BGH: Configurable app user hook on avatars. Various access improvemen…

…ts and additions
brendonh · Dec 29, 2011 · fac87e2 · fac87e2
1 parent d3dec1f
commit fac87e2
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 9 deletions.
diff --git a/warp/common/access.py b/warp/common/access.py
@@ -10,7 +10,7 @@ def allowed(avatar, obj, **kwargs):
         roles = avatar.roles
 
     for role in roles:
-        opinion = role.allows(obj, **kwargs)
+        opinion = role.allows(obj, avatar=avatar, **kwargs)
         if opinion is not None:
             return opinion
 
@@ -29,6 +29,8 @@ def __init__(self, ruleMap, default=[], name=''):
     def allows(self, obj, **kwargs):
         if obj in self.ruleMap:
             rules = self.ruleMap[obj]
+        elif obj.__class__ in self.ruleMap:
+            rules = self.ruleMap[obj.__class__]
         else:
             rules = self.default
 
@@ -40,21 +42,61 @@ def allows(self, obj, **kwargs):
 
 # ---------------------------
 
-class Combine(object):
-    combiner = None
 
+class All(object):
     def __init__(self, *checkers):
         self.checkers = checkers
 
     def allows(self, other, **kwargs):
-        return self.combiner(c.allows(other, **kwargs) for c in self.checkers)
+        for checker in self.checkers:
+            if not checker.allows(other, **kwargs):
+                return False
+        return True
+
+
+class Any(object):
+    def __init__(self, *checkers):
+        self.checkers = checkers
+
+    def allows(self, other, **kwargs):
+        for checker in self.checkers:
+            if checker.allows(other, **kwargs):
+                return True
+        return False
+
+
+class Each(object):
+    def __init__(self, *checkers):
+        self.checkers = checkers
 
+    def allows(self, other, **kwargs):
+        for checker in self.checkers:
+            opinion = checker.allows(other, **kwargs)
+            if opinion is False:
+                return False
+
+        return True
+
+
+class Not(object):
+    def __init__(self, checker):
+        self.checker = checker
+
+    def allows(self, other, **kwargs):
+        return not self.checker.allows(other, **kwargs)
+
+
+class If(object):
+    def __init__(self, conditionChecker, bodyChecker):
+        self.conditionChecker = conditionChecker
+        self.bodyChecker = bodyChecker
+
+    def allows(self, other, **kwargs):
+        if not self.conditionChecker.allows(other, **kwargs):
+            return None
+        return self.bodyChecker.allows(other, **kwargs)
 
-class All(Combine):
-    combiner = all
 
-class Any(Combine):
-    combiner = any
 
 # ---------------------------
 

diff --git a/warp/common/avatar.py b/warp/common/avatar.py
@@ -13,8 +13,8 @@ class Avatar(Storm):
     email = Unicode()
     password = Unicode()
 
-    _roles = None
 
+    _roles = None
     def _getRoles(self):
         if self._roles is None:
             roleLookup = runtime.config['roles']
@@ -32,6 +32,19 @@ def _getRoles(self):
         return self._roles
     roles = property(_getRoles)
 
+
+    _user = None
+    def _getAppUser(self):
+        if self._user is None:
+            getUser = runtime.config.get('getAppUser')
+            if getUser is None:
+                raise NotImplementedError("No getAppUser callback configured")
+
+            self._user = getUser(self)
+        return self._user
+    user = property(_getAppUser)
+
+
     def __repr__(self):
         return "<Avatar '%s'>" % self.email.encode("utf-8")