def harvest_job_show(context, data_dict): model = context['model'] user = context.get('user') job = get_job_object(context, data_dict) if not user: return { 'success': False, 'msg': _('Non-logged in users are not authorized to see harvest jobs') } if Authorizer().is_sysadmin(user): return {'success': True} user_obj = User.get(user) if not user_obj or not job.source.publisher_id in [ g.id for g in user_obj.get_groups(u'publisher') ]: return { 'success': False, 'msg': _('User %s not authorized to read harvest job %s') % (str(user), job.id) } else: return {'success': True}
def harvest_job_show(context,data_dict): model = context['model'] user = context.get('user') job = get_job_object(context,data_dict) # Check the user is admin/editor for the publisher - i.e. has # update_dataset permission check1 = ckan.new_authz.has_user_permission_for_group_or_org( job.source.publisher_id, user, 'update_dataset' ) if not check1: return {'success': False, 'msg': _('User %s not authorized to read harvest job %s') % (str(user), job.id)} else: return {'success': True}
def harvest_job_show(context,data_dict): model = context['model'] user = context.get('user') job = get_job_object(context,data_dict) if not user: return {'success': False, 'msg': _('Non-logged in users are not authorized to see harvest jobs')} if Authorizer().is_sysadmin(user): return {'success': True} user_obj = User.get(user) if not user_obj or not job.source.publisher_id in [g.id for g in user_obj.get_groups(u'publisher')]: return {'success': False, 'msg': _('User %s not authorized to read harvest job %s') % (str(user),job.id)} else: return {'success': True}
def harvest_job_show(context, data_dict): ''' Authorization check for getting the details of a harvest job It forwards the checks to harvest_source_update, ie if the user can update the parent source (eg create new jobs), she can get the details for the job, including the reports ''' user = context.get('user') job = get_job_object(context, data_dict) try: pt.check_access('harvest_source_update', context, {'id': job.source.id}) return {'success': True} except pt.NotAuthorized: return {'success': False, 'msg': pt._('User {0} not authorized to see jobs from source {1}') .format(user, job.source.id)}
def harvest_job_show(context, data_dict): model = context['model'] user = context.get('user') job = get_job_object(context, data_dict) # Check the user is admin/editor for the publisher - i.e. has # update_dataset permission check1 = ckan.new_authz.has_user_permission_for_group_or_org( job.source.publisher_id, user, 'update_dataset') if not check1: return { 'success': False, 'msg': _('User %s not authorized to read harvest job %s') % (str(user), job.id) } else: return {'success': True}