def get_participant(state, restrict=True, redirect_stub=True, allow_member=False, block_suspended_user=False, redirect_canon=True): """Given a Request, raise Response or return Participant. If restrict is True then we'll restrict access to owners and admins. """ request = state['request'] response = state['response'] user = state['user'] slug = request.path['username'] _ = state['_'] if restrict and user.ANON: raise LoginRequired if slug.startswith('~'): try: value = int(slug[1:]) except ValueError: raise response.error(404) participant = user if user and user.id == value else None elif slug: value = slug.lower() participant = user if user and user.username.lower() == value else None else: raise response.error(404) if participant is None: if type(value) is int: participant = website.db.Participant.from_id(value, _raise=False) else: participant = website.db.Participant.from_username(value) if participant is None: if type(value) is str: look_up_redirections(request, response) raise response.error(404) elif participant.kind == 'community': c_name = website.db.one( """ SELECT name FROM communities WHERE participant = %s """, (participant.id, )) raise response.redirect('/for/%s' % c_name) if redirect_canon and request.method in SAFE_METHODS: if slug != participant.username: canon = '/' + participant.username + request.line.uri.decoded[ len(slug) + 1:] raise response.redirect(canon) status = participant.status if status == 'closed': if not user.is_admin: raise ClosedAccount(participant) elif status == 'stub': if redirect_stub: to = participant.resolve_stub() if not to: # Account has been taken over raise response.error(404) raise response.redirect(to) if restrict: if participant != user: if allow_member and participant.kind == 'group' and user.member_of( participant): pass elif user.is_admin: log_admin_request(user, participant, request) else: raise response.error( 403, _("You are not authorized to access this page.")) if block_suspended_user and participant.is_suspended and participant == user: raise AccountSuspended() if allow_member and (user == participant or participant.kind == 'group' and user.member_of(participant)): state['can_switch_account'] = True return participant
def get_participant( state, restrict=True, allow_member=False, redirect_canon=True, redirect_stub=True, ): """Get a participant from the ID or username in the request path. Args: restrict (bool): the page is private, restrict access to it allow_member (bool): allow members of a team to access this page redirect_canon (bool): allow redirecting the request to the canonical URL redirect_stub (bool): allow redirecting the request to the pledge page Returns a `Participant` or raises a `Response`. """ request = state['request'] response = state['response'] user = state['user'] slug = request.path['username'] _ = state['_'] if restrict and user.ANON: raise LoginRequired if slug.startswith('~'): try: value = int(slug[1:]) except ValueError: raise response.error(404) participant = user if user and user.id == value else None elif slug: value = slug.lower() participant = user if user and user.username.lower() == value else None else: raise response.error(404) if participant is None: if type(value) is int: participant = website.db.Participant.from_id(value, _raise=False) else: participant = website.db.Participant.from_username(value) if participant is None: if type(value) is str: look_up_redirections(request, response) raise response.error(404) elif participant.kind == 'community': c_name = website.db.one( """ SELECT name FROM communities WHERE participant = %s """, (participant.id, )) raise response.redirect('/for/%s' % c_name) if request.method in SAFE_METHODS: if redirect_canon and slug != participant.username: canon = '/' + participant.username + request.line.uri.decoded[ len(slug) + 1:] raise response.redirect(canon) else: if restrict: user.require_write_permission() is_spam = participant.marked_as == 'spam' if (restrict or is_spam) and participant != user: if allow_member and participant.kind == 'group' and user.member_of( participant): pass elif user.is_acting_as('admin'): log_admin_request(user, participant, request) elif restrict: raise response.error( 403, _("You are not authorized to access this page.")) elif is_spam: raise response.render('simplates/spam-profile.spt', state) status = participant.status if status == 'closed': if not user.is_acting_as('admin'): raise ClosedAccount(participant) elif status == 'stub': if redirect_stub: to = participant.resolve_stub() if not to: # Account has been taken over raise response.error(404) raise response.redirect(to) if allow_member and (user == participant or participant.kind == 'group' and user.member_of(participant)): state['can_switch_account'] = True return participant