def wrapper(*args, **kwargs): current_user = kwargs['current_user'] logging.info('Current user: {0}'.format(current_user)) if not current_user.is_admin: return forbidden('You must be admin to call this API.') return func(*args, **kwargs)
def wrapper(*args, **kwargs): research = kwargs['research'] current_user = kwargs['current_user'] if current_user.is_supervisor_of(research)\ or current_user.is_admin: return func(*args, **kwargs) else: return forbidden('You must be supervisor to call this API.')
def wrapper(*args, **kwargs): message = kwargs['message'] current_user = kwargs['current_user'] research = message\ .forum_key.get()\ .research_key.get() if current_user.is_supervisor_of(research)\ or message.creator_key == current_user.key\ or current_user.is_admin: return func(*args, **kwargs) else: return forbidden('You must be owner to call this API.')
def wrapper(*args, **kwargs): current_user = kwargs['current_user'] if 'research' in kwargs: research = kwargs['research'] elif 'forum': forum = kwargs['forum'] research = forum.research_key.get() else: return bad_request("Can't get info about research.") if __is_researcher(research, current_user) or current_user.is_admin: return func(*args, **kwargs) else: return forbidden('You must be researcher to call this API.')