blob: b57e9f77ef01febb4750c3e9d6adf5ea471cdaed (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
from opendc.models.model import Model
from opendc.models.user import User
from opendc.util.database import DB
from opendc.util.exceptions import ClientError
from opendc.util.rest import Response
class Project(Model):
"""Model representing a Project."""
collection_name = 'projects'
def check_user_access(self, google_id, edit_access):
"""Raises an error if the user with given [google_id] has insufficient access.
:param google_id: The Google ID of the user.
:param edit_access: True when edit access should be checked, otherwise view access.
"""
user = User.from_google_id(google_id)
authorizations = list(filter(lambda x: str(x['projectId']) == str(self.get_id()),
user.obj['authorizations']))
if len(authorizations) == 0 or (edit_access and authorizations[0]['authorizationLevel'] == 'VIEW'):
raise ClientError(Response(403, "Forbidden from retrieving project."))
def get_all_authorizations(self):
"""Get all user IDs having access to this project."""
return [
str(user['_id']) for user in DB.fetch_all({'authorizations': {
'projectId': self.obj['_id']
}}, User.collection_name)
]
|
