Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def realtime_auth(context, data_dict, privilege='resource_update'):
user = context.get('user')
authorized = p.toolkit.check_access(privilege, context, data_dict)
if not authorized:
return {
'success': False,
'msg': p.toolkit._('User {0} not authorized to update resource {1}'
.format(str(user), data_dict['resource_id']))
}
else:
return {'success': True}
def datastore_make_observable(context, data_dict):
'''Changes a simple datastore to an observable datastore.
:param resource_id: id of the resource to which the datastore is bound
:type resource_id: string
'''
schema = context.get('schema',
realtime_schema.datastore_make_observable_schema())
data_dict, errors = _validate(data_dict, schema, context)
if errors:
raise p.toolkit.ValidationError(errors)
p.toolkit.check_access('datastore_make_observable', context, data_dict)
db.add_datastore_notifier_trigger(data_dict['resource_id'])
def org_admin(context, data_dict):
return p.toolkit.check_access('group_update', context, data_dict)
dataset_id = data_dict['dataset_id']
issue_number = data_dict['issue_number']
issue = issuemodel.Issue.get_by_name_or_id_and_number(
dataset_name_or_id=dataset_id,
issue_number=issue_number,
session=session)
if not issue:
raise p.toolkit.ObjectNotFound(p.toolkit._('Issue does not exist'))
context['issue'] = issue
issue_dict = issue.as_dict()
user = context.get('user')
if user:
try:
can_edit = p.toolkit.check_access(
'package_update',
context,
data_dict={'id': issue.dataset_id}
)
except p.toolkit.NotAuthorized:
can_edit = False
else:
can_edit = False
if issue.visibility != 'visible' and not can_edit:
raise p.toolkit.ObjectNotFound(
p.toolkit._('Issue marked as spam/abuse'))
include_reports = data_dict.get('include_reports')
comments = []
def issue_auth(context, data_dict, privilege='package_update'):
'''Returns whether the current user is allowed to do the action
(privilege).'''
auth_data_dict = dict(data_dict)
# we're checking package access so it is dataset/package id
auth_data_dict['id'] = auth_data_dict['dataset_id']
try:
p.toolkit.check_access(privilege, context, auth_data_dict)
return {'success': True}
except p.toolkit.NotAuthorized:
return {
'success': False,
'msg': p.toolkit._(
'User {0} not authorized for action on issue {1}'.format(
str(context['user']),
auth_data_dict['id']
)
db.init_db(context['model'])
org_id = data_dict.get('org_id')
ordered = data_dict.get('order')
order_publish_date = data_dict.get('order_publish_date')
page_type = data_dict.get('page_type')
private = data_dict.get('private', True)
if ordered:
search['order'] = True
if page_type:
search['page_type'] = page_type
if order_publish_date:
search['order_publish_date'] = True
if not org_id:
search['group_id'] = None
try:
p.toolkit.check_access('ckanext_pages_update', context, data_dict)
if not private:
search['private'] = False
except p.toolkit.NotAuthorized:
search['private'] = False
else:
group = context['model'].Group.get(org_id)
user = context['user']
member = authz.has_user_permission_for_group_or_org(
group.id, user, 'read')
search['group_id'] = org_id
if not member:
search['private'] = False
out = db.Page.pages(**search)
out_list = []
for pg in out:
parser = HTMLFirstImage()
def org_pages_show(context, data_dict):
try:
p.toolkit.check_access('ckanext_org_pages_show', context, data_dict)
except p.toolkit.NotAuthorized:
p.toolkit.abort(401, p.toolkit._('Not authorized to see this page'))
return _pages_show(context, data_dict)
def archiver_dataset_show(context, data_dict=None):
'''Return a details of the archival of a dataset, aggregated across its
resources.
:param id: the name or id of the dataset
:type id: string
:rtype: dictionary
'''
id_ = _get_or_bust(data_dict, 'id')
dataset = model.Package.get(id_)
if not dataset:
raise ObjectNotFound
archivals = Archival.get_for_package(dataset.id)
archival_dict = aggregate_archivals_for_a_dataset(archivals)
p.toolkit.check_access('archiver_dataset_show', context, data_dict)
return archival_dict
def before_request():
u'''set context and check authorization'''
try:
toolkit.check_access(u'site_read', _context())
except toolkit.NotAuthorized:
toolkit.abort(401, toolkit._(u'Not authorized to see this page'))