def has_admin_scope(request): """ Helper function to determine if a request should be treated as though it has the `osf.admin` scope. This includes both tokened requests that do, and requests that are made via the OSF (i.e. have an osf cookie) """ cookie = request.COOKIES.get(website_settings.COOKIE_NAME) if cookie: return bool(get_session_from_cookie(cookie)) token = request.auth if token is None or not isinstance(token, CasResponse): return False return set(ComposedScopes.ADMIN_LEVEL).issubset(normalize_scopes(token.attributes['accessTokenScope']))
def has_admin_scope(request): """ Helper function to determine if a request should be treated as though it has the `osf.admin` scope. This includes both tokened requests that do, and requests that are made via the OSF (i.e. have an osf cookie) """ cookie = request.COOKIES.get(website_settings.COOKIE_NAME) if cookie: return bool(get_session_from_cookie(cookie)) token = request.auth if token is None or not isinstance(token, CasResponse): return False return set(ComposedScopes.ADMIN_LEVEL).issubset(normalize_scopes(token.attributes['accessTokenScope']))