Esempio n. 1
0
def is_admin(group):
    security = get_service("security")
    is_admin = current_user in group.admins
    if not is_admin and "security" in current_app.extensions:
        is_admin = security.has_role(current_user, "admin")

    return is_admin
Esempio n. 2
0
def is_admin(group):
    security = get_service("security")
    is_admin = current_user in group.admins
    if not is_admin and "security" in current_app.extensions:
        is_admin = security.has_role(current_user, "admin")

    return is_admin
Esempio n. 3
0
 def condition(context: Dict[str, bool]) -> bool:
     return not current_user.is_anonymous and security.has_role(
         # pyre-fixme[6]: Expected `Principal` for 1st param but got
         #  `LocalProxy`.
         current_user,
         AdminRole,
     )
Esempio n. 4
0
def groups():
    tab = request.args.get("tab", "all_groups")
    e = Env()
    if tab == 'all_groups':
        e.groups = Group.query.order_by(Group.name).all()
        if not security.has_role(g.user, "admin"):
            e.groups = [
                group for group in e.groups
                if group.public or g.user in group.members
            ]
    else:
        e.groups = g.user.groups
        e.groups.sort(key=lambda x: x.name)
    return render_template("social/groups.html", **e)
Esempio n. 5
0
def groups():
    tab = request.args.get("tab", "all_groups")
    if tab == "all_groups":
        groups = Group.query.order_by(Group.name).all()
        if not security.has_role(current_user, "admin"):
            groups = [
                group for group in groups
                if group.public or current_user in group.members
            ]
    else:
        groups = current_user.groups
        groups.sort(key=lambda x: x.name)

    return render_template("social/groups.html", groups=groups)
Esempio n. 6
0
def check_read_access(obj):
    """
    Checks the current user has appropriate read access on the given object.
    Will raise appropriates errors in case the object doesn't exist (404),
    or the current user doesn't have read access on the object (403).
    """
    if not obj:
        raise NotFound()
    if not security.running:
        return True
    if security.has_role(g.user, Admin):
        return True
    if repository.has_access(g.user, obj):
        return True
    raise Forbidden()
Esempio n. 7
0
def groups():
    tab = request.args.get("tab", "all_groups")
    if tab == "all_groups":
        groups = Group.query.order_by(Group.name).all()
        if not security.has_role(current_user, "admin"):
            groups = [
                group
                for group in groups
                if group.public or current_user in group.members
            ]
    else:
        groups = current_user.groups
        groups.sort(key=lambda x: x.name)

    return render_template("social/groups.html", groups=groups)
Esempio n. 8
0
def check_read_access(obj):
    """Checks the current user has appropriate read access on the given object.

    Will raise appropriates errors in case the object doesn't exist
    (404), or the current user doesn't have read access on the object
    (403).
    """
    if not obj:
        raise NotFound()
    if not security.running:
        return True
    if security.has_role(current_user, Admin):
        return True
    if repository.has_access(current_user, obj):
        return True
    raise Forbidden()
Esempio n. 9
0
def check_manage_access(obj):
    """
    Checks the current user has appropriate manage access on the given object.
    Will raise appropriates errors in case the object doesn't exist (404),
    or the current user doesn't have manage access on the object (403).
    """

    if not obj:
        raise NotFound()
    if not security.running:
        return
    if security.has_role(g.user, Admin):
        return
    if (repository.has_access(g.user, obj)
            and repository.has_permission(g.user, MANAGE, obj)):
        return
    raise Forbidden()
Esempio n. 10
0
  def __init__(self, *panels, **kwargs):
    self.app = None
    self.panels = []
    self.breadcrumb_items = {}
    self.setup_blueprint()

    self.nav_root = NavGroup(
      'admin', 'root', title=_l(u'Admin'),
      endpoint=None,
      condition=lambda context: (not current_user.is_anonymous()
                                 and security.has_role(current_user, AdminRole))
    )

    for panel in panels:
      self.register_panel(panel)

    app = kwargs.pop('app', None)
    if app is not None:
      self.init_app(app)
Esempio n. 11
0
def check_manage_access(obj):
    """Checks the current user has appropriate manage access on the given
    object.

