--- a/app/soc/views/helper/access.py Fri Feb 13 21:53:42 2009 +0000
+++ b/app/soc/views/helper/access.py Fri Feb 13 21:54:10 2009 +0000
@@ -114,6 +114,9 @@
DEF_PAGE_DENIED_MSG = ugettext(
'Access to this page has been restricted')
+DEF_PREFIX_NOT_IN_ARGS_MSG = ugettext(
+ 'A required GET url argument ("prefix") was not specified')
+
DEF_PAGE_INACTIVE_MSG = ugettext(
'This page is inactive at this time')
@@ -938,6 +941,35 @@
self.checkMembership('write', document.prefix,
document.write_access, django_args)
+ @allowDeveloper
+ def checkDocumentPick(self, django_args):
+ """Checks whether the user has access to the specified pick url.
+
+ Will update the 'read_access' field of django_args['GET'].
+ """
+
+ get_args = django_args['GET']
+
+ # make mutable in order to inject the proper read_access filter
+ mutable = get_args._mutable
+ get_args._mutable = True
+
+ if 'prefix' not in get_args:
+ raise out_of_band.AccessViolation(message_fmt=DEF_PREFIX_NOT_IN_ARGS_MSG)
+
+ prefix = get_args['prefix']
+
+ checker = rights_logic.Checker(prefix)
+ memberships = checker.getMemberships()
+
+ roles = []
+ for key, value in memberships.iteritems():
+ if self.hasMembership(value, django_args):
+ roles.append(key)
+
+ get_args.setlist('read_access', roles)
+ get_args._mutable = mutable
+
def checkCanEditTimeline(self, django_args):
"""Checks whether this program's timeline may be edited.
"""
--- a/app/soc/views/models/document.py Fri Feb 13 21:53:42 2009 +0000
+++ b/app/soc/views/models/document.py Fri Feb 13 21:54:10 2009 +0000
@@ -65,6 +65,7 @@
rights['create'] = ['checkIsUser']
rights['edit'] = ['checkIsDocumentWritable']
rights['delete'] = ['checkIsDocumentWritable']
+ rights['pick'] = ['checkDocumentPick']
new_params = {}
new_params['logic'] = document_logic