Creating access app for permissions-related utils, decorators and helpers.

2010-06-01 16:35:09 -07:00 · 2010-06-01 16:35:09 -07:00 · fc1170454d
--- a/apps/access/init.py
+++ b/apps/access/init.py
@ -0,0 +1,17 @@
 from authority import get_check
 def has_perm_or_owns(user, perm, obj, perm_obj,
                     field_name='creator'):
    """
    Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), returns True if the user has perm on
    obj.
    """
    if user == getattr(obj, field_name):
        return True
    check = get_check(user, perm)
    if not check:
        return False
    return check(perm_obj)
--- a/apps/access/decorators.py
+++ b/apps/access/decorators.py
@ -5,7 +5,7 @@ from django.db.models import Model, get_model
 from django.http import HttpResponseForbidden
 from django.shortcuts import get_object_or_404
-from sumo import utils
+import access
 def has_perm_or_owns_or_403(perm, field_name, lookup_obj, lookup_perm_obj,
@ -37,9 +37,9 @@ def has_perm_or_owns_or_403(perm, field_name, lookup_obj, lookup_perm_obj,
                            'The argument %s needs to be a model.' % model)
                    obj = get_object_or_404(model_class, **{lookup: value})
                    params.append(obj)
-                granted = utils.has_perm_or_owns(request.user, perm,
+                granted = access.has_perm_or_owns(request.user, perm,
-                                                 params[0], params[1],
+                                                  params[0], params[1],
-                                                 field_name)
+                                                  field_name)
                if granted or request.user.has_perm(perm):
                    return view_func(request, *args, **kwargs)
--- a/apps/access/helpers.py
+++ b/apps/access/helpers.py
@ -0,0 +1,30 @@
 import authority
 import jinja2
 from jingo import register
 import access
@register.function
@jinja2.contextfunction
 def has_perm(context, perm, obj):
    """
    Check if the user has a permission on a specific object.
    Returns boolean.
    """
    check = authority.get_check(context['request'].user, perm)
    return check(obj)
@register.function
@jinja2.contextfunction
 def has_perm_or_owns(context, perm, obj, perm_obj, field_name='creator'):
    """
    Check if the user has a permission or owns the object.
    Ownership is determined by comparing perm_obj.field_name to the user in
    context.
    """
    return access.has_perm_or_owns(context['request'].user, perm, obj,
                                   perm_obj, field_name)
--- a/apps/forums/tests/test_permissions.py
+++ b/apps/forums/tests/test_permissions.py
@ -1,12 +1,12 @@
 from nose.tools import eq_
 import test_utils
 from django.test import TestCase
 from django.contrib.auth.models import User
-from sumo.helpers import has_perm, has_perm_or_owns
+from nose.tools import eq_
 import test_utils
 import access
 from .helpers import has_perm, has_perm_or_owns
 from sumo.urlresolvers import reverse
 from sumo import utils
 from forums.models import Forum, Thread
@ -143,7 +143,7 @@ class ForumTestPermissions(TestCase):
        my_t = Thread.objects.filter(creator=me)[0]
        other_t = Thread.objects.exclude(creator=me)[0]
        perm = 'forums_forum.thread_edit_forum'
-        allowed = utils.has_perm_or_owns(me, perm, my_t, self.forum_1)
+        allowed = access.has_perm_or_owns(me, perm, my_t, self.forum_1)
        eq_(allowed, True)
-        allowed = utils.has_perm_or_owns(me, perm, other_t, self.forum_1)
+        allowed = access.has_perm_or_owns(me, perm, other_t, self.forum_1)
        eq_(allowed, False)
--- a/apps/forums/views.py
+++ b/apps/forums/views.py
@ -9,7 +9,7 @@ from django.views.decorators.http import require_POST
 import jingo
 from authority.decorators import permission_required_or_403
-from sumo.decorators import has_perm_or_owns_or_403
+from access.decorators import has_perm_or_owns_or_403
 from sumo.urlresolvers import reverse
 from sumo.utils import paginate
 from .models import Forum, Thread, Post
--- a/apps/sumo/helpers.py
+++ b/apps/sumo/helpers.py
@ -11,11 +11,9 @@ from tower import ugettext_lazy as _lazy
 from babel import localedata
 from babel.dates import format_date, format_time, format_datetime
 from pytz import timezone
 import authority
-from sumo.urlresolvers import reverse
+from .urlresolvers import reverse
-from sumo.utils import urlencode
+from .utils import urlencode
 from sumo import utils
 class DateTimeFormatError(Exception):
@ -191,28 +189,3 @@ def datetimeformat(context, value, format='shortdatetime'):
    else:
        # Unknown format
        raise DateTimeFormatError
@register.function
@jinja2.contextfunction
 def has_perm(context, perm, obj):
    """
    Check if the user has a permission on a specific object.
    Returns boolean.
    """
    check = authority.get_check(context['request'].user, perm)
    return check(obj)
@register.function
@jinja2.contextfunction
 def has_perm_or_owns(context, perm, obj, perm_obj, field_name='creator'):
    """
    Check if the user has a permission or owns the object.
    Ownership is determined by comparing perm_obj.field_name to the user in
    context.
    """
    return utils.has_perm_or_owns(context['request'].user, perm, obj,
                                  perm_obj, field_name)
--- a/apps/sumo/utils.py
+++ b/apps/sumo/utils.py
@ -1,7 +1,5 @@
 import urllib
 from authority import get_check
 from django.core import paginator
 from django.utils.encoding import smart_str
@ -44,22 +42,6 @@ def urlencode(items):
        return urllib.urlencode([(k, smart_str(v)) for k, v in items])
 def has_perm_or_owns(user, perm, obj, perm_obj,
                     field_name='creator'):
    """
    Given a user, a permission, an object (obj) and another object to check
    permissions against (perm_obj), returns True if the user has perm on
    obj.
    """
    if user == getattr(obj, field_name):
        return True
    check = get_check(user, perm)
    if not check:
        return False
    return check(perm_obj)
 class WikiParser(object):
    """
    Wrapper for wikimarkup. Adds Kitsune-specific callbacks and setup.
--- a/settings.py
+++ b/settings.py
@ -160,6 +160,7 @@ INSTALLED_APPS = (
    'jingo_minify',
    ROOT_PACKAGE,
    'authority',
    'access',
    'sumo',
    'search',
    'forums',