/
decorators.py
124 lines (96 loc) · 4.32 KB
/
decorators.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
__author__ = 'feiyicheng'
from rest_framework.authtoken.models import Token
from django.contrib.auth.models import User, AnonymousUser
from django.shortcuts import HttpResponse
from django.http import QueryDict
from projects.models import Project
from django.core.exceptions import ObjectDoesNotExist
def logged_in(func):
"""a decorator that ensures that the user is logged in
@param func: a method that requires the user to be logged in.
"""
def wrap(request, *args, **kwargs):
try:
if isinstance(request.user, AnonymousUser):
# user not logged in
return HttpResponse("{'status':'error','reason':'this operation need the user to be logged in'}")
elif isinstance(request.user, User):
# user already logged in
return func(request, *args, **kwargs)
else:
raise TypeError('user type should be either User or AnonymousUser')
except AttributeError:
raise AttributeError('request does not has attribute user')
wrap.__doc__ = func.__doc__
wrap.__name__ = func.__name__
return wrap
def project_verified(func):
""" a decorator that identify the project
the request body should be in JSON format with a key names "pid", and this decorator
will verify the project with pid with the user logged in.If "pid" is not provided or
the project pid represents do not match the logged-in user, it will return Error with
some error information
@param func: a method tha needs to verify the user's group
"""
def wrap(request, *args, **kwargs):
data = QueryDict(request.body)
if 'pid' not in data.keys():
return func(request, *args, **kwargs)
else:
try:
prj = Project.objects.get(pk=data['pid'])
except ObjectDoesNotExist:
return HttpResponse("{'status':'error', 'reason':'cannot find a project matching given pid'}")
else:
if request.user == prj.author or request.user in prj.collaborators:
return func(request, *args, **kwargs)
else:
return HttpResponse("{'status':'error', 'reason':'the project cannot match the user logged in'}")
wrap.__doc__ = func.__doc__
wrap.__name__ = func.__name__
return wrap
def logged_in_exclude_get(func):
""" verify user logged in except the request user the GET method
almost the same as logged_in(func)
"""
def wrap(request, *args, **kwargs):
try:
if isinstance(request.user, AnonymousUser):
# user not logged in
if request.method == 'GET':
return func(request, *args, **kwargs)
else:
return HttpResponse("{'status':'error','reason':'this operation need the user to be logged in'}")
elif isinstance(request.user, User):
# user already logged in
return func(request, *args, **kwargs)
else:
raise TypeError('user type should be either User or AnonymousUser')
except AttributeError:
raise AttributeError('request does not has attribute user')
wrap.__doc__ = func.__doc__
wrap.__name__ = func.__name__
return wrap
def project_verified_exclude_get(func):
""" verify user logged in with the project except the request user the GET method
almost the same as project_verified(func)
"""
def wrap(request, *args, **kwargs):
if request.method == 'GET':
return func(request, *args, **kwargs)
data = QueryDict(request.body)
if 'pid' not in data.keys():
return func(request, *args, **kwargs)
else:
try:
prj = Project.objects.get(pk=data['pid'])
except ObjectDoesNotExist:
return HttpResponse("{'status':'error', 'reason':'cannot find a project matching given pid'}")
else:
if request.user == prj.author or request.user in prj.collaborators:
return func(request, *args, **kwargs)
else:
return HttpResponse("{'status':'error', 'reason':'the project cannot match the user logged in'}")
wrap.__doc__ = func.__doc__
wrap.__name__ = func.__name__
return wrap