Exemplo n.º 1
0
def canRead(id, userId):
    """
    Check if a user can read a shift. The user must have
    either:
        1. Created the shift
        2. The shift must be published and public
        3. If the user is subscribed to a stream the shift is on.
        4. If the shift is published to the user's private stream.
    Parameters:
        id - a shift id.
    Returns:
        bool.
    """
    db = core.connect()
    theShift = db[id]
    if user.isAdmin(userId):
        return True
    if theShift["createdBy"] == userId:
        return True
    if theShift["publishData"]["draft"]:
        return False
    theUser = db[userId]
    if not theShift["publishData"]["private"]:
        return True
    if theUser["privateStream"] in theShift["publishData"]["streams"]:
        return True
    shiftStreams = theShift["publishData"]["streams"]
    readableStreams = permission.readableStreams(userId)
    allowed = set(shiftStreams).intersection(readableStreams)
    return len(allowed) > 0
Exemplo n.º 2
0
def canRead(id, userId):
    """
    Check if a user can read an event. Allowed under the following conditions:
        1. the user is admin.
        2. the stream is public.
        3. the stream is readable by the user.
    Parameters:
        id - an event id.
        userId - a user id.
    Returns:
        bool.
    """
    if user.isAdmin(userId):
        return True
    streamId = data["streamId"]
    theStream = stream.read(userId)
    if not theStream["private"]:
        return True
    readable = permission.readableStreams(userId)
    return (streamId in readable)
Exemplo n.º 3
0
def canRead(id, userId):
    """
    Returns true if:
        1. User is admin.
        2. The stream is public.
        3. The user created the stream.
        4. The user has read permission for the stream.
    Parameters:
        id - a stream id.
        userId - a user id.
    Returns:
        bool.
    """
    if user.isAdmin(userId):
        return True
    theStream = read(id)
    if theStream["createdBy"] == userId:
        return True
    if not theStream["private"]:
        return True
    readableStreams = permission.readableStreams(userId)
    return id in readableStreams