def ignore_not_package_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer the package specified.'''
model = context['model']
user = context.get('user')
if 'ignore_auth' in context:
return
if user and Authorizer.is_sysadmin(user):
return
authorized = False
pkg = context.get('package')
if pkg:
try:
check_access('package_change_state', context)
authorized = True
except NotAuthorized:
authorized = False
if (user and pkg and authorized):
return
data.pop(key)
def ignore_not_package_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer the package specified.'''
model = context['model']
user = context.get('user')
if 'ignore_auth' in context:
return
if user and Authorizer.is_sysadmin(user):
return
authorized = False
pkg = context.get('package')
if pkg:
try:
check_access('package_change_state', context)
authorized = True
except NotAuthorized:
authorized = False
if (user and pkg and authorized):
return
# allow_state_change in the context will allow the state to be changed
# FIXME is this the best way to cjeck for state only?
if key == ('state', ) and context.get('allow_state_change'):
return
data.pop(key)
def ignore_not_package_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer the package specified.'''
model = context['model']
user = context.get('user')
if 'ignore_auth' in context:
return
if user and Authorizer.is_sysadmin(user):
return
authorized = False
pkg = context.get('package')
if pkg:
try:
check_access('package_change_state',context)
authorized = True
except NotAuthorized:
authorized = False
if (user and pkg and authorized):
return
data.pop(key)
def ignore_not_package_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer the package specified.'''
model = context['model']
user = context.get('user')
if 'ignore_auth' in context:
return
if user and Authorizer.is_sysadmin(user):
return
authorized = False
pkg = context.get('package')
if pkg:
try:
check_access('package_change_state',context)
authorized = True
except NotAuthorized:
authorized = False
if (user and pkg and authorized):
return
# allow_state_change in the context will allow the state to be changed
# FIXME is this the best way to cjeck for state only?
if key == ('state',) and context.get('allow_state_change'):
return
data.pop(key)
def group_create(context, data_dict=None):
"""
Group create permission. If a group is provided, within which we want to create a group
then we check that the user is within that group. If not then we just say Yes for now
although there may be some approval issues elsewhere.
"""
model = context['model']
user = context['user']
if not model.User.get(user):
return {'success': False, 'msg': _('User is not authorized to create groups') }
if Authorizer.is_sysadmin(user):
return {'success': True}
try:
# If the user is doing this within another group then we need to make sure that
# the user has permissions for this group.
group = get_group_object( context )
except logic.NotFound:
return { 'success' : True }
userobj = model.User.get( user )
if not userobj:
return {'success': False, 'msg': _('User %s not authorized to create groups') % str(user)}
authorized = _groups_intersect( userobj.get_groups('organization'), [group] )
if not authorized:
return {'success': False, 'msg': _('User %s not authorized to create groups') % str(user)}
else:
return {'success': True}
def ignore_not_admin(key, data, errors, context):
model = context['model']
user = context.get('user')
if user and Authorizer.is_sysadmin(user):
return
pkg = context.get('package')
if (user and pkg and
Authorizer().is_authorized(user, model.Action.CHANGE_STATE, pkg)):
return
data.pop(key)
def ignore_not_admin(key, data, errors, context):
model = context['model']
user = context.get('user')
if user and Authorizer.is_sysadmin(user):
return
pkg = context.get('package')
if (user and pkg and Authorizer().is_authorized(
user, model.Action.CHANGE_STATE, pkg)):
return
data.pop(key)
def ignore_not_admin(key, data, errors, context):
model = context['model']
user = context.get('user')
if user and Authorizer.is_sysadmin(user):
return
authorized = False
pkg = context.get('package')
if pkg:
try:
check_access('package_change_state',context)
authorized = True
except NotAuthorized:
authorized = False
if (user and pkg and authorized):
return
data.pop(key)
def group_create(context, data_dict=None):
"""
Group create permission. If a group is provided, within which we want to create a group
then we check that the user is within that group. If not then we just say Yes for now
although there may be some approval issues elsewhere.
"""
model = context['model']
user = context['user']
if not user:
return {
'success': False,
'msg': _('User is not authorized to create groups')
}
if Authorizer.is_sysadmin(user):
return {'success': True}
try:
# If the user is doing this within another group then we need to make sure that
# the user has permissions for this group.
group = get_group_object(context)
except logic.NotFound:
return {'success': True}
userobj = model.User.get(user)
if not userobj:
return {
'success': False,
'msg': _('User %s not authorized to create groups') % str(user)
}
authorized = _groups_intersect(userobj.get_groups('organization'), [group])
if not authorized:
return {
'success': False,
'msg': _('User %s not authorized to create groups') % str(user)
}
else:
return {'success': True}
def ignore_not_group_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer for the group specified.'''
model = context['model']
user = context.get('user')
if user and Authorizer.is_sysadmin(user):
return
authorized = False
group = context.get('group')
if group:
try:
check_access('group_change_state',context)
authorized = True
except NotAuthorized:
authorized = False
if (user and group and authorized):
return
data.pop(key)
def ignore_not_group_admin(key, data, errors, context):
'''Ignore if the user is not allowed to administer for the group specified.'''
model = context['model']
user = context.get('user')
if user and Authorizer.is_sysadmin(user):
return
authorized = False
group = context.get('group')
if group:
try:
check_access('group_change_state', context)
authorized = True
except NotAuthorized:
authorized = False
if (user and group and authorized):
return
data.pop(key)
def activity_create(context, data_dict):
user = context['user']
return {'success': Authorizer.is_sysadmin(user)}
def tag_delete(context, data_dict):
user = context['user']
return {'success': Authorizer.is_sysadmin(user)}
def activity_create(context, data_dict):
user = context["user"]
return {"success": Authorizer.is_sysadmin(user)}
def vocabulary_update(context, data_dict):
user = context['user']
return {'success': Authorizer.is_sysadmin(user)}
def activity_create(context, data_dict):
user = context['user']
return {'success': Authorizer.is_sysadmin(user)}
def tag_delete(context, data_dict):
user = context['user']
return {'success': Authorizer.is_sysadmin(user)}
def vocabulary_update(context, data_dict):
user = context["user"]
return {"success": Authorizer.is_sysadmin(user)}
