def can_access(self, user, *args, **kwargs): """Checks if the user is allowed to access the attachment. This is the case if the user has access to see the attachment or if the user can manage attachments for the linked object. """ return (super(Attachment, self).can_access(user, *args, **kwargs) or can_manage_attachments(self.folder.object, user))
def _extend_event_management_menu(sender, event, **kwargs): if not can_manage_attachments(event, session.user): return return SideMenuItem('attachments', _('Materials'), url_for('attachments.management', event), 80, section='organization')
def _check_access(self): RHProtected._check_access(self) if not can_manage_attachments(self.object, session.user): raise Forbidden check_event_locked(self, self.event)
def _check_access(self): RHManageCategoryBase._check_access(self) # This is already covered by CategModifBase, but if we ever add more # checks to can_manage_attachments we are on the safe side... if not can_manage_attachments(self.object, session.user): raise Forbidden
def can_manage_attachments(self, user): from fossir.modules.attachments.util import can_manage_attachments return can_manage_attachments(self, user)
def _get_event_management_url(event, **kwargs): if can_manage_attachments(event, session.user): return url_for('attachments.management', event)