def canRead(id, userId):
"""
Check if a user can read a shift. The user must have
either:
1. Created the shift
2. The shift must be published and public
3. If the user is subscribed to a stream the shift is on.
4. If the shift is published to the user's private stream.
Parameters:
id - a shift id.
Returns:
bool.
"""
db = core.connect()
theShift = db[id]
if user.isAdmin(userId):
return True
if theShift["createdBy"] == userId:
return True
if theShift["publishData"]["draft"]:
return False
theUser = db[userId]
if not theShift["publishData"]["private"]:
return True
if theUser["privateStream"] in theShift["publishData"]["streams"]:
return True
shiftStreams = theShift["publishData"]["streams"]
readableStreams = permission.readableStreams(userId)
allowed = set(shiftStreams).intersection(readableStreams)
return len(allowed) > 0
def canRead(id, userId):
"""
Check if a user can read an event. Allowed under the following conditions:
1. the user is admin.
2. the stream is public.
3. the stream is readable by the user.
Parameters:
id - an event id.
userId - a user id.
Returns:
bool.
"""
if user.isAdmin(userId):
return True
streamId = data["streamId"]
theStream = stream.read(userId)
if not theStream["private"]:
return True
readable = permission.readableStreams(userId)
return (streamId in readable)
def canRead(id, userId):
"""
Returns true if:
1. User is admin.
2. The stream is public.
3. The user created the stream.
4. The user has read permission for the stream.
Parameters:
id - a stream id.
userId - a user id.
Returns:
bool.
"""
if user.isAdmin(userId):
return True
theStream = read(id)
if theStream["createdBy"] == userId:
return True
if not theStream["private"]:
return True
readableStreams = permission.readableStreams(userId)
return id in readableStreams
