Ejemplo n.º 1
    def can_unlock(self, item, user_id):
        Function checks whether user can unlock the item or not.
        can_user_edit, error_message = superdesk.get_resource_service('archive').can_edit(item, user_id)

        if can_user_edit:
            if not (str(item.get(LOCK_USER, '')) == str(user_id) or
                    (current_user_has_privilege('archive') and current_user_has_privilege('unlock'))):
                return False, 'You don\'t have permissions to unlock an item.'
            return False, error_message

        return True, ''
Ejemplo n.º 2
 def check_post_permission(self, post):
     to_be_checked = (
         dict(status='open', privilege_required='publish_post'),
         dict(status='submit_for_aprobation', privilege_required='submit_post')
     for rule in to_be_checked:
         if 'post_status' in post and post['post_status'] == rule['status']:
             if not current_user_has_privilege(rule['privilege_required']):
                 raise SuperdeskApiError.forbiddenError(
                     message='User does not have sufficient permissions.')
Ejemplo n.º 3
    def can_edit(self, item, user_id):
        Determines if the user can edit the item or not.
        # TODO: modify this function when read only permissions for stages are implemented
        # TODO: and Content state related checking.

        if not current_user_has_privilege('archive'):
            return False, 'User does not have sufficient permissions.'

        item_location = item.get('task')

        if item_location:
            if item_location.get('desk'):
                if not superdesk.get_resource_service('user_desks').is_member(user_id, item_location.get('desk')):
                    return False, 'User is not a member of the desk.'
            elif item_location.get('user'):
                if not str(item_location.get('user')) == str(user_id):
                    return False, 'Item belongs to another user.'

        return True, ''