Add explicit access_types from the url
authorSverre Rabbelier <srabbelier@gmail.com>
Sun, 07 Dec 2008 19:02:41 +0000
changeset 710 edb5dbb1dea7
parent 709 e71b20847eb0
child 711 4bfb1a2d5bfe
Add explicit access_types from the url This does two things, it reduces the amount of repeated data (e.g., the checkAccess used to repeat the access_type that was already specified in the url). At the same time, it allows for example the 'create' page to push its access_type to 'edit'. Patch by: Sverre Rabbelier
app/soc/views/helper/params.py
app/soc/views/models/base.py
app/soc/views/models/document.py
app/soc/views/models/host.py
app/soc/views/models/presence.py
app/soc/views/models/request.py
app/soc/views/models/role.py
app/soc/views/models/site.py
app/soc/views/models/user_self.py
--- a/app/soc/views/helper/params.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/helper/params.py	Sun Dec 07 19:02:41 2008 +0000
@@ -71,7 +71,7 @@
   rights = {}
   rights['unspecified'] = []
   rights['any_access'] = [access.checkIsLoggedIn]
-  rights['public'] = [access.checkIsUser]
+  rights['show'] = [access.checkIsUser]
   rights['create'] = [access.checkIsDeveloper]
   rights['edit'] = [access.checkIsDeveloper]
   rights['delete'] = [access.checkIsDeveloper]
@@ -106,19 +106,19 @@
   new_params['django_patterns'] = None
   new_params['extra_django_patterns'] = []
   new_params['django_patterns_defaults'] = [
-      (r'^%(url_name)s/show/%(key_fields)s$',
+      (r'^%(url_name)s/(?P<access_type>show)/%(key_fields)s$',
           'soc.views.models.%(module_name)s.public', 'Show %(name_short)s'),
-      (r'^%(url_name)s/create$',
+      (r'^%(url_name)s/(?P<access_type>create)$',
           'soc.views.models.%(module_name)s.create', 'Create %(name_short)s'),
-      (r'^%(url_name)s/create/%(key_fields)s$',
+      (r'^%(url_name)s/(?P<access_type>create)/%(key_fields)s$',
           'soc.views.models.%(module_name)s.create', 'Create %(name_short)s'),
-      (r'^%(url_name)s/create/%(scope)s$',
+      (r'^%(url_name)s/(?P<access_type>create)/%(scope)s$',
           'soc.views.models.%(module_name)s.create', 'Create %(name_short)s'),
-      (r'^%(url_name)s/delete/%(key_fields)s$',
+      (r'^%(url_name)s/(?P<access_type>delete)/%(key_fields)s$',
           'soc.views.models.%(module_name)s.delete', 'Delete %(name_short)s'),
-      (r'^%(url_name)s/edit/%(key_fields)s$',
+      (r'^%(url_name)s/(?P<access_type>edit)/%(key_fields)s$',
           'soc.views.models.%(module_name)s.edit', 'Edit %(name_short)s'),
-      (r'^%(url_name)s/list$',
+      (r'^%(url_name)s/(?P<access_type>list)$',
           'soc.views.models.%(module_name)s.list', 'List %(name_plural)s'),
       ]
 
--- a/app/soc/views/models/base.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/base.py	Sun Dec 07 19:02:41 2008 +0000
@@ -71,7 +71,8 @@
     self._logic = params['logic']
 
 
-  def public(self, request, page_name=None, params=None, **kwargs):
+  def public(self, request, access_type,
+             page_name=None, params=None, **kwargs):
     """Displays the public page for the entity specified by **kwargs.
 
     Params usage:
@@ -97,7 +98,7 @@
     params = dicts.merge(params, self._params)
 
     try:
-      access.checkAccess('public', request, rights=params['rights'])
+      access.checkAccess(access_type, request, rights=params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
@@ -126,7 +127,8 @@
 
     return helper.responses.respond(request, template, context)
 
-  def create(self, request, page_name=None, params=None, **kwargs):
+  def create(self, request, access_type,
+             page_name=None, params=None, **kwargs):
     """Displays the create page for this entity type.
 
