def decorated_function(*args, **kwargs): measure_id = kwargs.get("measure") or kwargs.get("measure_uri") if current_user.is_authenticated and measure_id is not None and current_user.can_access( measure_id): return f(*args, **kwargs) else: return abort(403)
def _get_reference_email(self, email_store: EmailStore) -> Optional[dict]: uid = request.args.get('uid', '') if not uid: return None reference = email_store.get(uid) if not current_user.can_access(reference): return None return reference
def from_request(cls, email_store: EmailStore): action_name = request.args.get('action') form = cls._new_instance_for(action_name) if not form: return None uid = request.args.get('uid') if uid: reference = email_store.get(uid) if not reference or not current_user.can_access(reference): return None form._populate(reference) return form
def from_request(cls, email_store: EmailStore): action_name = request.args.get('action') form = cls._new_instance_for(action_name) if not form: return None to = request.args.get('to') uid = request.args.get('uid') reference = None if uid: reference = email_store.get(uid) if not current_user.can_access(reference): reference = None form._populate(reference, to) return form
def handle_action(self, email_store): """ :type email_store: opwen_domain.email.EmailStore """ uid = request.args.get('uid') action = request.args.get('action') if not uid or not action: return reference = email_store.get(uid) if not reference or not current_user.can_access(reference): return if action == 'reply': self._handle_reply(reference) elif action == 'reply_all': self._handle_reply_all(reference) elif action == 'forward': self._handle_forward(reference)