def prepare(self):
self.user = jwt.decode(self.get_cookie('cookie'), 'TestKey', option={'require_exp': True})['sub']
self.namespace = yield from client.Namespace.get_by_name(self.path_kwargs['namespace'])
self.collection = yield from self.namespace.get_collection(self.path_kwargs['collection'])
self.permissions = Permissions.get_permissions(self.user, self.namespace, self.collection)
method = self.request.method.lower()
if method == 'get':
if not self.permissions & Permissions.READ_WRITE:
raise tornado.web.HTTPError(status_code=403)
else:
if not self.permissions & Permissions.from_method(method):
raise tornado.web.HTTPError(status_code=403)
def prepare(self):
try:
decoded = jwt.decode(self.get_cookie('cookie'), 'TestKey', option={'require_exp': True})
self.user = decoded['sub']
except jwt.ExpiredSignatureError:
self.user = None
self.namespace = yield from client.Namespace.get_by_name(self.path_kwargs['namespace'])
self.collection = yield from self.namespace.get_collection(self.path_kwargs['collection'])
self.document = yield from self.collection.read(self.path_kwargs['record_id'])
self.permissions = Permissions.get_permissions(self.user, self.namespace, self.collection, self.document)
if not self.permissions & Permissions.from_method(self.request.method):
raise tornado.web.HTTPError(status_code=403)
def prepare(self):
try:
decoded = jwt.decode(self.get_cookie('cookie'), 'TestKey', option={'require_exp': True})
self.user = decoded['sub']
except jwt.ExpiredSignatureError:
self.user = None
self.namespace = yield from client.Namespace.get_by_name(self.path_kwargs['namespace'])
self.collection = yield from self.namespace.get_collection(self.path_kwargs['collection'])
if not Permissions.get_permissions(self.user, self.namespace, self.collection) & Permissions.ADMIN:
raise tornado.web.HTTPError(status_code=403)
