def access(route, role_id, isOwner=False): ''' @returns -1 if the route is not in the Rules table. 0 of the client is not allowed to perform this action. 1 if the client is allowed to perform this action. @param route: The address to check. Either request.path or a link on the site. @param role_id: The clients current role_id. @param isOwner: Whether the client owns the item associated with the requested action. ''' # This here is trying to figure out if this is a standard action (create, # delete, update) and use the appropriate permission field. If it is # not "view" is used. actions = { "/create$": lambda item: item.insert, "/[^/]+/delete$": lambda item: item.remove, "/[^/]+/update$": lambda item: item.change } try: for key, value in actions.items(): if re.match("^.+" + key, route): item = lookup(re.sub(key, "/", route), role_id) if item: return has_permissions(value(item), isOwner) item = lookup(route, role_id) if item: return has_permissions(item.view, isOwner) return 0 except ValueError: Log.warning(__name__, "Invalid route accessed (%s)." % (route)) return -1
def write_data(cls, file, data): try: with open(file, 'wb') as f: f.write(data) except Exception as e: Log.warning('%s: %s' % (e, file))
def write_file(cls, file, string, mode='w', encoding='utf-8'): try: with open(file, mode, encoding=encoding) as f: f.write(string) except Exception as e: Log.warning('%s: %s' % (e, file))
def read_file(cls, file, encoding='utf-8'): try: with open(file, 'r', encoding=encoding) as f: return f.read() except Exception as e: Log.warning('%s: %s' % (e, file))