Changes between Version 85 and Version 86 of BluePrintAuthorization


Ignore:
Timestamp:
06/22/10 15:28:38 (14 years ago)
Author:
Fran Boon
Comment:

Use self.shn_has_role()

Legend:

Unmodified
Added
Removed
Modified

  • BluePrintAuthorization

    v85 v86  
    140140  * Preferred Option: Do the check alongside deleted as part of a big JOIN
    141141{{{
    142 def shn_accessible_query(table):
     142def shn_accessible_query(self, table):
    143143    """
    144144    Return a filter of those records which are readable by the currently logged-in user
     
    152152        deleted = 1
    153153
    154     roles = session.s3.roles
    155 
    156     if 1 in roles:
     154    roles = self.session.s3.roles
     155
     156    if self.shn_has_role(1):
    157157        # Admins see all data
    158158        query = deleted
     
    189189   * {{{CrudS3}}} modifies {{{Crud.update()}}} to take a record as an option to a record_id & calls {{{SQLFORM2()}}}
    190190{{{
    191 def shn_has_permission(name, tablename, record_id = 0):
     191def shn_has_permission(self, name, tablename, record_id = 0):
    192192    """
    193193        S3 framework function to define whether a user can access a record in manner "name"
     
    196196    """
    197197
    198     roles = session.s3.roles
     198    roles = self.session.s3.roles
    199199
    200200    table = db[tablename]
    201201    # Check if table is restricted (Options 1 & 2)
    202     if 1 in roles:
     202    if shn_has_role(1):
    203203        # Admins see all tables
    204204        authorised = True
     
    211211            # Assume we generally have fewer restrictions than roles
    212212        #   for restriction in restrictions:
    213         #        if restriction == "0" or int(restriction) in roles:
     213        #        if restriction == "0" or self.shn_has_role(restriction):
    214214                     # restriction 0 is anonymous
    215215        #            authorised = True
     
    229229            # Assume we generally have fewer restrictions than roles
    230230            for restriction in restrictions:
    231                 if restriction == "0" or int(restriction) in roles:
     231                if restriction == "0" or self.shn_has_role(restriction):
    232232                    # restriction 0 is anonymous
    233233                    authorised = True
     
    271271                # Assume we generally have fewer restrictions than roles
    272272                for restriction in restrictions:
    273                     if restriction in roles:
     273                    if self.shn_has_role(restriction):
    274274                        authorised = True
    275275                    elif restriction == "2" and "created_by" in _fields:
     
    289289                # Assume we generally have fewer restrictions than roles
    290290                for restriction in restrictions:
    291                     if restriction == "0" or int(restriction) in roles:
     291                    if restriction == "0" or self.shn_has_role(restriction):
    292292                        # restriction 0 is anonymous
    293293                        authorised = True