def decroated(self, data, req_info, curs):
auth = Authenticator()
session_id = data.get('session_id')
session = auth.get_session(session_id)
f = UserFilter(session, {'id': session.user_id}, {}, {})
user = f.filter_one_obj(curs)
try:
if user.environment_id != session.environment_id:
raise HelixauthError('User and session from different environments')
if not user.is_active:
raise UserInactive()
auth.check_access(session, Service.TYPE_AUTH, method.__name__, req_info)
data.pop('session_id', None)
custom_actor_info = data.pop('custom_actor_info', None)
try:
result = method(self, data, req_info, session, curs)
except Exception, e:
data['environment_id'] = session.environment_id
_add_log_info(data, session, custom_actor_info)
raise e
_add_log_info(data, session, custom_actor_info)
return result
def check_access(self, data, req_info, session, curs=None):
a = Authenticator()
srv_type = data.get('service_type', None)
p = data.get('property', None)
try:
a.check_access(session, srv_type, p, req_info)
return response_ok(user_id=session.user_id,
environment_id=session.environment_id, access='granted')
except (UserAccessDenied, SessionIpChanged):
return response_ok(user_id=session.user_id,
environment_id=session.environment_id, access='denied')
