예제 #1
0
파일: authz.py 프로젝트: eevee/floof
def could_have_permission(permission, context, request):
    """Returns True if the current user (``request.user``) either holds the
    `permission` in the given `context` or could hold it after
    :term:`authentication upgrade`."""

    if context is None:
        return False

    if not hasattr(context, '__acl__'):
        # XXX is this bit of convenience appropriate?
        context = contextualize(context)

    outstanding = outstanding_principals(permission, context, request)

    if not outstanding:
        return True

    # The user can gain the permission only if there is an alternative set in
    # their outstanding_principals list of sets containing only upgradable
    # principal types.
    for altset in outstanding:
        f = lambda x: x.startswith(UPGRADABLE_PRINCIPALS)
        if all(map(f, altset)):
            return True

    return False
예제 #2
0
파일: authz.py 프로젝트: silky/floof
def could_have_permission(permission, context, request):
    """Returns True if the current user (``request.user``) either holds the
    `permission` in the given `context` or could hold it after
    :term:`authentication upgrade`."""

    if context is None:
        return False

    if not hasattr(context, '__acl__'):
        # XXX is this bit of convenience appropriate?
        context = contextualize(context)

    outstanding = outstanding_principals(permission, context, request)

    if not outstanding:
        return True

    # The user can gain the permission only if there is an alternative set in
    # their outstanding_principals list of sets containing only upgradable
    # principal types.
    for altset in outstanding:
        f = lambda x: x.startswith(UPGRADABLE_PRINCIPALS)
        if all(map(f, altset)):
            return True

    return False
예제 #3
0
파일: routing.py 프로젝트: silky/floof
 def factory(request):
     # This yields the "context", which should be the row object
     try:
         return contextualize(
             model.session.query(sqla_column.parententity).filter(
                 sqla_column == request.matchdict[match_key]).one())
     except NoResultFound:
         # 404!
         raise NotFound()
예제 #4
0
파일: routing.py 프로젝트: krinndnz/floof
 def factory(request):
     # This yields the "context", which should be the row object
     try:
         return contextualize(
             model.session.query(sqla_column.parententity)
             .filter(sqla_column == request.matchdict[match_key])
             .one())
     except NoResultFound:
         # 404!
         raise NotFound()
예제 #5
0
파일: routing.py 프로젝트: krinndnz/floof
    def comments_factory(request):
        # XXX prefetching on these?
        type = request.matchdict['type']
        identifier = request.matchdict['identifier']

        try:
            sqla_column = commentables[type]
            entity = model.session.query(sqla_column.parententity).filter(sqla_column == identifier).one()
        except (NoResultFound, KeyError):
            # 404!
            raise NotFound()

        if 'comment_id' not in request.matchdict:
            return contextualize(entity.discussion)

        # URLs to specific comments should have those comments as the context
        try:
            return contextualize(
                model.session .query(model.Comment)
                .with_parent(entity.discussion)
                .filter(model.Comment.id == request.matchdict['comment_id'])
                .one())
        except NoResultFound:
            raise NotFound()
예제 #6
0
파일: routing.py 프로젝트: silky/floof
    def comments_factory(request):
        # XXX prefetching on these?
        type = request.matchdict['type']
        identifier = request.matchdict['identifier']

        try:
            sqla_column = commentables[type]
            entity = model.session.query(sqla_column.parententity).filter(
                sqla_column == identifier).one()
        except (NoResultFound, KeyError):
            # 404!
            raise NotFound()

        if 'comment_id' not in request.matchdict:
            return contextualize(entity.discussion)

        # URLs to specific comments should have those comments as the context
        try:
            return contextualize(
                model.session.query(model.Comment).with_parent(
                    entity.discussion).filter(model.Comment.id == request.
                                              matchdict['comment_id']).one())
        except NoResultFound:
            raise NotFound()
예제 #7
0
파일: authz.py 프로젝트: eevee/floof
 def user_permitted(permission, lst):
     """Filter iterable lst to include only ORM objects for which the request's
     user holds the given permission."""
     f = lambda obj: request.user.can(permission, contextualize(obj))
     return filter(f, lst)
예제 #8
0
파일: authz.py 프로젝트: silky/floof
 def user_permitted(permission, lst):
     """Filter iterable lst to include only ORM objects for which the request's
     user holds the given permission."""
     f = lambda obj: request.user.can(permission, contextualize(obj))
     return filter(f, lst)