--- a/app/soc/views/models/base.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/base.py Thu Nov 20 15:41:14 2008 +0000
@@ -58,14 +58,14 @@
' <a href="%(create)s">Create '
'a New %(entity_type)s</a> page.')
- def __init__(self, params=None, rights=None):
+ def __init__(self, params=None):
"""
Args:
- rights: This dictionary should be filled with the access check
- functions that should be called, it will be modified in-place.
params: This dictionary should be filled with the parameters
specific to this entity, required fields are:
+ rights: This dictionary should be filled with the access check
+ functions that should be called
name: the name of the entity (names should have sentence-style caps)
name_short: the short form name of the name ('org' vs 'organization')
name_plural: the plural form of the name
@@ -84,10 +84,15 @@
sidebar_defaults: a dictionary with defaults for the sidebar
"""
- new_rights = {}
- new_rights['any_access'] = [access.checkIsUser]
+ rights = {}
+ rights['unspecified'] = []
+ rights['any_access'] = [access.checkIsUser]
+ rights['create'] = [access.checkIsDeveloper]
+ rights['delete'] = [access.checkIsDeveloper]
+ rights['list'] = [access.checkIsDeveloper]
new_params = {}
+ new_params['rights'] = rights
new_params['create_redirect'] = '/%s' % params['url_name']
new_params['missing_redirect'] = '/%s/create' % params['url_name']
@@ -118,7 +123,6 @@
new_params['list_redirect_action'] = '/' + params['url_name'] + '/edit'
- self._rights = dicts.merge(rights, new_rights)
self._params = dicts.merge(params, new_params)
def public(self, request, page_name=None, params=None, **kwargs):
@@ -204,7 +208,7 @@
params = dicts.merge(params, self._params)
try:
- self.checkAccess('edit', request)
+ self.checkAccess('edit', request, rights=params['rights'])
except soc.views.out_of_band.AccessViolationResponse, alt_response:
return alt_response.response()
@@ -435,16 +439,6 @@
pass
- def checkUnspecified(self, access_type, request):
- """Checks whether an unspecified access_type should be allowed.
-
- Args:
- access_type: the access type (such as 'list' or 'edit') that was
- not present in the _rights dictionary when checking.
- """
-
- pass
-
def _constructResponse(self, request, entity, context, form, params):
"""Updates the context and returns a response for the specified arguments.
@@ -470,7 +464,7 @@
return helper.responses.respond(request, template, context)
- def checkAccess(self, access_type, request):
+ def checkAccess(self, access_type, request, rights=None):
"""Runs all the defined checks for the specified type
Args:
@@ -483,16 +477,19 @@
the response provided by the failed access check.
"""
+ rights = dicts.merge(rights, self._params['rights'])
+
# Call each access checker
- for check in self._rights['any_access']:
+ for check in rights['any_access']:
check(request)
- if access_type not in self._rights:
- # No checks defined, so do the 'generic check' and bail out
- self.checkUnspecified(access_type, request)
+ if access_type not in rights:
+ for check in rights['unspecified']:
+ # No checks defined, so do the 'generic check' and bail out
+ check(request, access_type)
return
- for check in self._rights[access_type]:
+ for check in rights[access_type]:
check(request)
def collectCleanedFields(self, form):
--- a/app/soc/views/models/document.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/document.py Thu Nov 20 15:41:14 2008 +0000
@@ -82,19 +82,17 @@
"""View methods for the Document model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
self._logic = soc.logic.models.document.logic
params = {}
- rights = {}
params['name'] = "Document"
params['name_short'] = "Document"
@@ -125,13 +123,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
def _editPost(self, request, entity, fields):
"""See base.View._editPost().
