def request_user_has_implicit_access(user, context): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ENTERPRISE_COUPON_ADMIN_ROLE` feature role. Returns: boolean: whether the request user has access or not """ request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(request) if not context: return False return request_user_has_implicit_access_via_jwt(decoded_jwt, ENTERPRISE_COUPON_ADMIN_ROLE, context)
def get_enterprise_id_for_current_request_user_from_jwt(): request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) if decoded_jwt: roles_claim = decoded_jwt.get('roles', []) for role_data in roles_claim: role_in_jwt, __, context_in_jwt = role_data.partition(':') if role_in_jwt == SYSTEM_ENTERPRISE_LEARNER_ROLE and context_in_jwt: return context_in_jwt return None
def has_implicit_access_to_enrollment_api(user, obj): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE` feature role. Returns: boolean: whether the request user has access or not """ request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth( request) return request_user_has_implicit_access_via_jwt( decoded_jwt, ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE, obj)
def request_user_has_implicit_access(user): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ORDER_MANAGER_ROLE` feature role. Returns: boolean: whether the request user has access or not """ request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth( request) return request_user_has_implicit_access_via_jwt(decoded_jwt, ORDER_MANAGER_ROLE)
def has_implicit_access_to_catalog_learner(user, context): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ENTERPRISE_CATALOG_LEARNER_ROLE` role. Returns: boolean: whether the request user has access or not """ if not context: return False request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth( request) return request_user_has_implicit_access_via_jwt( decoded_jwt, ENTERPRISE_CATALOG_LEARNER_ROLE, context)
def request_user_has_implicit_access(*args, **kwargs): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ENTERPRISE_DATA_ADMIN_ROLE` feature role. Returns: boolean: whether the request user has access or not """ request = crum.get_current_request() __, __, request_kwargs = resolve(request.path) enterprise_id_in_request = request_kwargs.get('enterprise_id') decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth( request) return request_user_has_implicit_access_via_jwt( decoded_jwt, ENTERPRISE_DATA_ADMIN_ROLE, enterprise_id_in_request)
def has_implicit_access_to_enrollment_api(user, obj): # pylint: disable=unused-argument """ Check that if request user has implicit access to `ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE` feature role. Params: user: An ``auth.User`` instance. obj: The string version of an ``EnterpriseCustomer.uuid``. Returns: boolean: whether the request user has access or not """ request = crum.get_current_request() decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth( request) return request_user_has_implicit_access_via_jwt( decoded_jwt, ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE, obj)