Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added checkIsMyActiveRole check to the access module.
authorLennard de Rijk <ljvderijk@gmail.com>
Mon, 14 Sep 2009 19:58:10 +0200
changeset 2918 d24b80677879
parent 2917 b9f600436e89
child 2919 cb677410c0f1
Added checkIsMyActiveRole check to the access module.
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Mon Sep 14 18:52:57 2009 +0200
+++ b/app/soc/views/helper/access.py	Mon Sep 14 19:58:10 2009 +0200
@@ -1511,6 +1511,29 @@
     raise out_of_band.AccessViolation(message_fmt=DEF_NOT_YOUR_ENTITY_MSG)
 
   @allowDeveloper
+  def checkIsMyActiveRole(self, django_args, role_logic):
+    """Checks whether the current user has the active role given by django_args.
+
+    Args:
+      django_args: a dictionary with django's arguments
+      logic: the logic that should be used to fetch the role
+    """
+
+    self.checkIsUser(django_args)
+
+    entity = role_logic.getFromKeyFieldsOr404(django_args)
+
+    if entity.user.key() != self.user.key() or (
+        entity.link_id != self.user.link_id):
+      raise out_of_band.AccessViolation(message_fmt=DEF_NOT_YOUR_ENTITY_MSG)
+
+    if entity.status != 'active':
+      raise out_of_band.AccessViolation(message_fmt=DEF_NO_ACTIVE_ROLE_MSG)
+
+    # this role belongs to the current user and is active
+    return
+
+  @allowDeveloper
   @denySidebar
   def checkIsAllowedToManageRole(self, django_args, logic_for_role, 
       manage_role_logic):
py_tasks_melange