Mercurial > kallithea
comparison pylons_app/lib/auth.py @ 339:5d517bbf0a0d
some extra checks for auth lib
author | Marcin Kuzminski <marcin@python-works.com> |
---|---|
date | Tue, 06 Jul 2010 23:57:57 +0200 |
parents | f5f290d68646 |
children | 6484963056cd |
comparison
equal
deleted
inserted
replaced
338:1eb2267a5469 | 339:5d517bbf0a0d |
---|---|
216 Checks for access permission for all given predicates. All of them have to | 216 Checks for access permission for all given predicates. All of them have to |
217 be meet in order to fulfill the request | 217 be meet in order to fulfill the request |
218 """ | 218 """ |
219 | 219 |
220 def check_permissions(self): | 220 def check_permissions(self): |
221 if self.required_perms.issubset(self.user_perms['global']): | 221 if self.required_perms.issubset(self.user_perms.get('global')): |
222 return True | 222 return True |
223 return False | 223 return False |
224 | 224 |
225 | 225 |
226 class HasPermissionAnyDecorator(PermsDecorator): | 226 class HasPermissionAnyDecorator(PermsDecorator): |
228 Checks for access permission for any of given predicates. In order to | 228 Checks for access permission for any of given predicates. In order to |
229 fulfill the request any of predicates must be meet | 229 fulfill the request any of predicates must be meet |
230 """ | 230 """ |
231 | 231 |
232 def check_permissions(self): | 232 def check_permissions(self): |
233 if self.required_perms.intersection(self.user_perms['global']): | 233 if self.required_perms.intersection(self.user_perms.get('global')): |
234 return True | 234 return True |
235 return False | 235 return False |
236 | 236 |
237 class HasRepoPermissionAllDecorator(PermsDecorator): | 237 class HasRepoPermissionAllDecorator(PermsDecorator): |
238 """ | 238 """ |
240 repository. All of them have to be meet in order to fulfill the request | 240 repository. All of them have to be meet in order to fulfill the request |
241 """ | 241 """ |
242 | 242 |
243 def check_permissions(self): | 243 def check_permissions(self): |
244 repo_name = get_repo_slug(request) | 244 repo_name = get_repo_slug(request) |
245 user_perms = set([self.user_perms['repositories'][repo_name]]) | 245 try: |
246 user_perms = set([self.user_perms['repositories'][repo_name]]) | |
247 except KeyError: | |
248 return False | |
246 if self.required_perms.issubset(user_perms): | 249 if self.required_perms.issubset(user_perms): |
247 return True | 250 return True |
248 return False | 251 return False |
249 | 252 |
250 | 253 |
255 """ | 258 """ |
256 | 259 |
257 def check_permissions(self): | 260 def check_permissions(self): |
258 repo_name = get_repo_slug(request) | 261 repo_name = get_repo_slug(request) |
259 | 262 |
260 user_perms = set([self.user_perms['repositories'][repo_name]]) | 263 try: |
264 user_perms = set([self.user_perms['repositories'][repo_name]]) | |
265 except KeyError: | |
266 return False | |
261 if self.required_perms.intersection(user_perms): | 267 if self.required_perms.intersection(user_perms): |
262 return True | 268 return True |
263 return False | 269 return False |
264 #=============================================================================== | 270 #=============================================================================== |
265 # CHECK FUNCTIONS | 271 # CHECK FUNCTIONS |
305 """ | 311 """ |
306 raise Exception('You have to write this function in child class') | 312 raise Exception('You have to write this function in child class') |
307 | 313 |
308 class HasPermissionAll(PermsFunction): | 314 class HasPermissionAll(PermsFunction): |
309 def check_permissions(self): | 315 def check_permissions(self): |
310 if self.required_perms.issubset(self.user_perms['global']): | 316 if self.required_perms.issubset(self.user_perms.get('global')): |
311 return True | 317 return True |
312 return False | 318 return False |
313 | 319 |
314 class HasPermissionAny(PermsFunction): | 320 class HasPermissionAny(PermsFunction): |
315 def check_permissions(self): | 321 def check_permissions(self): |
316 if self.required_perms.intersection(self.user_perms['global']): | 322 if self.required_perms.intersection(self.user_perms.get('global')): |
317 return True | 323 return True |
318 return False | 324 return False |
319 | 325 |
320 class HasRepoPermissionAll(PermsFunction): | 326 class HasRepoPermissionAll(PermsFunction): |
321 | 327 |
325 | 331 |
326 def check_permissions(self): | 332 def check_permissions(self): |
327 if not self.repo_name: | 333 if not self.repo_name: |
328 self.repo_name = get_repo_slug(request) | 334 self.repo_name = get_repo_slug(request) |
329 | 335 |
330 self.user_perms = set([self.user_perms['repositories']\ | 336 try: |
331 .get(self.repo_name)]) | 337 self.user_perms = set([self.user_perms['repositories']\ |
338 [self.repo_name]]) | |
339 except KeyError: | |
340 return False | |
332 self.granted_for = self.repo_name | 341 self.granted_for = self.repo_name |
333 if self.required_perms.issubset(self.user_perms): | 342 if self.required_perms.issubset(self.user_perms): |
334 return True | 343 return True |
335 return False | 344 return False |
336 | 345 |
343 | 352 |
344 def check_permissions(self): | 353 def check_permissions(self): |
345 if not self.repo_name: | 354 if not self.repo_name: |
346 self.repo_name = get_repo_slug(request) | 355 self.repo_name = get_repo_slug(request) |
347 | 356 |
348 self.user_perms = set([self.user_perms['repositories']\ | 357 try: |
349 .get(self.repo_name)]) | 358 self.user_perms = set([self.user_perms['repositories']\ |
359 [self.repo_name]]) | |
360 except KeyError: | |
361 return False | |
350 self.granted_for = self.repo_name | 362 self.granted_for = self.repo_name |
351 if self.required_perms.intersection(self.user_perms): | 363 if self.required_perms.intersection(self.user_perms): |
352 return True | 364 return True |
353 return False | 365 return False |
354 | 366 |