def checkAccess(self): self.check.isProfileActive() invite_id = int(self.data.kwargs['id']) self.data.invite = GCIRequest.get_by_id(invite_id) self.check.isInvitePresent(invite_id) # get invited user and check if it is not deleted self.data.invited_user = self.data.invite.user if not self.data.invited_user: logging.warning( 'User entity does not exist for request with id %s', invite_id) raise NotFound('Invited user does not exist') # get the organization and check if the current user can manage the invite self.data.organization = self.data.invite.org self.check.isOrgAdmin() if self.data.POST: if 'withdraw' in self.data.POST: self.check.canInviteBeWithdrawn() elif 'resubmit' in self.data.POST: self.check.canInviteBeResubmitted() else: raise BadRequest('No action specified in manage_gci_invite request.')
def checkAccess(self): self.check.isProfileActive() # fetch the request entity based on the id request_id = int(self.data.kwargs['id']) self.data.request_entity = GCIRequest.get_by_id(request_id) self.check.isRequestPresent(request_id) # get the organization and check if the current user can manage the request self.data.organization = self.data.request_entity.org self.check.isOrgAdmin() self.data.is_respondable = self.data.request_entity.status == 'pending'
def checkAccess(self): self.check.isProfileActive() request_id = int(self.data.kwargs['id']) self.data.request_entity = GCIRequest.get_by_id(request_id) self.check.isRequestPresent(request_id) self.check.canManageRequest() # check if the submitted action is legal if self.data.POST: if 'withdraw' not in self.data.POST and 'resubmit' not in self.data.POST: raise BadRequest('Valid action is not specified in the request.') self.check.isRequestManageable()
def checkAccess(self): self.check.isUser() invite_id = int(self.data.kwargs['id']) self.data.invite = GCIRequest.get_by_id(invite_id) self.check.isInvitePresent(invite_id) self.check.canRespondInvite() self.data.is_respondable = self.data.invite.status == 'pending' # actual response may be sent only to pending requests if self.data.POST: if 'accept' not in self.data.POST and 'reject' not in self.data.POST: raise BadRequest('Valid action is not specified in the request.') self.check.isInviteRespondable()