pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a5009ec1309cbcfa97799f988301f28e38b2e043
atst/atst/domain/authz.py
richard-dds 3765a73dc1 Consolidate WorkspaceUser into WorkspaceRole
2018-11-05 14:20:07 -05:00

36 lines
1.2 KiB
Python
Raw Blame History

from atst.domain.workspace_roles import WorkspaceRoles
from atst.models.permissions import Permissions
from atst.domain.exceptions import UnauthorizedError
class Authorization(object):
@classmethod
def has_workspace_permission(cls, user, workspace, permission):
return permission in WorkspaceRoles.workspace_role_permissions(workspace, user)
@classmethod
def has_atat_permission(cls, user, permission):
return permission in user.atat_role.permissions
@classmethod
def is_in_workspace(cls, user, workspace):
return user in workspace.users
@classmethod
def check_workspace_permission(cls, user, workspace, permission, message):
if not Authorization.has_workspace_permission(user, workspace, permission):
raise UnauthorizedError(user, message)
@classmethod
def check_atat_permission(cls, user, permission, message):
if not Authorization.has_atat_permission(user, permission):
raise UnauthorizedError(user, message)
@classmethod
def can_view_audit_log(cls, user):
return Authorization.has_atat_permission(user, Permissions.VIEW_AUDIT_LOG)
@classmethod
def is_ccpo(cls, user):
return user.atat_role.name == "ccpo"
Reference in New Issue View Git Blame Copy Permalink