--- a/app/soc/views/models/home_settings.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/home_settings.py Thu Nov 20 15:41:14 2008 +0000
@@ -99,17 +99,15 @@
"""View methods for the Document model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
params = {}
- rights = {}
params['name'] = "Home Settings"
params['name_short'] = "Home Settings"
@@ -140,13 +138,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
self._logic = soc.logic.models.home_settings.logic
--- a/app/soc/views/models/host.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/host.py Thu Nov 20 15:41:14 2008 +0000
@@ -76,19 +76,17 @@
"""View methods for the Host model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
self._logic = soc.logic.models.host.logic
params = {}
- rights = {}
params['logic'] = soc.logic.models.host.logic
params['group_logic'] = soc.logic.models.sponsor.logic
@@ -125,13 +123,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- role.RoleView.__init__(self, original_rights=rights, original_params=params)
+ role.RoleView.__init__(self, original_params=params)
view = View()
--- a/app/soc/views/models/request.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/request.py Thu Nov 20 15:41:14 2008 +0000
@@ -88,19 +88,17 @@
"""View methods for the Docs model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
self._logic = soc.logic.models.request.logic
params = {}
- rights = {}
params['name'] = "Request"
params['name_short'] = "Request"
@@ -134,13 +132,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
def _editSeed(self, request, seed):
"""See base.View._editGet().
--- a/app/soc/views/models/role.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/role.py Thu Nov 20 15:41:14 2008 +0000
@@ -67,22 +67,17 @@
All views that only Role entities have are defined in this subclass.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""
Args:
- rights: This dictionary should be filled with the access check
- functions that should be called, it will be modified in-place.
- params: This dictionary should be filled with the parameters
+ original_params: This dictionary should be filled with the parameters
"""
params = {}
- rights = {}
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
def invite(self, request, page_name=None, params=None, **kwargs):
"""Displays the request promotion to Role page.
--- a/app/soc/views/models/site_settings.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/site_settings.py Thu Nov 20 15:41:14 2008 +0000
@@ -70,17 +70,15 @@
"""View methods for the Document model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
params = {}
- rights = {}
# add ugettext_lazy ?
params['name'] = "Site Settings"
@@ -106,9 +104,8 @@
params['sidebar_additional'] = [ ( '/' + params['url_name'] + '/edit', 'Edit Main Site Settings')]
params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
- home_settings.View.__init__(self, original_rights=rights, original_params=params)
+ home_settings.View.__init__(self, original_params=params)
self._logic = soc.logic.models.site_settings.logic
--- a/app/soc/views/models/sponsor.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/sponsor.py Thu Nov 20 15:41:14 2008 +0000
@@ -82,19 +82,17 @@
"""View methods for the Sponsor model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
self._logic = soc.logic.models.sponsor.logic
params = {}
- rights = {}
params['name'] = "Sponsor"
params['name_short'] = "Sponsor"
@@ -128,13 +126,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
-
params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
def _editPost(self, request, entity, fields):
"""See base.View._editPost().
--- a/app/soc/views/models/user.py Wed Nov 19 21:05:31 2008 +0000
+++ b/app/soc/views/models/user.py Thu Nov 20 15:41:14 2008 +0000
@@ -110,19 +110,17 @@
"""View methods for the User model.
"""
- def __init__(self, original_params=None, original_rights=None):
+ def __init__(self, original_params=None):
"""Defines the fields and methods required for the base View class
to provide the user with list, public, create, edit and delete views.
Params:
original_params: a dict with params for this View
- original_rights: a dict with right definitions for this View
"""
self._logic = soc.logic.models.user.logic
params = {}
- rights = {}
params['name'] = "User"
params['name_short'] = "User"
@@ -153,13 +151,9 @@
self.DEF_SUBMIT_MSG_PARAM_NAME: self.DEF_SUBMIT_MSG_PROFILE_SAVED,
}
- rights['list'] = [helper.access.checkIsDeveloper]
- rights['delete'] = [helper.access.checkIsDeveloper]
+ params = dicts.merge(original_params, params)
- params = dicts.merge(original_params, params)
- rights = dicts.merge(original_rights, rights)
-
- base.View.__init__(self, rights=rights, params=params)
+ base.View.__init__(self, params=params)
def editSelf(self, request, page_name=None, params=None, **kwargs):
"""Displays User self edit page for the entity specified by **kwargs.