     Params usage:
@@ -156,10 +158,11 @@
     for field in fields:
       empty_kwargs[field] = None
 
-    return self.edit(request, page_name=page_name,
+    return self.edit(request, access_type, page_name=page_name,
                      params=params, seed=kwargs, **empty_kwargs)
 
-  def edit(self, request, page_name=None, params=None, seed=None, **kwargs):
+  def edit(self, request, access_type,
+           page_name=None, params=None, seed=None, **kwargs):
     """Displays the edit page for the entity specified by **kwargs.
 
     Params usage:
@@ -190,7 +193,7 @@
     params = dicts.merge(params, self._params)
 
     try:
-      access.checkAccess('edit', request, rights=params['rights'])
+      access.checkAccess(access_type, request, rights=params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
@@ -342,7 +345,8 @@
 
     return self._constructResponse(request, entity, context, form, params)
 
-  def list(self, request, page_name=None, params=None, filter=None):
+  def list(self, request, access_type,
+           page_name=None, params=None, filter=None):
     """Displays the list page for the entity type.
     
     Args:
@@ -366,7 +370,7 @@
     params = dicts.merge(params, self._params)
 
     try:
-      access.checkAccess('list', request, rights=params['rights'])
+      access.checkAccess(access_type, request, rights=params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
@@ -405,7 +409,8 @@
 
     return helper.responses.respond(request, template, context)
 
-  def delete(self, request, page_name=None, params=None, **kwargs):
+  def delete(self, request, access_type,
+             page_name=None, params=None, **kwargs):
     """Shows the delete page for the entity specified by **kwargs.
 
     Args:
@@ -430,7 +435,7 @@
     params = dicts.merge(params, self._params)
 
     try:
-      access.checkAccess('delete', request, rights=params['rights'])
+      access.checkAccess(access_type, request, rights=params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
--- a/app/soc/views/models/document.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/document.py	Sun Dec 07 19:02:41 2008 +0000
@@ -163,13 +163,13 @@
     submenus = []
 
     # add a link to the home page
-    submenu = (redirects.getPublicRedirect(entity, params), "Home", 'public')
+    submenu = (redirects.getPublicRedirect(entity, params), "Home", 'show')
     submenus.append(submenu)
 
     # add a link to all featured documents
     for entity in entities:
       submenu = (redirects.getPublicRedirect(entity, self._params),
-                 entity.short_name, 'public')
+                 entity.short_name, 'show')
       submenus.append(submenu)
 
     return submenus
--- a/app/soc/views/models/host.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/host.py	Sun Dec 07 19:02:41 2008 +0000
@@ -86,7 +86,8 @@
     """
 
     rights = {}
-    rights['edit'] = [access.checkIsInvited]
+    rights['create'] = [access.checkIsHost]
+    rights['edit'] = [access.checkIsHost]
 
     new_params = {}
     new_params['rights'] = rights
--- a/app/soc/views/models/presence.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/presence.py	Sun Dec 07 19:02:41 2008 +0000
@@ -31,6 +31,7 @@
 from soc.logic import validate
 from soc.logic.models import document as document_logic
 from soc.views import helper
+from soc.views.helper import access
 from soc.views.models import base
 
 import soc.models.presence
@@ -105,8 +106,13 @@
       params: a dict with params for this View
     """
 
+    rights = {}
+    rights['any_access'] = [access.allow]
+    rights['show'] = [access.allow]
+
     new_params = {}
     new_params['logic'] = soc.logic.models.presence.logic
+    new_params['rights'] = rights
 
     new_params['name'] = "Home Settings"
     new_params['name_short'] = "Home Settings"
@@ -125,7 +131,7 @@
     super(View, self).__init__(params=params)
 
   def _public(self, request, entity, context):
-    """
+    """See base.View._public().
     """
 
     if not entity:
--- a/app/soc/views/models/request.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/request.py	Sun Dec 07 19:02:41 2008 +0000
@@ -126,7 +126,8 @@
     super(View, self).__init__(params=params)
     
     
-  def listSelf(self, request, page_name=None, params=None, **kwargs):
+  def listSelf(self, request, access_type,
+               page_name=None, params=None, **kwargs):
     """Displays the unhandled requests for this user.
 
