def test_is_member_of_group(self):
self.assertEquals(is_member_of_group(self.request, 'u_test_group'),
True)
self.assertEquals(is_member_of_group(self.request, 'u_test_nope'),
False)
self.assertEquals(is_member_of_group(self.request, ''), False)
self.assertEquals(is_member_of_group(self.request, None), False)
def can_override_user(request):
"""
Return True if the original user has impersonate permission
"""
return is_member_of_group(request,
getattr(settings, "PROVISION_ADMIN_GROUP",
'u_acadev_provision_support'))
def can_override_user(request):
"""
Return True if the original user has impersonate permission
"""
return is_member_of_group(
request,
getattr(settings, "SCHEDULED_JOB_ADMIN_GROUP",
'u_acadev_scheduled-job-support'))
def wrapper(request, *args, **kwargs):
try:
oauth_request = get_oauth_request(request)
if (oauth_request is None):
raise ValueError('No Oauth Request')
consumer = store.get_consumer(
request, oauth_request, oauth_request['oauth_consumer_key'])
verify_oauth_request(request, oauth_request, consumer)
request.META['OAUTH_CONSUMER_NAME'] = consumer.name
request.META['OAUTH_CONSUMER_PK'] = consumer.pk
return func(request, *args, **kwargs)
except ValueError as e:
if is_member_of_group(request, settings.NAGIOS_ADMIN_GROUP):
return func(request, *args, **kwargs)
return HttpResponse("Access Denied", status_code=401)
except (InvalidConsumerError, InvalidTokenError) as e:
return HttpResponse("Access Denied", status_code=401)
def test_is_member_of_group_without_saml(self):
del self.request.session['samlUserdata']
self.assertEquals(is_member_of_group(self.request, 'u_test_group'),
False)
def can_view_source_data(request, service=None, url=None):
return is_member_of_group(request, settings.RESTCLIENTS_ADMIN_GROUP)
def can_override_user(request):
return is_member_of_group(request, settings.GRADEPAGE_SUPPORT_GROUP)
def has_delete_permission(self, request, obj=None):
return self.has_access and is_member_of_group(request, admin_group)
def has_change_permission(self, request, obj=None):
return is_member_of_group(request, admin_group)
def is_athletic_authorized(request):
return is_member_of_group(request, settings.ATHLETIC_USERS_GROUP)
def is_tacoma_authorized(request):
return is_member_of_group(request, settings.TACOMA_USERS_GROUP)
def is_iss_authorized(request):
return is_member_of_group(request, settings.ISS_USERS_GROUP)
def is_international_authorized(request):
return is_member_of_group(request, settings.INTERNATIONAL_USERS_GROUP)
def is_eop_authorized(request):
return is_member_of_group(request, settings.EOP_USERS_GROUP)
def can_proxy_restclient(request, service, url):
return is_member_of_group(request, settings.GRADEPAGE_SUPPORT_GROUP)
def index(request):
if is_member_of_group(request, settings.UW_SAML_PERMISSIONS['perm2']):
return HttpResponse("Hello, world. You have perm2.")
else:
return HttpResponse("Hello, world. You don't have perm2.")
def is_engineering_authorized(request):
return is_member_of_group(request, settings.ENGINEERING_USERS_GROUP)
def is_premajor_authorized(request):
return is_member_of_group(request, settings.PREMAJOR_USERS_GROUP)
def has_permission(self, request):
return is_member_of_group(request, admin_group)
def wrapper(request, *args, **kwargs):
if is_member_of_group(request, group_id):
return view_func(request, *args, **kwargs)
return render(request, 'uw_saml/access_denied.html', status=401)
def has_module_permission(self, request):
return self.has_access and is_member_of_group(request, admin_group)
def can_manage_persistent_messages(request):
return is_member_of_group(request, settings.GRADEPAGE_ADMIN_GROUP)