def has_admin_scope(request):
""" Helper function to determine if a request should be treated
as though it has the `osf.admin` scope. This includes both
tokened requests that do, and requests that are made via the
OSF (i.e. have an osf cookie)
"""
cookie = request.COOKIES.get(website_settings.COOKIE_NAME)
if cookie:
return bool(get_session_from_cookie(cookie))
token = request.auth
if token is None or not isinstance(token, CasResponse):
return False
return set(ComposedScopes.ADMIN_LEVEL).issubset(normalize_scopes(token.attributes['accessTokenScope']))
def has_admin_scope(request):
""" Helper function to determine if a request should be treated
as though it has the `osf.admin` scope. This includes both
tokened requests that do, and requests that are made via the
OSF (i.e. have an osf cookie)
"""
cookie = request.COOKIES.get(website_settings.COOKIE_NAME)
if cookie:
return bool(get_session_from_cookie(cookie))
token = request.auth
if token is None or not isinstance(token, CasResponse):
return False
return set(ComposedScopes.ADMIN_LEVEL).issubset(normalize_scopes(token.attributes['accessTokenScope']))
