jm2l/jm2l/security.py

# -*- coding: utf8 -*-
from pyramid.security import Allow, Everyone, Authenticated
from pyramid.httpexceptions import HTTPFound, HTTPNotFound, HTTPForbidden
from pyramid.httpexceptions import HTTPBadRequest, HTTPUnauthorized

USERS = { 1:'editor',
          'editor':'editor',
          'viewer':'viewer'}
GROUPS = {'editor':['group:editors'], 1:['group:editors']}


def check_logged(request):
    """ This function is intended to raise an exception if the user is not logged"""
    if request.user is None:
        # Don't answer to users that aren't logged
        raise HTTPForbidden(u'Vous devez vous identifier pour obtenir une réponse.')


def check_staff(request):
    """ This function is intended to raise an exception if the user is not a Staff member"""
    check_logged(request)
    if not request.user.Staff:
        # Don't answer to users that aren't logged
        raise HTTPForbidden(u'Vous n\'avez pas l\'autorité suffisante pour effectuer cette action.')


def groupfinder(userid, request):
    if userid in USERS:
        return GROUPS.get(userid, [])

class EntryFactory(object):
    __acl__ = [(Allow, Everyone, 'view'),
               (Allow, Authenticated, 'create'),
               (Allow, Authenticated, 'edit'), ]
    
    def __init__(self, request):
        pass
        
class RootFactory(object):
    __acl__ = [ (Allow, Everyone, 'view'),
                (Allow, 'group:editors', 'edit') ]
    def __init__(self, request):
        pass