     Args:
@@ -140,7 +141,7 @@
     params['logic'] = self._logic
 
     try:
-      access.checkAccess('listSelf', request, params['rights'])
+      access.checkAccess(access_type, request, params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
--- a/app/soc/views/models/role.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/role.py	Sun Dec 07 19:02:41 2008 +0000
@@ -82,7 +82,7 @@
 
     new_params = {}
 
-    patterns = [(r'^%(url_name)s/invite/%(lnp)s$',
+    patterns = [(r'^%(url_name)s/(?P<access_type>invite)/%(lnp)s$',
         'soc.views.models.%(module_name)s.invite',
         'Invite %(name_short)s')]
 
@@ -93,7 +93,8 @@
 
     super(View, self).__init__(params=params)
 
-  def invite(self, request, page_name=None, params=None, **kwargs):
+  def invite(self, request, access_type,
+             page_name=None, params=None, **kwargs):
     """Displays the request promotion to Role page.
     """
 
@@ -112,7 +113,7 @@
     params = dicts.merge(new_params, user_view.view._params)
 
     try:
-      access.checkAccess('invite', request, rights=params['rights'])
+      access.checkAccess(access_type, request, rights=params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request)
 
--- a/app/soc/views/models/site.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/site.py	Sun Dec 07 19:02:41 2008 +0000
@@ -72,7 +72,7 @@
     rights = {}
     rights['unspecified'] = [access.checkIsDeveloper]
     rights['any_access'] = [access.allow]
-    rights['public'] = [access.allow]
+    rights['show'] = [access.allow]
 
     new_params = {}
     new_params['logic'] = soc.logic.models.site.logic
@@ -101,7 +101,7 @@
                   page_name)]
 
     page_name = "Edit Site"
-    patterns += [(r'^%(url_name)s/edit$',
+    patterns += [(r'^%(url_name)s/(?P<access_type>edit)$',
                   'soc.views.models.%(module_name)s.main_edit',
                   page_name)]
 
@@ -146,7 +146,7 @@
     values = self._logic.getKeyValues(None)
     key_values = dicts.zip(keys, values)
 
-    return self.public(request, page_name, **key_values)
+    return self.public(request, "show", page_name, **key_values)
 
   def mainEdit(self, request, page_name=None, **kwargs):
     """Displays the edit page for the main site settings page.
--- a/app/soc/views/models/user_self.py	Sun Dec 07 19:02:02 2008 +0000
+++ b/app/soc/views/models/user_self.py	Sun Dec 07 19:02:41 2008 +0000
@@ -97,7 +97,7 @@
     rights = {}
     rights['unspecified'] = [access.deny]
     rights['any_access'] = [access.allow]
-    rights['editSelf'] = [access.checkIsLoggedIn]
+    rights['edit'] = [access.checkIsLoggedIn]
     rights['roles'] = [access.checkIsUser]
     rights['signIn'] = [access.checkNotLoggedIn]
 
@@ -114,18 +114,18 @@
     new_params['sidebar_heading'] = 'User (self)'
     new_params['sidebar'] = [
         (users.create_login_url("user/edit"), 'Sign In', 'signIn'),
-        ('/' + new_params['url_name'] + '/edit', 'Profile', 'editSelf'),
+        ('/' + new_params['url_name'] + '/edit', 'Profile', 'edit'),
         ('/' + new_params['url_name'] + '/roles', 'Roles', 'roles'),
         ]
 
     patterns = []
 
     page_name = "Profile"
-    patterns += [(r'^%(url_name)s/edit$',
+    patterns += [(r'^%(url_name)s/(?P<access_type>edit)$',
                   'soc.views.models.%(module_name)s.edit', page_name)]
 
     page_name = "Requests Overview"
-    patterns += [(r'^%(url_name)s/roles$',
+    patterns += [(r'^%(url_name)s/(?P<access_type>roles)$',
                    'soc.views.models.request.list_self', page_name)]
 
     new_params['django_patterns_defaults'] = patterns
@@ -136,7 +136,8 @@
 
   EDIT_SELF_TMPL = 'soc/user/edit_self.html'
 
-  def edit(self, request, page_name=None, params=None, seed=None, **kwargs):
+  def edit(self, request, access_type,
+           page_name=None, params=None, seed=None, **kwargs):
     """Displays User self edit page for the entity specified by **kwargs.
 
     Args:
@@ -153,7 +154,7 @@
     params = dicts.merge(params, self._params)
 
     try:
-      access.checkAccess('editSelf', request, params['rights'])
+      access.checkAccess(access_type, request, params['rights'])
     except out_of_band.Error, error:
       return helper.responses.errorResponse(error, request, 
           template=self.EDIT_SELF_TMPL)