def wrapper(request, *args, **kwargs): if request.META.get('REMOTE_USER') is not None: url = 'https://apps.wharton.upenn.edu/wisp/api/v1/adgroups/%s' % request.META.get( 'REMOTE_USER') response = call_wisp_api(url) # Check for empty response if response.get('groups'): # Check if user is in the requested groups permission_check = [ permission for permission in permissions if permission in response.get('groups')] if permission_check: return func(request, *args, **kwargs) else: raise PermissionDenied else: # Return a bad request for no groups found return HttpResponseBadRequest( "No groups found for user %s" % request.META.get('REMOTE_USER')) else: raise PermissionDenied
def configure_user(self, user): response = call_wisp_api( 'https://apps.wharton.upenn.edu/wisp/api/v1/adusers', {'username': user.username}) if response['results']: results = response['results'][0] user.first_name = results['first_name'] user.last_name = results['last_name'] user.email = results['email'].replace('exchange.', '') ''' Setting is_staff to True on the django user model Gives the user access to additional django functions ''' user.is_staff = False user.save() else: ''' Even though someone can login with Pennkey, there is a chance the user is not a Wharton user; in this case, raise a PermissionDenied ''' raise PermissionDenied
def configure_user(self, user): response = call_wisp_api( 'https://apps.wharton.upenn.edu/wisp/api/v1/adusers', {'username': user.username}) if response['results']: results = response['results'][0] user.first_name = results['first_name'] user.last_name = results['last_name'] user.email = results['email'].replace('exchange.', '') ''' Setting is_staff to True on the django user model Gives the user access to additional django functions ''' user.is_staff = False user.save() return user else: ''' Even though someone can login with Pennkey, there is a chance the user is not a Wharton user; in this case, just return the user object since raising a PermissionDenied doesn't do anything and let the app control the access ''' return user