diff options
author | Zygmunt Krynicki <zygmunt.krynicki@linaro.org> | 2010-09-09 18:28:27 +0200 |
---|---|---|
committer | Zygmunt Krynicki <zygmunt.krynicki@linaro.org> | 2010-09-09 18:28:27 +0200 |
commit | 7d5cceda7243a5284fc7fcd1158d291947869ad6 (patch) | |
tree | b98c466dd62d8a0f6f75c172e281a2a0660cc099 /dashboard_app/xmlrpc.py | |
parent | 11dc51750066987e7be854609b98e566f0e1925a (diff) |
Add BundleStream().can_access(user) and BundleStream.get_allowed_for_user(user)
Those methods capture all the access control logic hence will be easier to test and reuse.
Diffstat (limited to 'dashboard_app/xmlrpc.py')
-rw-r--r-- | dashboard_app/xmlrpc.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/dashboard_app/xmlrpc.py b/dashboard_app/xmlrpc.py index fb36c7e44..02b81e075 100644 --- a/dashboard_app/xmlrpc.py +++ b/dashboard_app/xmlrpc.py @@ -124,7 +124,7 @@ class DashboardAPI(object): except BundleStream.DoesNotExist: raise xmlrpclib.Fault(errors.NOT_FOUND, "Bundle stream not found") - if not bundle_stream.can_upload(user): + if not bundle_stream.can_access(user): raise xmlrpclib.Fault(errors.FORBIDDEN, "Uploading to specified stream is not permitted") try: @@ -188,7 +188,7 @@ class DashboardAPI(object): except Bundle.DoesNotExist: raise xmlrpclib.Fault(errors.NOT_FOUND, "Bundle not found") - if not bundle.bundle_stream.can_download(user): + if not bundle.bundle_stream.can_access(user): raise xmlrpclib.Fault(errors.FORBIDDEN, "Downloading from specified stream is not permitted") else: @@ -311,7 +311,7 @@ class DashboardAPI(object): except BundleStream.DoesNotExist: raise xmlrpclib.Fault(errors.NOT_FOUND, "Bundle stream not found") - if not bundle_stream.can_download(user): + if not bundle_stream.can_access(user): raise xmlrpclib.Fault(errors.FORBIDDEN, "Downloading from specified stream is not permitted") return [{ |