def visit(self): if (self.club and self.user): return True #Analyze req path first slug, pathuser = urlconf.analyze(self.request.path) #Get club club = Club.getClubBySlug(slug) if (not club): return errorPage(self.response, "No such club " + slug, '/clubs', 404) #Check user status user = users.get_current_user() if (not user): return errorPage(self.response, "User not login", users.create_login_url(self.request.uri), self.response, 403) #That the one we modify is the path user. if omitted, user current user as target if (pathuser): pathuser = users.User(pathuser) else: pathuser = user #@warning: I don't know is it correct to add access control code here if (not hasClubPrivilige(user, club, 'membership', pathuser.email())): return errorPage(self.response, "Can not access", '/', 403) self.user = user self.club = club self.member = Membership.between(pathuser, club) self.targetUser = pathuser return True
def visit(self): if self.club and self.user: return True # Analyze req path first slug, pathuser = urlconf.analyze(self.request.path) # Get club club = Club.getClubBySlug(slug) if not club: return errorPage(self.response, "No such club " + slug, "/clubs", 404) # Check user status user = users.get_current_user() if not user: return errorPage( self.response, "User not login", users.create_login_url(self.request.uri), self.response, 403 ) # That the one we modify is the path user. if omitted, user current user as target if pathuser: pathuser = users.User(pathuser) else: pathuser = user # @warning: I don't know is it correct to add access control code here if not hasClubPrivilige(user, club, "membership", pathuser.email()): return errorPage(self.response, "Can not access", "/", 403) self.user = user self.club = club self.member = Membership.between(pathuser, club) self.targetUser = pathuser return True
def initRequest(self): urlconf = urldict[type(self).__name__] slug, useremail = urlconf.analyze(self.request.path) club = Club.getClubBySlug(slug) if (not club): return errorPage(self.response, "No Such Club: '%s'" % slug, urldict['ClubList'].path(), 404) user = users.get_current_user() pathuser = user if (useremail): getuser = users.User(useremail) if (getuser): pathuser = getuser if (hasClubPrivilige(user, club, "privGrant", pathuser)): self.user = user self.target = Membership.between(pathuser, club) if (self.target): return True else: return errorPage( self.response, "User %s is not a member of club %s" % (pathuser, slug), urldict['ClubView'].path(slug), 403) else: return errorPage( self.response, "Access Deny For Privilige Grant Operation on Club %s, to user %s" % (slug, pathuser), urldict['ClubView'].path(slug), 403)
def getActModel(self): urlcfg = urldict['ActivityNew'] slug, = urlcfg.analyze(self.request.path) user = get_current_user() club = Club.getClubBySlug(slug) if (user and club): newact = Activity.createDefault(user, club) if (newact): newact.bill = [('Filed Expense', 80), ('Balls Expense', 30)] return newact else: return None
def get(self, *args): path = self.request.path slug = lastWordOfUrl(path) if (slug): club = Club.getClubBySlug(slug) if (club): templatevars = dict(club = club ) user = users.get_current_user() membership = Membership.between (user, club) if (membership): templatevars['membership'] = membership elif (user and hasClubPrivilige(user, club, 'join')): #Could Join templatevars['action'] = memberurlconf.path(club.slug, user.email()) templatevars['userName'] = user.nickname() templatevars['userEmail'] = user.email() else: templatevars['loginUrl'] = users.create_login_url(self.request.uri) if (membership and hasClubPrivilige(user, club, 'newAct')): templatevars['newAct'] = urldict['ActivityNew'].path(slug) if (hasClubPrivilige(user, club, "edit")): templatevars['editurl'] = urldict['ClubEdit'].path(club.slug) mq = Membership.all() mq.filter ('club = ', club) memset = [] for mem in mq: if (hasClubPrivilige(user, club, "privGrant")): mem.privEdit = urldict['ClubPrivilige'].path(slug, mem.user.email()) memset.append(mem) templatevars['members'] = memset aq = Activity.all() aq.filter ('club = ', club) avpath = urldict['ActivityView'].path actlist = [] for act in aq: act.linkpath = avpath (act.key().id()) actlist.append (act) templatevars['acts'] = actlist self.response.out.write (render(self.template, templatevars, self.request.url) ) else: self.response.set_status(404) errorPage( self.response, "Club Not Found", listurlconf.path())
def initRequest(self): urlconf = urldict[type(self).__name__] slug, useremail = urlconf.analyze(self.request.path) club = Club.getClubBySlug(slug) if (not club): return errorPage(self.response, "No Such Club: '%s'" % slug, urldict['ClubList'].path(), 404) user = users.get_current_user() pathuser = user if (useremail): getuser = users.User(useremail) if (getuser): pathuser = getuser if (hasClubPrivilige(user, club, "privGrant", pathuser)): self.user = user self.target = Membership.between(pathuser, club) if (self.target): return True else: return errorPage(self.response, "User %s is not a member of club %s" % (pathuser, slug), urldict['ClubView'].path(slug), 403 ) else: return errorPage(self.response, "Access Deny For Privilige Grant Operation on Club %s, to user %s" % (slug, pathuser), urldict['ClubView'].path(slug), 403 )