Properly check if a program is active
Also cleaned up checkIsHost, which got merge-mangled when refactoring
the access module.
Patch by: Sverre Rabbelier
--- a/app/soc/views/helper/access.py Thu Jan 29 23:04:12 2009 +0000
+++ b/app/soc/views/helper/access.py Thu Jan 29 23:05:37 2009 +0000
@@ -46,6 +46,7 @@
from soc.logic.models.role import logic as role_logic
from soc.logic.models.site import logic as site_logic
from soc.logic.models.user import logic as user_logic
+from soc.logic.models.program import logic as program_logic
from soc.views import helper
from soc.views import out_of_band
from soc.views.helper import redirects
@@ -567,25 +568,18 @@
self.checkIsUser(django_args)
- user = user_logic.getForCurrentAccount()
+ scope_path = None
- if django_args.get('scope_path'):
+ if 'scope_path' in django_args:
scope_path = django_args['scope_path']
- else:
+ if 'link_id' in django_args:
scope_path = django_args['link_id']
- fields = {'user': user,
- 'scope_path': scope_path,
+ fields = {'user': self.user,
'state': 'active'}
- host = host_logic.getForFields(fields, unique=True)
-
- self.checkIsUser(django_args)
-
- user = user_logic.getForCurrentAccount()
-
- fields = {'user': user,
- 'state': 'active'}
+ if scope_path:
+ fields['scope_path'] = scope_path
host = host_logic.getForFields(fields, unique=True)
@@ -597,6 +591,21 @@
raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
+ @denySidebar
+ @allowDeveloper
+ def checkIsHostForProgram(self, django_args):
+ """Checks if the user is a host for the specified program.
+ """
+
+ key_fields = program_logic.getKeyFieldsFromDict(django_args)
+ program = program_logic.getFromFields(**key_fields)
+
+ if not program:
+ self.deny(django_args)
+
+ new_args = { 'scope_path': program.scope_path }
+ self.checkIsHost(new_args)
+
@allowDeveloper
def checkIsHostForSponsor(self, django_args):
"""Raises an alternate HTTP response if Google Account has no Host entity
@@ -880,3 +889,29 @@
# TODO(srabbelier): A proper check needs to be done to see if the document
# is public or not, probably involving analysing it's scope or such.
self.allow(django_args)
+
+ @allowIfCheckPasses('checkIsHost')
+ def checkIsProgramActive(self, django_args):
+ """Checks whether a program is active
+ """
+
+ if 'entity' in django_args:
+ program = django_args['entity']
+ else:
+ key_fields = program_logic.getKeyFieldsFromDict(django_args)
+ program = program_logic.getFromFields(**key_fields)
+
+ if not program:
+ self.deny(django_args)
+
+ if program.is_enabled:
+ return
+
+ context = django_args.get('context', {})
+ context['title'] = 'Access denied'
+
+ message_fmt = DEF_DEV_LOGOUT_LOGIN_MSG_FMT % {
+ 'role': ugettext('a Program Administrator')}
+
+ raise out_of_band.AccessViolation(DEF_DEV_LOGOUT_LOGIN_MSG_FMT,
+ context=context)
--- a/app/soc/views/models/program.py Thu Jan 29 23:04:12 2009 +0000
+++ b/app/soc/views/models/program.py Thu Jan 29 23:05:37 2009 +0000
@@ -56,6 +56,9 @@
rights = access.Checker(params)
rights['any_access'] = ['allow']
rights['show'] = ['allow']
+ rights['create'] = ['checkIsHost']
+ rights['edit'] = ['checkIsHostForProgram']
+ rights['delete'] = ['checkIsHostForProgram']
new_params = {}
new_params['logic'] = soc.logic.models.program.logic
@@ -143,9 +146,9 @@
filter_args = {}
for entity in entities:
- filter_args['scope_path'] = entity.key().name()
+ filter_args['entity'] = entity
try:
- rights.doCheck('checkIsHost', filter_args, [])
+ rights.doCheck('checkIsProgramActive', filter_args, [])
except out_of_band.Error:
continue