Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add a simple access check for a picker
authorSverre Rabbelier <srabbelier@gmail.com>
Fri, 23 Jan 2009 21:04:45 +0000
changeset 931 1131884c3c56
parent 930 7e88fba647b1
child 932 2b72d0315254
Add a simple access check for a picker The picker page should not be accessible if the required GET args are not present. Patch by: Sverre Rabbelier
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Fri Jan 23 17:51:35 2009 +0000
+++ b/app/soc/views/helper/access.py	Fri Jan 23 21:04:45 2009 +0000
@@ -680,6 +680,27 @@
   checkAccess(access_type, request, rights=params['rights'])
 
 
+def checkHasPickGetArgs(request, arg, kwargs):
+  """Raises an alternate HTTP response if the request misses get args
+
+  Args:
+    request: a Django HTTP request
+
+  Raises:
+    AccessViolationResponse:
+    * if continue is not in request.GET
+    * if field is not in request.GET
+  """
+
+  get_args = request.GET
+
+  if 'continue' in get_args and 'field' in get_args:
+    return
+
+  #TODO(SRabbelier) inform user that return_url and field are required
+  deny(request, arg, kwargs)
+
+
 def checkIsDocumentPublic(request, args, kwargs):
   """Checks whether a document is public.
py_tasks_melange