def _get_job_or_404(job_id): job = Job.get_by_id(int(job_id)) current_user = users.get_current_user() # only job owner or admin can edit, check or delete the job if job and job.owned_by(current_user, users.is_current_user_admin()): return job else: raise Http404
def show(request, job_id): job = Job.get_by_id(int(job_id)) if not job: raise Http404 if not job.is_published: # only job owner or admin can view unpublished jobs if not job.owned_by(users.get_current_user(), users.is_current_user_admin()): raise Http404 return _custom_render_to_response('show_job.html', {'job': job, 'title': job.title})