def clienttoken(self): # only admin can fetch client token if not checkPermission('cmf.ManagePortal', self.context): raise Unauthorized() self.request.response['CONTENT-TYPE'] = 'application/json' return json.dumps({ 'client_key': self.config.client_key, 'client_secret': self.config.client_secret, })
def traverseName(self, request, ob, name, check_auth=1): if name.startswith('_'): raise Unauthorized(name) if hasattr(ob, name): subob = getattr(ob, name) else: try: subob = ob[name] except (KeyError, IndexError, TypeError, AttributeError): raise NotFound(ob, name, request) if self.require_docstrings and not getattr(subob, '__doc__', None): raise DebugError(subob, 'Missing or empty doc string') return subob
def clienttoken(self): # only admin can fetch client token if not checkPermission('cmf.ManagePortal', self.context): raise Unauthorized() self.request.response['CONTENT-TYPE'] = 'application/json' return json.dumps({ 'client_id': self.config.client_id, 'redirect_uri': self.config.redirect_url, 'auto_refresh_kwargs': { 'client_id': self.config.client_id, 'client_secret': self.config.client_secret, }, 'auto_refresh_url': self.config.refresh_url })
def publishTraverse(self, request, name): ob = self.context if name.startswith('@@'): return zope.component.getMultiAdaptera((ob, request), name=name[6:]) if name.startswith('_'): raise Unauthorized(name) subob = getattr(ob, name, self) # self is marker here if subob is self: # no attribute try: subob = ob[name] except (KeyError, IndexError, TypeError, AttributeError): raise NotFound(ob, name, request) return subob
def check(*args, **kw): if api.user.is_anonymous(): raise Unauthorized() return func(*args, **kw)
def traverse(self, name, ignored): self.request.shiftNameToApplication() pid = self.request.principal.id if name != pid: raise Unauthorized("++principal++%s" % name) return self.context