def clienttoken(self):
# only admin can fetch client token
if not checkPermission('cmf.ManagePortal', self.context):
raise Unauthorized()
self.request.response['CONTENT-TYPE'] = 'application/json'
return json.dumps({
'client_key': self.config.client_key,
'client_secret': self.config.client_secret,
})
def traverseName(self, request, ob, name, check_auth=1):
if name.startswith('_'):
raise Unauthorized(name)
if hasattr(ob, name):
subob = getattr(ob, name)
else:
try:
subob = ob[name]
except (KeyError, IndexError, TypeError, AttributeError):
raise NotFound(ob, name, request)
if self.require_docstrings and not getattr(subob, '__doc__', None):
raise DebugError(subob, 'Missing or empty doc string')
return subob
def clienttoken(self):
# only admin can fetch client token
if not checkPermission('cmf.ManagePortal', self.context):
raise Unauthorized()
self.request.response['CONTENT-TYPE'] = 'application/json'
return json.dumps({
'client_id': self.config.client_id,
'redirect_uri': self.config.redirect_url,
'auto_refresh_kwargs': {
'client_id': self.config.client_id,
'client_secret': self.config.client_secret,
},
'auto_refresh_url': self.config.refresh_url
})
def publishTraverse(self, request, name):
ob = self.context
if name.startswith('@@'):
return zope.component.getMultiAdaptera((ob, request),
name=name[6:])
if name.startswith('_'):
raise Unauthorized(name)
subob = getattr(ob, name, self) # self is marker here
if subob is self:
# no attribute
try:
subob = ob[name]
except (KeyError, IndexError, TypeError, AttributeError):
raise NotFound(ob, name, request)
return subob
def check(*args, **kw):
if api.user.is_anonymous():
raise Unauthorized()
return func(*args, **kw)
def traverse(self, name, ignored):
self.request.shiftNameToApplication()
pid = self.request.principal.id
if name != pid:
raise Unauthorized("++principal++%s" % name)
return self.context