def check(self, app, environ, start_response):
if not environ.get('REMOTE_USER'):
set_redirect()
raise NotAuthenticatedError('Not Authenticated')
person = Person.find_by_email(environ['REMOTE_USER'])
if person is None:
environ['auth_failure'] = 'NO_USER'
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.'
)
registration = Registration.find_by_id(self.registration_id)
if registration is None:
raise NotAuthorizedError(
"Registration doesn't exist"
)
if person.id <> registration.person_id:
set_role("Registration is not for this user");
raise NotAuthorizedError(
"Registration is not for this user"
)
return app(environ, start_response)
def check(self, app, environ, start_response):
if not environ.get('REMOTE_USER'):
raise NotAuthenticatedError('Not Authenticated')
person = Person.find_by_email(environ['REMOTE_USER'])
if person is None:
environ['auth_failure'] = 'NO_USER'
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.'
)
funding = Funding.find_by_id(self.funding_id)
if funding is None:
raise NotAuthorizedError(
"Funding Request doesn't exist"
)
if person != funding.person:
set_role("User doesn't have any of the specified roles")
raise NotAuthorizedError(
"User doesn't have any of the specified roles"
)
return app(environ, start_response)
def check(self, app, environ, start_response):
if not environ.get('REMOTE_USER'):
set_redirect()
raise NotAuthenticatedError('Not Authenticated')
person = Person.find_by_email(environ['REMOTE_USER'])
if person is None:
environ['auth_failure'] = 'NO_USER'
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.'
)
proposal = Proposal.find_by_id(self.proposal_id)
if proposal is None:
raise NotAuthorizedError(
"Proposal doesn't exist"
)
if person not in proposal.people:
set_role("User doesn't have any of the specified roles")
raise NotAuthorizedError(
"User doesn't have any of the specified roles"
)
return app(environ, start_response)
def check(self, app, environ, start_response):
"""
Should return True if the user has the role or
False if the user doesn't exist or doesn't have the role.
In this implementation role names are case insensitive.
"""
if not environ.get('REMOTE_USER'):
if self.error:
raise self.error
set_redirect()
raise NotAuthenticatedError('Not authenticated')
for role in self.roles:
if not self.role_exists(role):
raise Exception("No such role %r exists" % role)
person = Person.find_by_email(environ['REMOTE_USER'])
if person is None:
raise users.AuthKitNoSuchUserError("No such user %r" %
environ['REMOTE_USER'])
if not person.activated:
#set_role('User account must be activated')
raise NotAuthorizedError("User account must be activated")
if self.all:
for role in self.roles:
if not self.user_has_role(person, role):
if self.error:
raise self.error
else:
set_role("User doesn't have the role %s" %
role.lower())
raise NotAuthorizedError(
"User doesn't have the role %s" % role.lower())
return app(environ, start_response)
else:
for role in self.roles:
if self.user_has_role(person, role):
return app(environ, start_response)
if self.error:
raise self.error
else:
set_role("User doesn't have any of the specified roles")
raise NotAuthorizedError(
"User doesn't have any of the specified roles")
def check(self, app, environ, start_response):
url = request.path
fields = dict(request.GET)
if fields.has_key('hash'):
dburl = URLHash.find_by_hash(fields['hash']).url
if dburl is not None:
if url.startswith(dburl):
return app(environ, start_response)
raise NotAuthorizedError("You are not authorised to view this page")
def check(self, app, environ, start_response):
for permission in self.permissions:
try:
permission.check(app, environ, start_response)
return app(environ, start_response)
except (NotAuthenticatedError, NotAuthorizedError):
pass
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.')
def check(self, app, environ, start_response):
"""
Should return True if the user has the role or
False if the user doesn't exist or doesn't have the role.
In this implementation role names are case insensitive.
"""
if not environ.get('REMOTE_USER'):
if self.error:
raise self.error
set_redirect()
raise NotAuthenticatedError('Not authenticated')
for role in self.roles:
if not self.role_exists(role):
raise Exception("No such role %r exists"%role)
if self.all:
for role in self.roles:
if not self.user_has_role(environ['REMOTE_USER'], role):
if self.error:
raise self.error
else:
set_role("User doesn't have the role %s"%role.lower())
raise NotAuthorizedError(
"User doesn't have the role %s"%role.lower()
)
return app(environ, start_response)
else:
for role in self.roles:
if self.user_has_role(environ['REMOTE_USER'], role):
return app(environ, start_response)
if self.error:
raise self.error
else:
set_role("User doesn't have any of the specified roles")
raise NotAuthorizedError(
"User doesn't have any of the specified roles"
)
def check(self, app, environ, start_response):
if not environ.get('REMOTE_USER'):
set_redirect()
raise NotAuthenticatedError('Not Authenticated')
person = Person.find_by_email(environ['REMOTE_USER'])
if Person is None:
environ['auth_failure'] = 'NO_USER'
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.'
)
return app(environ, start_response)
def check(self, app, environ, start_response):
if not environ.get('REMOTE_USER'):
set_redirect()
raise NotAuthenticatedError('Not Authenticated')
person = Person.find_by_email(environ['REMOTE_USER'])
if person is None:
set_redirect()
environ['auth_failure'] = 'NO_USER'
raise NotAuthorizedError(
'You are not one of the users allowed to access this resource.'
)
if not person.activated:
set_redirect()
if 'is_active' in dir(meta.Session):
meta.Session.flush()
meta.Session.close()
redirect(url(controller="person", action="activate"))
return app(environ, start_response)
def no_role():
set_role("User doesn't have any of the specified roles")
raise NotAuthorizedError("User doesn't have any of the specified roles")
