def canRead(id, userId): """ Check if a user can read a shift. The user must have either: 1. Created the shift 2. The shift must be published and public 3. If the user is subscribed to a stream the shift is on. 4. If the shift is published to the user's private stream. Parameters: id - a shift id. Returns: bool. """ db = core.connect() theShift = db[id] if user.isAdmin(userId): return True if theShift["createdBy"] == userId: return True if theShift["publishData"]["draft"]: return False theUser = db[userId] if not theShift["publishData"]["private"]: return True if theUser["privateStream"] in theShift["publishData"]["streams"]: return True shiftStreams = theShift["publishData"]["streams"] readableStreams = permission.readableStreams(userId) allowed = set(shiftStreams).intersection(readableStreams) return len(allowed) > 0
def canRead(id, userId): """ Check if a user can read an event. Allowed under the following conditions: 1. the user is admin. 2. the stream is public. 3. the stream is readable by the user. Parameters: id - an event id. userId - a user id. Returns: bool. """ if user.isAdmin(userId): return True streamId = data["streamId"] theStream = stream.read(userId) if not theStream["private"]: return True readable = permission.readableStreams(userId) return (streamId in readable)
def canRead(id, userId): """ Returns true if: 1. User is admin. 2. The stream is public. 3. The user created the stream. 4. The user has read permission for the stream. Parameters: id - a stream id. userId - a user id. Returns: bool. """ if user.isAdmin(userId): return True theStream = read(id) if theStream["createdBy"] == userId: return True if not theStream["private"]: return True readableStreams = permission.readableStreams(userId) return id in readableStreams