def _CheckAccess(self, username, subject_id, approval_type): """Checks access to a given subject by a given user.""" utils.AssertType(subject_id, unicode) cache_key = (username, subject_id, approval_type) try: self.acl_cache.Get(cache_key) stats.STATS.IncrementCounter("approval_searches", fields=["-", "cache"]) return True except KeyError: stats.STATS.IncrementCounter("approval_searches", fields=["-", "reldb"]) approvals = data_store.REL_DB.ReadApprovalRequests( username, approval_type, subject_id=subject_id, include_expired=False) errors = [] for approval in approvals: try: approval_checks.CheckApprovalRequest(approval) self.acl_cache.Put(cache_key, True) return except access_control.UnauthorizedAccess as e: errors.append(e) subject = approval_checks.BuildLegacySubject(subject_id, approval_type) if not errors: raise access_control.UnauthorizedAccess( "No approval found.", subject=subject) else: raise access_control.UnauthorizedAccess( " ".join(utils.SmartStr(e) for e in errors), subject=subject)
def _CheckAccess(self, username, subject_id, approval_type): """Checks access to a given subject by a given user.""" precondition.AssertType(subject_id, Text) cache_key = (username, subject_id, approval_type) try: self.acl_cache.Get(cache_key) APPROVAL_SEARCHES.Increment(fields=["-", "cache"]) return True except KeyError: APPROVAL_SEARCHES.Increment(fields=["-", "reldb"]) approvals = data_store.REL_DB.ReadApprovalRequests( username, approval_type, subject_id=subject_id, include_expired=False) errors = [] for approval in approvals: try: approval_checks.CheckApprovalRequest(approval) self.acl_cache.Put(cache_key, True) return except access_control.UnauthorizedAccess as e: errors.append(e) subject = approval_checks.BuildLegacySubject(subject_id, approval_type) if not errors: raise access_control.UnauthorizedAccess("No approval found.", subject=subject) else: raise access_control.UnauthorizedAccess(" ".join( str(e) for e in errors), subject=subject)