def is_authenticated(self, request, **kwargs): permission_check = lambda couch_user, domain: couch_user.is_domain_admin(domain) wrappers = [ require_permission_raw(permission_check, login_decorator=self._get_auth_decorator(request)), api_auth, ] return self._auth_test(request, wrappers=wrappers, **kwargs)
def is_authenticated(self, request, **kwargs): permission_check = lambda couch_user, domain: couch_user.is_domain_admin(domain) wrappers = [ require_permission_raw(permission_check, login_decorator=self._get_auth_decorator(request)), api_auth, ] return self._auth_test(request, wrappers=wrappers, **kwargs)
def is_authenticated(self, request, **kwargs): wrappers = [ require_permission_raw(odata_permissions_check, self._get_auth_decorator(request)), wrap_4xx_errors_for_apis, ] return self._auth_test(request, wrappers=wrappers, **kwargs)
def is_authenticated(self, request, **kwargs): decorator = require_permission_raw( self._permission_check, login_decorator=self._get_auth_decorator(request) ) wrappers = [decorator, api_auth] # passing the domain is a hack to work around non-domain-specific requests # failing on auth return self._auth_test(request, wrappers=wrappers, domain='dimagi', **kwargs)
def is_authenticated(self, request, **kwargs): decorator = require_permission_raw( self._permission_check, login_decorator=self._get_auth_decorator(request) ) wrappers = [decorator, api_auth] # passing the domain is a hack to work around non-domain-specific requests # failing on auth return self._auth_test(request, wrappers=wrappers, domain='dimagi', **kwargs)
def is_authenticated(self, request, **kwargs): permission_check = lambda couch_user, domain: couch_user.is_superuser wrappers = [ require_permission_raw(permission_check, login_decorator=self._get_auth_decorator(request)), api_auth, ] # passing the domain is a hack to work around non-domain-specific requests # failing on auth return self._auth_test(request, wrappers=wrappers, domain='dimagi', **kwargs)
from corehq.apps.domain.decorators import basic_auth_or_try_api_key_auth from corehq.apps.export.models import CaseExportInstance, FormExportInstance from corehq.apps.export.views.utils import user_can_view_odata_feed from corehq.apps.locations.permissions import location_safe from corehq.apps.users.decorators import require_permission_raw from corehq.util import get_document_or_404 from corehq.util.view_utils import absolute_reverse def odata_permissions_check(user, domain): return user_can_view_odata_feed(domain, user) odata_auth = method_decorator([ require_permission_raw( odata_permissions_check, basic_auth_or_try_api_key_auth ), ], name='dispatch') class BaseODataView(View): def dispatch(self, request, *args, **kwargs): if not user_can_view_odata_feed(request.domain, request.couch_user): raise Http404() return super(BaseODataView, self).dispatch(request, *args, **kwargs) @location_safe @odata_auth class ODataCaseServiceView(BaseODataView):
or slug in self._permissions.view_data_registry_contents_list) @staticmethod def user_can_manage_some(couch_user, domain): return RegistryPermissionCheck(domain, couch_user).can_manage_some @staticmethod def user_can_manage_all(couch_user, domain): return RegistryPermissionCheck(domain, couch_user).can_manage_all def can_view_some_data_registry_contents(self): return self._permissions.view_data_registry_contents or bool( self._permissions.view_data_registry_contents_list) manage_some_registries_required = require_permission_raw( RegistryPermissionCheck.user_can_manage_some) manage_all_registries_required = require_permission_raw( RegistryPermissionCheck.user_can_manage_all) class DataRegistryCrudHelper: def __init__(self, domain, registry_slug, request_user): self.domain = domain self.registry = _get_registry_or_404(domain, registry_slug) self.user = request_user def check_permission(self, couch_user): return RegistryPermissionCheck( self.domain, couch_user).can_manage_registry(self.registry.slug) def set_attr(self, attr, value):