    Will raise appropriates errors in case the object doesn't exist
    (404), or the current user doesn't have manage access on the object
    (403).
    """

    if not obj:
        raise NotFound()
    if not security.running:
        return
    if security.has_role(current_user, Admin):
        return
    if repository.has_access(current_user, obj) and repository.has_permission(
        current_user, MANAGE, obj
    ):
        return
    raise Forbidden()
Esempio n. 12
0
 def check_security():
   user = current_user._get_current_object()
   if not security.has_role(user, "admin"):
     raise Forbidden()
Esempio n. 13
0
 def check_security():
     user = unwrap(current_user)
     if not security.has_role(user, "admin"):
         raise Forbidden()
Esempio n. 14
0
 def check_security() -> None:
     user = unwrap(current_user)
     if not security.has_role(user, "admin"):
         raise Forbidden()
Esempio n. 15
0
     "documents:folder-listing",
     "change-owner",
     _l("Change owner"),
     icon="user",
     url="#modal-change-owner",
     modal=True,
     permission=MANAGE,
 ),
 # Folder left bar actions ##########
 # view
 RootFolderAction(
     "documents:content",
     "view",
     _l("List content"),
     icon="list",
     condition=(lambda ctx: security.has_role(current_user, "admin")),
     url=lambda ctx: url_for(".folder_view", folder_id=ctx["object"].id),
 ),
 # view
 FolderAction(
     "documents:content",
     "view",
     _l("List content"),
     icon="list",
     url=lambda ctx: url_for(".folder_view", folder_id=ctx["object"].id),
 ),
 # Descendants
 FolderAction(
     "documents:content",
     "descendants",
     _l("View descendants"),
Esempio n. 16
0
                    css_class='btn-danger'),
 FolderButtonAction('documents:folder-listing',
                    'change-owner',
                    _l(u'Change owner'),
                    icon='user',
                    url='#modal-change-owner',
                    modal=True,
                    permission=MANAGE),
 # Folder left bar actions ##########
 # view
 RootFolderAction(
     'documents:content',
     'view',
     _l(u'List content'),
     icon='list',
     condition=(lambda ctx: security.has_role(g.user, "admin")),
     url=lambda ctx: url_for(".folder_view", folder_id=ctx['object'].id),
 ),
 # view
 FolderAction(
     'documents:content',
     'view',
     _l(u'List content'),
     icon='list',
     url=lambda ctx: url_for(".folder_view", folder_id=ctx['object'].id),
 ),
 # Descendants
 FolderAction(
     'documents:content',
     'descendants',
     _l(u'View descendants'),
Esempio n. 17
0
 def condition(context: Dict[str, bool]) -> bool:
     return not current_user.is_anonymous and security.has_role(
         current_user, AdminRole)
Esempio n. 18
0
 def condition(context):
     return not current_user.is_anonymous and security.has_role(
         current_user, AdminRole
     )
Esempio n. 19
0
 def check_security():
     user = current_user._get_current_object()
     if not security.has_role(user, "admin"):
         raise Forbidden()
Esempio n. 20
0
     "documents:folder-listing",
     "change-owner",
     _l("Change owner"),
     icon="user",
     url="#modal-change-owner",
     modal=True,
     permission=MANAGE,
 ),
 # Folder left bar actions ##########
 # view
 RootFolderAction(
     "documents:content",
     "view",
     _l("List content"),
     icon="list",
     condition=(lambda ctx: security.has_role(current_user, "admin")),
     url=lambda ctx: url_for(".folder_view", folder_id=ctx["object"].id),
 ),
 # view
 FolderAction(
     "documents:content",
     "view",
     _l("List content"),
     icon="list",
     url=lambda ctx: url_for(".folder_view", folder_id=ctx["object"].id),
 ),
 # Descendants
 FolderAction(
     "documents:content",
     "descendants",
     _l("View descendants"),
Esempio n. 21
0
 def check_security():
   user = current_user._get_current_object()
   if not security.has_role(user, "admin"):
     abort(403)