From 58acb8921ecf6e794be06adb3e620c3ec7cca745 Mon Sep 17 00:00:00 2001 From: gfawcett Date: Tue, 28 Dec 2010 00:40:49 +0000 Subject: [PATCH] fix access control bug: closed sites are only accessible by instructors. git-svn-id: svn://svn.open-ils.org/ILS-Contrib/servres/trunk@1121 6d9bc8c9-1ec2-4278-b937-99fde70a366f --- conifer/syrup/models.py | 22 ++++++++++++++++++---- conifer/syrup/views/_common.py | 2 ++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/conifer/syrup/models.py b/conifer/syrup/models.py index c09ef78..ca5ff42 100644 --- a/conifer/syrup/models.py +++ b/conifer/syrup/models.py @@ -403,10 +403,24 @@ class Site(BaseModel): or bool(self.members().filter(user=user))) def is_open_to(self, user): - return self.access == 'ANON' \ - or (self.access == 'LOGIN' and user.is_authenticated()) \ - or user.is_staff \ - or self.is_member(user) + level = self.access + if level == 'ANON' or user.is_staff: + return True + if not user.is_authenticated(): + return False + if level == 'LOGIN': + return True + try: + mbr = self.members().get(user=user) + except: + return False + if level == 'CLOSE': + return mbr.role == u'INSTR' + elif level == u'MEMBR': + return True + else: + raise Exception('Cannot determine access level ' + 'for user %s in site %s' % (user, self)) @classmethod def taught_by(cls, user): diff --git a/conifer/syrup/views/_common.py b/conifer/syrup/views/_common.py index 2161816..183766e 100644 --- a/conifer/syrup/views/_common.py +++ b/conifer/syrup/views/_common.py @@ -85,6 +85,8 @@ def members_only(handler): else: if site.access=='LOGIN': msg = _('Please log in, so that you can enter this site.') + elif site.access=='CLOSE': + msg = _('Sorry, but you can no longer access this site.') else: msg = _('Only site members are allowed here.') return _access_denied(request, msg) -- 2.11.0