def GetDeviceWithAcl(cls, device_id):
device = cls.get_by_key_name(device_id)
if device and (acl.UserIsAdmin() or
device.user == users.get_current_user()):
return device
else:
raise RuntimeError('User cannot access device %s', device_id)
def GetDeviceListWithAcl(cls, cursor=None):
"""Return a query for devices that can be accessed by the current user."""
query = cls.all()
if not acl.UserIsAdmin():
query.filter('user =', users.get_current_user())
if cursor:
query.with_cursor(cursor)
return query