From c66a6e67c8afd6ad86bc4a1acefaf34c5e035810 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sybren=20A=2E=20St=C3=BCvel?= Date: Wed, 10 May 2017 12:09:48 +0200 Subject: [PATCH] Added p.a.project.utils.user_rights_in_project() This returns the allowed HTTP method for the current user in the given project. This is used for access control on Flamenco, for example. --- pillar/api/projects/utils.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/pillar/api/projects/utils.py b/pillar/api/projects/utils.py index 92e3c11a..7d18a5a9 100644 --- a/pillar/api/projects/utils.py +++ b/pillar/api/projects/utils.py @@ -58,6 +58,19 @@ def get_admin_group(project: dict) -> dict: return group +def user_rights_in_project(project_id: ObjectId) -> frozenset: + """Returns the set of HTTP methods allowed on the given project for the current user.""" + + from pillar.api.utils import authorization + + assert isinstance(project_id, ObjectId) + + proj_coll = current_app.db().projects + proj = proj_coll.find_one({'_id': project_id}) + + return frozenset(authorization.compute_allowed_methods('projects', proj)) + + def abort_with_error(status): """Aborts with the given status, or 500 if the status doesn't indicate an error.