123456789101112131415161718192021222324252627 |
- class access_control(object):
- def __init__(self, request, rel_path):
- self._request = request
- self._rel_path = rel_path
-
- def may_read(self):
- return "private" not in self._rel_path or self.may_write()
-
- def may_write(self):
- # /!\ rel_path is the filsystem rel_path - caused by the flat folder structure /!\
- return self._request.user.is_authenticated and self._request.user.username in ['root', 'dirk']
-
- def may_read_attachment(self):
- return self.may_read()
-
- def may_modify_attachment(self):
- return self.may_write()
-
-
- def read_attachment(request, rel_path):
- # Interface for external module mycreole
- return access_control(request, rel_path).may_read_attachment()
-
-
- def modify_attachment(request, rel_path):
- # Interface for external module mycreole
- return access_control(request, rel_path).may_modify_attachment()
|