def check(self, app, environ, start_response): if not environ.get('REMOTE_USER'): set_redirect() raise NotAuthenticatedError('Not Authenticated') person = Person.find_by_email(environ['REMOTE_USER']) if person is None: environ['auth_failure'] = 'NO_USER' raise NotAuthorizedError( 'You are not one of the users allowed to access this resource.' ) registration = Registration.find_by_id(self.registration_id) if registration is None: raise NotAuthorizedError( "Registration doesn't exist" ) if person.id <> registration.person_id: set_role("Registration is not for this user"); raise NotAuthorizedError( "Registration is not for this user" ) return app(environ, start_response)
def _to_python(self, value, state): registration = Registration.find_by_id(int(value), abort_404=False) if registration is None: raise Invalid("Unknown registration ID.", value, state) else: return registration