def authorization_failed(request, capabilities_sets):
"""Verify authorization and output error message if not allowed.
Checks for authorization (using `webauth.requestIsAllowed'). If
authorization succeeds, returns False. If authorization fails,
returns True after generating an error response, in which case the
caller should return webservice.NOT_DONE_YET to inform the web sever
to send the error response.
The capabilities_sets argument is a list of one or more sets of
capabilities that the user must have for authorization to succeed.
The user must hold all of the capabilities in at least one of the
sets in the list for authorization to succeed."""
for s in capabilities_sets:
if webauth.requestIsAllowed(request, s):
return False
session = webserver.get_current_session(request)
e = """This request requires one of the following capabilities sets:
%s
You are logged in as user %s which does not have one or more of these
capabilities sets.""" % ("\n".join([", ".join(s) for s in capabilities_sets
]), session.user.username)
forbidden(request, e)
return True
def authorization_failed(request, capabilities_sets):
"""Verify authorization and output error message if not allowed.
Checks for authorization (using `webauth.requestIsAllowed'). If
authorization succeeds, returns False. If authorization fails,
returns True after generating an error response, in which case the
caller should return webservice.NOT_DONE_YET to inform the web sever
to send the error response.
The capabilities_sets argument is a list of one or more sets of
capabilities that the user must have for authorization to succeed.
The user must hold all of the capabilities in at least one of the
sets in the list for authorization to succeed."""
for s in capabilities_sets:
if webauth.requestIsAllowed(request, s):
return False
session = webserver.get_current_session(request)
e = """This request requires one of the following capabilities sets:
%s
You are logged in as user %s which does not have one or more of these
capabilities sets.""" % ("\n".join([", ".join(s) for s in capabilities_sets]), session.user.username)
forbidden(request, e)
return True
def authorization_failed(request, capabilities_set): #ogni ruolo corrisponde a un set, importante per i ruoli nuovi non di default
"""Verify authorization and output error message if not allowed.
Checks for authorization (using `webauth.requestIsAllowed'). If
authorization succeeds, returns False. If authorization fails,
returns True after generating an error response, in which case the
caller should return webservice.NOT_DONE_YET to inform the web sever
to send the error response.
The capabilities_sets argument is a list of one or more sets of
capabilities that the user must have for authorization to succeed.
The user must hold all of the capabilities in at least one of the
sets in the list for authorization to succeed."""
#BEGIN OLD CODE
#for s in capabilities_sets:
# if webauth.requestIsAllowed(request, s):
# return False
#session = webserver.get_current_session(request)
#e = """This request requires one of the following capabilities sets:
#%s
#You are logged in as user %s which does not have one or more of these
#capabilities sets.""" % ("\n".join([", ".join(s) for s in capabilities_sets]), session.user.username)
# forbidden(request, e)
#END OLD CODE
#Valerio CODE
s=capabilities_set
if webauth.requestIsAllowed(request, s):
return False
session = webserver.get_current_session(request)
e = """This request requires one of the following capabilities:
%s
You are logged in as user %s which does not have one or more of these
capabilities.""" % (capabilities_set, session.user.username)
forbidden(request, e)
return True
