self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2025-06-27 00:41:00 +02:00
Code Issues Releases Activity

Add some documentation to access decorators

Browse Source
This commit is contained in:
Pierre Jaury
2016-08-29 20:30:59 +02:00
parent 09bec055fd
commit e24da96e58
1 changed files with 25 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
admin/freeposte/admin/access.py
View File

@ -40,11 +40,21 @@ def permissions_wrapper(handler):
@permissions_wrapper @permissions_wrapper
def global_admin(args, kwargs): def global_admin(args, kwargs):
""" The view is only available to global administrators.
"""
return flask_login.current_user.global_admin return flask_login.current_user.global_admin
@permissions_wrapper @permissions_wrapper
def domain_admin(args, kwargs, model, key): def domain_admin(args, kwargs, model, key):
""" The view is only available to specific domain admins.
Global admins will still be able to access the resource.
A model and key must be provided. The model will be queries
based on the query parameter named after the key. The model may
either be Domain or an Email subclass (or any class with a
``domain`` attribute which stores a related Domain instance).
"""
obj = model.query.get(kwargs[key]) obj = model.query.get(kwargs[key])
if not obj: if not obj:
flask.abort(404) flask.abort(404)
@ -55,12 +65,20 @@ def domain_admin(args, kwargs, model, key):
@permissions_wrapper @permissions_wrapper
def owner(args, kwargs, model, key): def owner(args, kwargs, model, key):
# if no key is provided but the model is User, then return the current """ The view is only available to the resource owner or manager.
# user
A model and key must be provided. The model will be queries
based on the query parameter named after the key. The model may
either be User or any model with a ``user`` attribute storing
a user instance (like Fetch).
If the query parameter is empty and the model is User, then
the resource being accessed is supposed to be the current
logged in user and access is obviously authorized.
"""
if kwargs[key] is None and model == models.User: if kwargs[key] is None and model == models.User:
obj = model.query.get(flask_login.current_user.email) return True
else: obj = model.query.get(kwargs[key])
obj = model.query.get(kwargs[key])
if not obj: if not obj:
flask.abort(404) flask.abort(404)
else: else:
@ -73,6 +91,8 @@ def owner(args, kwargs, model, key):
@permissions_wrapper @permissions_wrapper
def authenticated(args, kwargs): def authenticated(args, kwargs):
""" The view is only available to logged in users.
"""
return True return True