← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/security/views.py

  • Committer: William Grant
  • Date: 2009-02-27 03:55:15 UTC
  • Revision ID: grantw@unimelb.edu.au-20090227035515-u5nwfrbed8qu9sbl
Offerings now give 'view' only to user enrolled in them. 'edit' is granted
to their tutors and lecturers.

Worksheet(Exercise)s and their views now delegate to and use Offering's
permissions.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/webapp/security/views.py
25
25
    # This needs to be importable from outside Apache.
26
26
    pass
27
27
 
28
 
import ivle.pulldown_subj
 
28
import ivle.util
29
29
import ivle.webapp.security
30
30
from ivle.auth import authenticate, AuthError
31
31
from ivle.webapp.base.xhtml import XHTMLView
46
46
        if nexturl is None:
47
47
            nexturl = '/'
48
48
 
49
 
        # We are already logged in. If it is a POST, they might be trying to
50
 
        # clobber their session with some new credentials. That's their own
51
 
        # business, so we let them do it. Otherwise, we don't bother prompting
52
 
        # and just redirect to the destination.
 
49
        # We are already logged in. Don't bother logging in again.
53
50
        # Note that req.user is None even if we are 'logged in', if the user is
54
 
        # invalid (state != enabled, or expired).
55
 
        if req.method != "POST" and req.user is not None:
 
51
        # invalid.
 
52
        if req.user is not None:
56
53
            req.throw_redirect(nexturl)
57
54
 
58
55
        # Don't give any URL if we want /.
61
58
        else:
62
59
            query_string = '?url=' + urllib.quote(nexturl, safe="/~")
63
60
 
64
 
        ctx['path'] = req.make_path('+login') + query_string
 
61
        ctx['path'] = ivle.util.make_path('+login') + query_string
65
62
 
66
63
        # If this succeeds, the user is invalid.
67
64
        user = ivle.webapp.security.get_user_details(req)
72
69
                # if you are not planning to display a ToS page - the ToS
73
70
                # acceptance process actually calls usrmgt to create the user
74
71
                # jails and related stuff.
75
 
                req.throw_redirect(req.make_path('+tos') + query_string)
 
72
                req.throw_redirect(ivle.util.make_path('+tos') + query_string)
76
73
            elif user.state == "pending":
77
74
                # FIXME: this isn't quite the right answer, but it
78
75
                # should be more robust in the short term.
116
113
                        session.save()
117
114
                        session.unlock()
118
115
                        user.last_login = datetime.datetime.now()
 
116
                        req.store.commit()
119
117
 
120
118
                        # Create cookies for plugins that might request them.
121
119
                        for plugin in req.config.plugin_index[CookiePlugin]:
126
124
                                    req.add_cookie(mod_python.Cookie.Cookie(cookie,
127
125
                                          plugin.cookies[cookie](user), path='/'))
128
126
 
129
 
                        # Add any new enrolments.
130
 
                        ivle.pulldown_subj.enrol_user(req.store, user)
131
 
                        req.store.commit()
132
 
 
133
127
                        req.throw_redirect(nexturl)
134
128
 
135
129
                # We didn't succeed.
151
145
        if req.method == "POST":
152
146
            req.logout()
153
147
        else:
154
 
            ctx['path'] =  req.make_path('+logout')
 
148
            ctx['path'] =  ivle.util.make_path('+logout')