Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Make it possible to invite another Host as Host
authorSverre Rabbelier <srabbelier@gmail.com>
Thu, 11 Dec 2008 20:54:22 +0000
changeset 720 9eb2522dfa83
parent 719 2e635755713a
child 721 6f1d29857072
Make it possible to invite another Host as Host We do this by asking Django to resolve the current url for us, then reshufle that url and ask Django (again) to resolve that new url. From that resolved url we know the appropriate view, and as such we know which rights dictioanry to pass to access.checkAccess. Patch by: Sverre Rabbelier
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions
app/soc/views/models/request.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Thu Dec 11 20:53:57 2008 +0000
+++ b/app/soc/views/helper/access.py	Thu Dec 11 20:54:22 2008 +0000
@@ -33,8 +33,10 @@
 from google.appengine.api import users
 
 from django.utils.translation import ugettext_lazy
+from django.core import urlresolvers
 
 from soc.logic import accounts
+from soc.logic import dicts
 from soc.logic.models import host as host_logic
 from soc.logic.models import user as user_logic
 from soc.logic.models import request as request_logic
@@ -233,7 +235,7 @@
   """
 
   try:
-    # if the current user is a developer we allow access
+    # if the current user is invited to create a host profile we allow access
     checkIsInvited(request)
     return
   except out_of_band.Error:
@@ -317,6 +319,48 @@
   raise out_of_band.LoginRequest(message_fmt=login_message_fmt)
 
 
+def checkCanInvite(request):
+  """Checks to see if the current user can create an invite
+
+  Note that if the current url is not in the default 'request' form
+  this method either deny()s or performs the wrong access check.
+
+  Args:
+    request: a Django HTTP request
+  """
+
+  try:
+    # if the current user is a developer we allow access
+    checkIsDeveloper(request)
+    return
+  except out_of_band.Error:
+    pass
+
+  # Mine the url for params
+  try:
+    callback, args, kwargs = urlresolvers.resolve(request.path)
+  except Exception:
+    deny(request)
+
+  # Construct a new url by reshufling the kwargs
+  order = ['role', 'access_type', 'scope_path', 'link_id']
+  url_params = dicts.unzip(kwargs, order)
+  url = '/'.join([''] + list(url_params))
+
+  # Mine the reshufled url
+  try:
+    callback, args, kwargs = urlresolvers.resolve(url)
+  except Exception:
+    deny(request)
+
+  # Get the everything we need for the access check
+  params = callback.im_self.getParams()
+  access_type = kwargs['access_type']
+
+  # Perform the access check
+  helper.access.checkAccess(access_type, request, rights=params['rights'])
+
+
 def checkIsDocumentPublic(request):
   """Checks whether a document is public.
 
--- a/app/soc/views/models/request.py	Thu Dec 11 20:53:57 2008 +0000
+++ b/app/soc/views/models/request.py	Thu Dec 11 20:54:22 2008 +0000
@@ -103,6 +103,7 @@
 
     rights = {}
     rights['listSelf'] = [access.checkIsUser]
+    rights['create'] = [access.checkCanInvite]
 
     new_params = {}
     new_params['rights'] = rights
py_tasks_melange