Почетна Преглед Помоћ
Пријавите Се
bux
/
tracim
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
1471 Комити
1 Гране
Дрво: 3569b308ae
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '3569b308ae'
${ noResults }
tracim/tracim/tracim/lib/predicates.py

predicates.py 2.2KB
Историја Датотека

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. # -*- coding: utf-8 -*-

  2. 

  3. from tg import abort

  4. from tg import request

  5. from tg import tmpl_context

  6. from tracim.lib.utils import lazy_ugettext as l_

  7. from tg.i18n import ugettext as _

  8. from tg.predicates import Predicate

  9. 

  10. from tracim.model.data import ContentType

  11. from tracim.lib.base import logger

  12. from tracim.lib.content import ContentApi

  13. 

  14. from tracim.model.data import UserRoleInWorkspace

  15. 

  16. 

  17. FORBIDDEN_MSG = l_('You are not authorized to access this resource')

  18. 

  19. class WorkspaceRelatedPredicate(Predicate):

  20.     def __init__(self, **kwargs):

  21.         super(WorkspaceRelatedPredicate, self).__init__(**kwargs)

  22.         self.message = FORBIDDEN_MSG

  23. 

  24.     def minimal_role_level(self) -> int:

  25.         """

  26.         This method must be implemented in child classes. It defines the role of the user in the given workspace

  27.         :return: required level associated to the predicate

  28.         """

  29.         raise NotImplementedError

  30. 

  31. 

  32.     def evaluate(self, environ, credentials):

  33.         # Comment next line if you want to activate the debug controller

  34.         try:

  35.             current_user = tmpl_context.current_user

  36.             workspace = tmpl_context.workspace

  37.             if workspace.get_user_role(current_user)>= self.minimal_role_level():

  38.                 return

  39.         except Exception as e:

  40.             logger.warning(self, 'Exception catched: {}'.format(e.__str__))

  41.             self.unmet()

  42.         self.unmet()

  43. 

  44. 

  45. class current_user_is_reader(WorkspaceRelatedPredicate):

  46.     def minimal_role_level(self):

  47.         return UserRoleInWorkspace.READER

  48. 

  49. 

  50. class current_user_is_contributor(WorkspaceRelatedPredicate):

  51.     def minimal_role_level(self):

  52.         return UserRoleInWorkspace.CONTRIBUTOR

  53. 

  54. 

  55. class current_user_is_content_manager(WorkspaceRelatedPredicate):

  56.     def minimal_role_level(self):

  57.         return UserRoleInWorkspace.CONTENT_MANAGER

  58. 

  59. 

  60. class current_user_is_workspace_manager(WorkspaceRelatedPredicate):

  61.     def minimal_role_level(self):

  62.         return UserRoleInWorkspace.WORKSPACE_MANAGER

  63. 

  64. def require_current_user_is_owner(item_id: int):

  65.     current_user = tmpl_context.current_user

  66.     item = ContentApi(current_user, True, True).get_one(item_id, ContentType.Any)

  67. 

  68.     if item.owner_id!=current_user.user_id:

  69.         abort(403, _('You\'re not allowed to access this resource'))