group_entity.state == 'active':
+      return
+
+    # TODO tell the user that this group is not active
+    self.deny(django_args)
+
+
   def checkCanMakeRequestToGroup(self, django_args, group_logic):
     """Raises an alternate HTTP response if the specified group is not in an
     active state.
@@ -426,12 +454,16 @@
     if not group_entity:
       raise out_of_band.Error(DEF_GROUP_NOT_FOUND_MSG, status=404)
 
-    # TODO(ljvderijk) check if the group is active
+    if group_entity.state != 'active':
+      # TODO tell the user that this group is not active
+      self.deny(django_args)
+
     return
 
   def checkCanCreateFromRequest(self, django_args, role_name):
     """Raises an alternate HTTP response if the specified request does not exist
-       or if it's state is not group_accepted.
+       or if it's state is not group_accepted. Also when the group this request
+       is from is in an inactive or invalid state access will be denied.
     """
 
     self.checkIsUser(django_args)
@@ -451,11 +483,16 @@
       # TODO tell the user that this request has not been accepted yet
       self.deny(django_args)
 
+    if request_entity.scope.state in ['invalid', 'inactive']:
+      # TODO tell the user that it is not possible to create this role anymore
+      self.deny(django_args)
+
     return
 
   def checkCanProcessRequest(self, django_args, role_name):
     """Raises an alternate HTTP response if the specified request does not exist
-       or if it's state is completed or denied.
+       or if it's state is completed or denied. Also Raises an alternate HTTP response
+       whenever the group in the request is not active.
     """
 
     fields = {'link_id': django_args['link_id'],
@@ -468,6 +505,10 @@
       # TODO tell the user that this request has been processed
       self.deny(django_args)
 
+    if request_entity.scope.state != 'active':
+      # TODO tell the user that this group cannot process requests
+      self.deny(django_args)
+
     return
 
   def checkIsMyGroupAcceptedRequest(self, django_args):
py_tasks_melange