def request_user_has_implicit_access(user, context): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ENTERPRISE_COUPON_ADMIN_ROLE` feature role.
Returns:
boolean: whether the request user has access or not
"""
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(request)
if not context:
return False
return request_user_has_implicit_access_via_jwt(decoded_jwt, ENTERPRISE_COUPON_ADMIN_ROLE, context)
def get_enterprise_id_for_current_request_user_from_jwt():
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request)
if decoded_jwt:
roles_claim = decoded_jwt.get('roles', [])
for role_data in roles_claim:
role_in_jwt, __, context_in_jwt = role_data.partition(':')
if role_in_jwt == SYSTEM_ENTERPRISE_LEARNER_ROLE and context_in_jwt:
return context_in_jwt
return None
def has_implicit_access_to_enrollment_api(user, obj): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE` feature role.
Returns:
boolean: whether the request user has access or not
"""
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(
request)
return request_user_has_implicit_access_via_jwt(
decoded_jwt, ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE, obj)
def request_user_has_implicit_access(user): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ORDER_MANAGER_ROLE` feature role.
Returns:
boolean: whether the request user has access or not
"""
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(
request)
return request_user_has_implicit_access_via_jwt(decoded_jwt,
ORDER_MANAGER_ROLE)
def has_implicit_access_to_catalog_learner(user, context): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ENTERPRISE_CATALOG_LEARNER_ROLE` role.
Returns:
boolean: whether the request user has access or not
"""
if not context:
return False
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(
request)
return request_user_has_implicit_access_via_jwt(
decoded_jwt, ENTERPRISE_CATALOG_LEARNER_ROLE, context)
def request_user_has_implicit_access(*args, **kwargs): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ENTERPRISE_DATA_ADMIN_ROLE` feature role.
Returns:
boolean: whether the request user has access or not
"""
request = crum.get_current_request()
__, __, request_kwargs = resolve(request.path)
enterprise_id_in_request = request_kwargs.get('enterprise_id')
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(
request)
return request_user_has_implicit_access_via_jwt(
decoded_jwt, ENTERPRISE_DATA_ADMIN_ROLE, enterprise_id_in_request)
def has_implicit_access_to_enrollment_api(user, obj): # pylint: disable=unused-argument
"""
Check that if request user has implicit access to `ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE` feature role.
Params:
user: An ``auth.User`` instance.
obj: The string version of an ``EnterpriseCustomer.uuid``.
Returns:
boolean: whether the request user has access or not
"""
request = crum.get_current_request()
decoded_jwt = get_decoded_jwt(request) or get_decoded_jwt_from_auth(
request)
return request_user_has_implicit_access_via_jwt(
decoded_jwt, ENTERPRISE_ENROLLMENT_API_ADMIN_ROLE, obj)
