def can_write(self, u):
if config.is_current_user_admin():
return True
try:
owners = self.owners
except ndb.UnprojectedPropertyError:
owners = []
if u and u in owners:
return True
return False
def can_write(self, u):
if config.is_current_user_admin():
return True
try:
owners = self.owners
except ndb.UnprojectedPropertyError:
owners = []
if u and u in owners:
return True
return False
def delete(self, key):
if not config.is_current_user_admin():
raise AppError("User must be administrator.")
key = blobstore.BlobKey(str(urllib.unquote(key)))
blob_info = BlobInfo.get(key)
if blob_info:
blob_info.delete()
if HAS_PIL and re_image.match(blob_info.content_type):
delete_serving_url(key)
return {}
else:
self.error(404)
return {"error": "File not found with key " + key}
def to_dict(self, *args, **kwargs):
result = super(users, self).to_dict(*args, **kwargs)
u = current_user()
if u and u == self.key.urlsafe():
pass
else:
for k in result.keys():
if not re_public.match(k):
del result[k]
result["Id"] = self.key.urlsafe()
admin = config.is_current_user_admin()
if admin:
result["$admin"] = admin
return result
def can_read(self, u):
if config.is_current_user_admin():
return True
try:
owners = self.owners
except ndb.UnprojectedPropertyError:
owners = []
try:
viewers = self.viewers
except ndb.UnprojectedPropertyError:
viewers = []
if u and (u in owners or u in viewers):
return True
return False
def to_dict(self, *args, **kwargs):
result = super(users, self).to_dict(*args, **kwargs)
u = current_user()
if u and u == self.key.urlsafe():
pass
else:
for k in result.keys():
if not re_public.match(k):
del result[k]
result["Id"] = self.key.urlsafe()
admin = config.is_current_user_admin()
if admin:
result["$admin"] = admin
return result
def can_read(self, u):
if config.is_current_user_admin():
return True
try:
owners = self.owners
except ndb.UnprojectedPropertyError:
owners = []
try:
viewers = self.viewers
except ndb.UnprojectedPropertyError:
viewers = []
if u and (u in owners or u in viewers):
return True
return False
def get(self, key):
if key == "": # query
if not config.is_current_user_admin():
raise AppError("User must be administrator.")
return restful.query(self, BlobInfo)
elif key == "create":
return {
"upload_url": blobstore.create_upload_url("/api/files/upload")
}
key = str(urllib.unquote(key))
blob_info = bs.BlobInfo.get(key)
if blob_info:
self.send_blob(blob_info)
raise BreakError
else:
self.error(404)
return {"error": "File not found with key " + key}
def _pre_put_hook(self):
super(ScopedModel, self)._pre_put_hook()
if config.is_current_user_admin():
return
# check for writable and for any admin properties
if self._previous is not None:
u = current_user(required=True)
if not self._previous.can_write(u):
raise AppError("You do not have sufficient privileges.")
keys = [p._code_name for p in self._properties.itervalues()]
for k in keys:
if re_admin.match(k):
attr = getattr(self._previous, k, None)
if attr:
setattr(self, k, attr)
else:
delattr(self, k)
else:
keys = [p._code_name for p in self._properties.itervalues()]
for k in keys:
if re_admin.match(k):
delattr(self, k)
def _pre_put_hook(self):
super(ScopedModel, self)._pre_put_hook()
if config.is_current_user_admin():
return
# check for writable and for any admin properties
if self._previous is not None:
u = current_user(required=True)
if not self._previous.can_write(u):
raise AppError("You do not have sufficient privileges.")
keys = [p._code_name for p in self._properties.itervalues()]
for k in keys:
if re_admin.match(k):
attr = getattr(self._previous, k, None)
if attr:
setattr(self, k, attr)
else:
delattr(self, k)
else:
keys = [p._code_name for p in self._properties.itervalues()]
for k in keys:
if re_admin.match(k):
delattr(self, k)
def delete(self, name):
if not config.is_current_user_admin():
raise AppError("Unauthorized.")
if not name:
raise AppError("Must provide name.")
def delete(self, name):
if not config.is_current_user_admin():
raise AppError("Unauthorized.")
if not name:
raise AppError("Must provide name.")
def is_authorized(request):
return config.is_current_user_admin()
def is_authorized(request): return config.is_current_user_admin()