~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/rpc/decorators.py

  • Committer: William Grant
  • Date: 2009-01-20 06:00:55 UTC
  • mto: This revision was merged to the branch mainline in revision 1090.
  • Revision ID: grantw@unimelb.edu.au-20090120060055-iuvd8hycor67acfa
ivle.rpc.decorators: Add (new package, too). Has a couple of decorators to
    apply most security policy in userservice, making it significantly shorter
    and easier to audit.
www/apps/userservice: Use the decorators to protect all actions whose existing
    policy can be easily replaced with them.

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
'''Decorators useful for actions in the IVLE AJAX API.
 
2
 
 
3
The first argument to any method wrapped by these needs to be a request.
 
4
'''
 
5
 
 
6
class require_method(object):
 
7
    '''Require that the request has been made with the specified HTTP method.
 
8
    '''
 
9
    def __init__(self, method):
 
10
        self.method = method
 
11
 
 
12
    def __call__(self, func):
 
13
        def method_or_die(req, *args, **kwargs):
 
14
           if req.method != self.method:
 
15
               req.throw_error(req.HTTP_METHOD_NOT_ALLOWED,
 
16
               "Only %s requests can be made to this action." % self.method)
 
17
           func(req, *args, **kwargs)
 
18
        return method_or_die
 
19
 
 
20
class require_cap(object):
 
21
    '''Require that the logged in user has the specified capability.'''
 
22
    def __init__(self, cap):
 
23
        self.cap = cap
 
24
 
 
25
    def __call__(self, func):
 
26
        def cap_or_die(req, *args, **kwargs):
 
27
           if not req.user.hasCap(self.cap):
 
28
               req.throw_error(req.HTTP_FORBIDDEN,
 
29
               "You do not have permission to use this action.")
 
30
           func(req, *args, **kwargs)
 
31
        return cap_or_die
 
32