Factor the setting of list-related permissions on the user object
1 parent 1252f5d commit b84f7cd33c64e2c973841bd57b135f816eb5d1bd
@Aurélien Bompard Aurélien Bompard authored on 15 Dec 2015
Showing 4 changed files
View
28
src/postorius/auth/decorators.py
from django.core.exceptions import PermissionDenied
 
from postorius.models import (Domain, List, Member, MailmanUser,
MailmanApiError, Mailman404Error)
from postorius.utils import user_is_in_list_roster
 
from .utils import set_user_access_props
 
 
def basic_auth_login(fn):
def wrapper(*args, **kwargs):
if not user.is_authenticated():
raise PermissionDenied
if user.is_superuser:
return fn(*args, **kwargs)
if not hasattr(user, 'is_list_owner'):
mlist = List.objects.get_or_404(fqdn_listname=list_id)
user.is_list_owner = user_is_in_list_roster(user, mlist, "owners")
set_user_access_props(user, list_id)
if user.is_list_owner:
return fn(*args, **kwargs)
else:
raise PermissionDenied
if not user.is_authenticated():
raise PermissionDenied
if user.is_superuser:
return fn(*args, **kwargs)
if (not hasattr(user, 'is_list_owner')
or not hasattr(user, 'is_list_moderator')):
mlist = List.objects.get_or_404(fqdn_listname=list_id)
if not hasattr(user, 'is_list_owner'):
user.is_list_owner = user_is_in_list_roster(
user, mlist, "owners")
if not hasattr(user, 'is_list_moderator'):
user.is_list_moderator = user_is_in_list_roster(
user, mlist, "moderators")
set_user_access_props(user, list_id)
if user.is_list_owner or user.is_list_moderator:
return fn(*args, **kwargs)
else:
raise PermissionDenied
View
43
src/postorius/auth/utils.py 0 → 100644
# -*- coding: utf-8 -*-
# Copyright (C) 1998-2015 by the Free Software Foundation, Inc.
#
# This file is part of Postorius.
#
# Postorius is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# Postorius is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# Postorius. If not, see <http://www.gnu.org/licenses/>.
 
"""
Authentication and authorization-related utilities.
"""
 
def user_is_in_list_roster(user, mailing_list, roster):
if not user.is_authenticated():
return False
if not hasattr(user, 'other_emails'):
set_other_emails(user)
addresses = set([user.email]) | set(user.other_emails)
if addresses & set(getattr(mailing_list, roster)):
return True # At least one address is in the roster
return False
 
 
def set_user_access_props(user, mlist):
if not isinstance(mlist, List):
mlist = List.objects.get_or_404(mlist)
if not hasattr(user, 'is_list_owner'):
user.is_list_owner = user_is_in_list_roster(
user, mlist, "owners")
if not hasattr(user, 'is_list_moderator'):
user.is_list_moderator = user_is_in_list_roster(
user, mlist, "moderators")
View
src/postorius/utils.py
View
src/postorius/views/generic.py