def prepare_permission_key(self, p): # a string expressing who can read this page: used for permission checking in search acl_value = Page.adjust_acl_release(p.can_read, p.releasedate()) if acl_value == 'ALL': perm = 'ALL' else: perm = "%s_%s" % (p.offering.slug, acl_value) return perm
def _check_allowed(request, offering, acl_value, date=None): """ Check to see if the person is allowed to do this Page action. Returns Member object if possible; True if non-member who is allowed, or None if not allowed. If a release date is given and is in the future, acl_value is tightened accordingly. """ acl_value = Page.adjust_acl_release(acl_value, date) if request.user.is_authenticated(): userid = request.user.username else: userid = '!' # first option: can access because of Membership. m = _allowed_member(userid, offering, acl_value) if m and isinstance(m, Member): return m # next option: can access because of a PagePermission p = _allowed_permission(userid, offering, acl_value) return p
def _check_allowed(request, offering, acl_value, date=None): """ Check to see if the person is allowed to do this Page action. Returns Member object if possible; True if non-member who is allowed, or None if not allowed. If a release date is given and is in the future, acl_value is tightened accordingly. """ acl_value = Page.adjust_acl_release(acl_value, date) members = Member.objects.filter(person__userid=request.user.username, offering=offering) if not members: if acl_value=='ALL': return True else: return None m = members[0] if acl_value == 'ALL': return m elif m.role in MEMBER_ROLES[acl_value]: return m return None
def _check_allowed(request, offering, acl_value, date=None): """ Check to see if the person is allowed to do this Page action. Returns Member object if possible; True if non-member who is allowed, or None if not allowed. If a release date is given and is in the future, acl_value is tightened accordingly. """ acl_value = Page.adjust_acl_release(acl_value, date) if request.user.is_authenticated: userid = request.user.username else: userid = '!' # first option: can access because of Membership. m = _allowed_member(userid, offering, acl_value) if m and isinstance(m, Member): return m # next option: can access because of a PagePermission p = _allowed_permission(userid, offering, acl_value) return p