174 | | record = db(table.id == record_id).select(table.deleted, table.reader_id, table.writer_id, limitby=(0, 1)).first() |
175 | | # Check if record is deleted |
176 | | if record.deleted: |
177 | | authorised = False |
| 177 | |
| 178 | record = None |
| 179 | |
| 180 | if "deleted" in table.fields: |
| 181 | # Check if record is deleted |
| 182 | record = db(table.id == record_id).select(table.deleted, table.reader_id, table.writer_id, limitby=(0, 1)).first() |
| 183 | if record.deleted: |
| 184 | authorised = False |
| 185 | return authorised |
| 186 | |
| 190 | return authorised |
| 191 | |
| 192 | # Check the record's auth fields |
| 193 | if not record: |
| 194 | record = db(table.id == record_id).select(table.reader_id, table.writer_id, limitby=(0, 1)).first() |
| 195 | if name == "read": |
| 196 | if not table.reader_id: |
| 197 | authorised = True |
| 198 | else: |
| 199 | authorised = False |
| 200 | restrictions = re.split("\|", table.reader_id)[1:-1] |
| 201 | # Assume we generally have fewer restrictions than roles |
| 202 | for restriction in restrictions: |
| 203 | if restriction in roles: |
| 204 | authorised = True |
| 205 | |
| 206 | elif name in ["delete", "update"]: |
| 207 | if not table.writer_id: |
| 208 | authorised = True |
| 209 | else: |
| 210 | authorised = False |
| 211 | restrictions = re.split("\|", table.writer_id)[1:-1] |
| 212 | # Assume we generally have fewer restrictions than roles |
| 213 | for restriction in restrictions: |
| 214 | if restriction == "0" or int(restriction) in roles: |
| 215 | # restriction 0 is anonymous |
| 216 | authorised = True |
| 217 | |
182 | | # Need to check the record's auth fields |
183 | | if name == "read": |
184 | | if not table.reader_id: |
185 | | authorised = True |
186 | | else: |
187 | | authorised = False |
188 | | restrictions = re.split("\|", table.reader_id)[1:-1] |
189 | | # Assume we generally have fewer restrictions than roles |
190 | | for restriction in restrictions: |
191 | | if restriction in roles: |
192 | | authorised = True |
193 | | |
194 | | elif name in ["delete", "update"]: |
195 | | if not table.writer_id: |
196 | | authorised = True |
197 | | else: |
198 | | authorised = False |
199 | | restrictions = re.split("\|", table.writer_id)[1:-1] |
200 | | # Assume we generally have fewer restrictions than roles |
201 | | for restriction in restrictions: |
202 | | if restriction == "0" or int(restriction) in roles: |
203 | | # restriction 0 is anonymous |
204 | | authorised = True |
205 | | |
206 | | else: |
207 | | # Something went wrong |
208 | | session.error = str(T("Invalid mode sent to")) + " shn_has_permission(): " + name |
209 | | redirect(URL(r=request, f="index")) |
| 219 | # Something went wrong |
| 220 | session.error = str(T("Invalid mode sent to")) + " shn_has_permission(): " + name |
| 221 | redirect(URL(r=request, f="index")) |