← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/studpath.py

  • Committer: William Grant
  • Date: 2009-02-23 23:47:02 UTC
  • mfrom: (1099.1.211 new-dispatch)
  • Revision ID: grantw@unimelb.edu.au-20090223234702-db4b1llly46ignwo
Merge from lp:~ivle-dev/ivle/new-dispatch.

Pretty much everything changes. Reread the setup docs. Backup your databases.
Every file is now in a different installed location, the configuration system
is rewritten, the dispatch system is rewritten, URLs are different, the
database is different, worksheets and exercises are no longer on the
filesystem, we use a templating engine, jail service protocols are rewritten,
we don't repeat ourselves, we have authorization rewritten, phpBB is gone,
and probably lots of other things that I cannot remember.

This is certainly the biggest commit I have ever made, and hopefully
the largest I ever will.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/studpath.py
81
81
    urlpath: See urlpath in url_to_local.
82
82
 
83
83
    >>> url_to_jailpaths("joe/mydir/myfile")
84
 
    ("joe", "/home/informatics/jails/joe", "home/joe/mydir/myfile")
 
84
    ('joe', '/var/lib/ivle/jailmounts/joe', '/home/joe/mydir/myfile')
85
85
 
86
86
    >>> url_to_jailpaths("")
87
87
    (None, None, None)
132
132
        return False
133
133
 
134
134
 
135
 
def authorize(req):
 
135
def authorize(req, user):
136
136
    """Given a request, checks whether req.user is allowed to
137
137
    access req.path. Returns None on authorization success. Raises
138
138
    HTTP_FORBIDDEN on failure.
145
145
    urlpath = os.path.normpath(req.path)
146
146
    # Now if it begins with ".." or separator, then it's illegal
147
147
    if urlpath.startswith("..") or urlpath.startswith(os.sep):
148
 
        req.throw_error(req.HTTP_FORBIDDEN)
 
148
        return False
149
149
 
150
150
    (owner, _) = util.split_path(urlpath)
151
 
    if req.user.login != owner:
152
 
        req.throw_error(req.HTTP_FORBIDDEN)
 
151
    if user.login != owner:
 
152
        return False
 
153
    return True
153
154
 
154
155
def authorize_public(req):
155
156
    """A different kind of authorization. Rather than making sure the
162
163
    raised on failure.
163
164
    """
164
165
    _, path = url_to_local(req.path)
165
 
    dirpath, _ = os.path.split(path)
166
 
    if not (worldreadable(dirpath) and published(dirpath)):
167
 
        req.throw_error(req.HTTP_FORBIDDEN)
 
166
 
 
167
    # Walk up the tree, and find the deepest directory.
 
168
    while not os.path.isdir(path):
 
169
        path = os.path.dirname(path)
 
170
 
 
171
    if not (worldreadable(path) and published(path)):
 
172
        return False
 
173
    return True