def check_can_change_current_subscription(self, brl_user, plan_id):
self.check_act_as_admin_of(brl_user)
# Look if its a downgrade and we the destination plan
# fits our current contributors and private blocks
# Check destination plan is active
dest_plan = CURRENT_PLANS[plan_id]
if not dest_plan["active"]:
raise ForbiddenException("Plan is no longer available")
users, num_private_blocks = self._get_subscription_utilisation_status(
brl_user)
if dest_plan["num_users"] != -1: # No unlimited
if len(users) > dest_plan["num_users"]:
raise PlanDowngradeNotAllowed(
"You are currently using %d users, "
"reduce to %d before plan downgrade" %
(len(users), dest_plan["num_users"]))
if dest_plan["num_private_blocks"] != -1: # No unlimited
if num_private_blocks > dest_plan["num_private_blocks"]:
raise PlanDowngradeNotAllowed(
"You have %d private blocks, "
"reduce it to %d before plan downgrade" %
(num_private_blocks, dest_plan["num_private_blocks"]))
def get_dep_table(self, _):
self.dep_table_call_counter += 1
if self.token == "goodtoken":
return "dep_table"
elif self.token is None or self.token == "validtokenbutforbidden":
raise ForbiddenException(
) # <= Simulates a CantDoIt through REST API
else:
self.authentication_failed += 1
raise AuthenticationException()
def check_write_block(self, brl_block):
try:
block_access = self._store.read_block_permissions(brl_block)
except NotFoundException:
return self.check_create_block(brl_block.owner, False)
# If block is private, check auth_user can read it and owner is paying
if block_access.is_private:
# Check limits are ok, If its free will raise
self.check_subscription_limit_reached(brl_block.owner)
# Check if auth_user has write permissions
if self._can_act_as_admin_of(brl_block.owner) is not True:
if not block_access.write.is_granted(self.auth_user):
raise ForbiddenException(
"Permission denied: Writing block '%s'" % brl_block)
def add_block(self, brl, tags=None, description=""):
'''Adds a block to the user workspace'''
tags = tags or set()
if brl.owner != self.ID:
raise ForbiddenException('Can not add not own block: %s %s' %
(str(brl), self.ID))
if brl in self.blocks:
raise DuplicateBlockException('Block %s already exist for %s')
matching = [x for x in self.blocks if brl.lower() == x.lower()]
if matching:
raise BiiException(
"You're trying to publish block named %s. There is "
"already a block named %s among your blocks" %
(brl, matching[0]))
# Add tags and description
self.blocks[brl] = [set(tags), description, 0] # 0 bytes
block_id = self.numeric_id + self.block_counter
self.block_counter += 1
return block_id
def require_auth(self):
"""Only for validating token
(Used in publish manager to ensure logged user before publishing)"""
if not self._auth_user:
raise ForbiddenException()
def check_are_own_user(self, brl_user):
"""Auth user can read brl_user subscription??"""
if brl_user != self.auth_user:
raise ForbiddenException("Permission denied")
return
def check_act_as_admin_of(self, brl_user):
if self.auth_user != brl_user and self._can_act_as_admin_of(
brl_user) is not True:
raise ForbiddenException("Permission denied: Updating user %s" %
brl_user)
return
def check_publish_block(self, brl_block, publish_request):
self.check_write_block(brl_block)
user = self._store.read_user(publish_request.parent.block.owner)
if user.blocks_bytes + publish_request.bytes > user.max_workspace_size:
raise ForbiddenException(
"Workspace max size reached please contact us")
def check_read_block(self, brl_block):
block_access = self._store.read_block_permissions(brl_block)
if block_access.is_private:
if not self._read_granted(brl_block, block_access):
raise ForbiddenException(
"Permission denied: Reading block '%s'" % (brl_block))