Creating access app for permissions-related utils, decorators and helpers.

2010-06-01 16:35:09 -07:00 · 2010-06-01 16:35:09 -07:00 · fc1170454d
--- a/apps/access/init.py
+++ b/apps/access/init.py
@ -0,0 +1,17 @@
+from authority import get_check
+
+
+def has_perm_or_owns(user, perm, obj, perm_obj,
+                     field_name='creator'):
+    """
+    Given a user, a permission, an object (obj) and another object to check
+    permissions against (perm_obj), returns True if the user has perm on
+    obj.
+    """
+    if user == getattr(obj, field_name):
+        return True
+
+    check = get_check(user, perm)
+    if not check:
+        return False
+    return check(perm_obj)
--- a/apps/access/decorators.py
+++ b/apps/access/decorators.py
@ -5,7 +5,7 @@ from django.db.models import Model, get_model
 from django.http import HttpResponseForbidden
 from django.shortcuts import get_object_or_404

-from sumo import utils
+import access


 def has_perm_or_owns_or_403(perm, field_name, lookup_obj, lookup_perm_obj,
@ -37,9 +37,9 @@ def has_perm_or_owns_or_403(perm, field_name, lookup_obj, lookup_perm_obj,
                            'The argument %s needs to be a model.' % model)
                    obj = get_object_or_404(model_class, **{lookup: value})
                    params.append(obj)
-                granted = utils.has_perm_or_owns(request.user, perm,
-                                                 params[0], params[1],
-                                                 field_name)
+                granted = access.has_perm_or_owns(request.user, perm,
+                                                  params[0], params[1],
+                                                  field_name)
                if granted or request.user.has_perm(perm):
                    return view_func(request, *args, **kwargs)

--- a/apps/access/helpers.py
+++ b/apps/access/helpers.py
@ -0,0 +1,30 @@
+import authority
+import jinja2
+from jingo import register
+
+import access
+
+
+@register.function
+@jinja2.contextfunction
+def has_perm(context, perm, obj):
+    """
+    Check if the user has a permission on a specific object.
+
+    Returns boolean.
+    """
+    check = authority.get_check(context['request'].user, perm)
+    return check(obj)
+
+
+@register.function
+@jinja2.contextfunction
+def has_perm_or_owns(context, perm, obj, perm_obj, field_name='creator'):
+    """
+    Check if the user has a permission or owns the object.
+
+    Ownership is determined by comparing perm_obj.field_name to the user in
+    context.
+    """
+    return access.has_perm_or_owns(context['request'].user, perm, obj,
+                                   perm_obj, field_name)
--- a/apps/forums/tests/test_permissions.py
+++ b/apps/forums/tests/test_permissions.py
@ -1,12 +1,12 @@
-from nose.tools import eq_
-import test_utils
-
 from django.test import TestCase
 from django.contrib.auth.models import User

-from sumo.helpers import has_perm, has_perm_or_owns
+from nose.tools import eq_
+import test_utils
+
+import access
+from .helpers import has_perm, has_perm_or_owns
 from sumo.urlresolvers import reverse
-from sumo import utils
 from forums.models import Forum, Thread


@ -143,7 +143,7 @@ class ForumTestPermissions(TestCase):
        my_t = Thread.objects.filter(creator=me)[0]
        other_t = Thread.objects.exclude(creator=me)[0]
        perm = 'forums_forum.thread_edit_forum'
-        allowed = utils.has_perm_or_owns(me, perm, my_t, self.forum_1)
+        allowed = access.has_perm_or_owns(me, perm, my_t, self.forum_1)
        eq_(allowed, True)
-        allowed = utils.has_perm_or_owns(me, perm, other_t, self.forum_1)
+        allowed = access.has_perm_or_owns(me, perm, other_t, self.forum_1)
        eq_(allowed, False)
--- a/apps/forums/views.py
+++ b/apps/forums/views.py
@ -9,7 +9,7 @@ from django.views.decorators.http import require_POST
 import jingo
 from authority.decorators import permission_required_or_403

-from sumo.decorators import has_perm_or_owns_or_403
+from access.decorators import has_perm_or_owns_or_403
 from sumo.urlresolvers import reverse
 from sumo.utils import paginate
 from .models import Forum, Thread, Post
--- a/apps/sumo/helpers.py
+++ b/apps/sumo/helpers.py
@ -11,11 +11,9 @@ from tower import ugettext_lazy as _lazy
 from babel import localedata
 from babel.dates import format_date, format_time, format_datetime
 from pytz import timezone
-import authority

-from sumo.urlresolvers import reverse
-from sumo.utils import urlencode
-from sumo import utils
+from .urlresolvers import reverse
+from .utils import urlencode


 class DateTimeFormatError(Exception):
@ -191,28 +189,3 @@ def datetimeformat(context, value, format='shortdatetime'):
    else:
        # Unknown format
        raise DateTimeFormatError
-
-
-@register.function
-@jinja2.contextfunction
-def has_perm(context, perm, obj):
-    """
-    Check if the user has a permission on a specific object.
-
-    Returns boolean.
-    """
-    check = authority.get_check(context['request'].user, perm)
-    return check(obj)
-
-
-@register.function
-@jinja2.contextfunction
-def has_perm_or_owns(context, perm, obj, perm_obj, field_name='creator'):
-    """
-    Check if the user has a permission or owns the object.
-
-    Ownership is determined by comparing perm_obj.field_name to the user in
-    context.
-    """
-    return utils.has_perm_or_owns(context['request'].user, perm, obj,
-                                  perm_obj, field_name)
--- a/apps/sumo/utils.py
+++ b/apps/sumo/utils.py
@ -1,7 +1,5 @@
 import urllib

-from authority import get_check
-
 from django.core import paginator
 from django.utils.encoding import smart_str

@ -44,22 +42,6 @@ def urlencode(items):
        return urllib.urlencode([(k, smart_str(v)) for k, v in items])


-def has_perm_or_owns(user, perm, obj, perm_obj,
-                     field_name='creator'):
-    """
-    Given a user, a permission, an object (obj) and another object to check
-    permissions against (perm_obj), returns True if the user has perm on
-    obj.
-    """
-    if user == getattr(obj, field_name):
-        return True
-
-    check = get_check(user, perm)
-    if not check:
-        return False
-    return check(perm_obj)
-
-
 class WikiParser(object):
    """
    Wrapper for wikimarkup. Adds Kitsune-specific callbacks and setup.
--- a/settings.py
+++ b/settings.py
@ -160,6 +160,7 @@ INSTALLED_APPS = (
    'jingo_minify',
    ROOT_PACKAGE,
    'authority',
+    'access',
    'sumo',
    'search',
    'forums',