Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added 2 new access checks to deal with StudentProjects.
authorLennard de Rijk <ljvderijk@gmail.com>
Tue, 07 Apr 2009 08:41:58 +0000
changeset 2112 9a2c9354468c
parent 2111 dfe684de7f92
child 2113 edc9b84629a7
Added 2 new access checks to deal with StudentProjects. In preparation for the view updates regarding StudentProject. Patch by: Lennard de Rijk Reviewed by: to-be-reviewed
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Tue Apr 07 08:40:51 2009 +0000
+++ b/app/soc/views/helper/access.py	Tue Apr 07 08:41:58 2009 +0000
@@ -51,6 +51,7 @@
 from soc.logic.models.site import logic as site_logic
 from soc.logic.models.sponsor import logic as sponsor_logic
 from soc.logic.models.student import logic as student_logic
+from soc.logic.models.student_project import logic as student_project_logic
 from soc.logic.models.student_proposal import logic as student_proposal_logic
 from soc.logic.models.timeline import logic as timeline_logic
 from soc.logic.models.user import logic as user_logic
@@ -1373,6 +1374,51 @@
     return
 
   @allowDeveloper
+  def checkIsMyStudentProject(self, django_args):
+    """Checks whether the project belongs to the current user.
+
+    Args:
+      django_args: a dictionary with django's arguments
+
+     Raises:
+       AccessViolationResponse:
+         - If there is no project found
+         - If the project does not belong to the current user
+    """
+
+    self.checkIsUser()
+
+    project_entity = student_project_logic.getFromKeyFieldsOr404(django_args)
+
+    if project_entity.student.user.key() != self.user.key():
+      raise out_of_band.AccessViolation(
+          message_fmt=DEF_NOT_YOUR_ENTITY_MSG)
+
+    return
+
+  @allowDeveloper
+  def checkStudentProjectHasStatus(self, django_args, allowed_status):
+    """Checks whether the Project has one of the given statusses.
+
+    Args:
+      django_args: a dictionary with django's arguments
+      allowed_status: list with the allowed statusses for the entity
+
+     Raises:
+       AccessViolationResponse:
+         - If there is no project found
+         - If the project is not in the requested status
+    """
+
+    project_entity = student_project_logic.getFromKeyFieldsOr404(django_args)
+
+    if not project_entity.status in allowed_status:
+      raise out_of_band.AccessViolation(
+          message_fmt=DEF_NO_ACTIVE_ENTITY_MSG)
+
+    return
+
+  @allowDeveloper
   def checkIsMyEntity(self, django_args, logic,
                       field_name='user', user=False):
     """Checks whether the entity belongs to the user.
py_tasks_melange