2015-10-14 01:57:43 +00:00
|
|
|
|
import functools
|
2015-08-04 05:22:37 +00:00
|
|
|
|
|
2016-11-19 04:32:23 +00:00
|
|
|
|
from utils.api import JSONResponse
|
2017-01-23 08:48:04 +00:00
|
|
|
|
|
2017-02-10 03:41:01 +00:00
|
|
|
|
from .models import ProblemPermission
|
2015-08-04 05:22:37 +00:00
|
|
|
|
|
2017-07-20 07:52:11 +00:00
|
|
|
|
from contest.models import Contest, ContestType, ContestStatus
|
2017-07-17 13:28:06 +00:00
|
|
|
|
|
2015-08-04 05:22:37 +00:00
|
|
|
|
|
2015-10-14 01:57:43 +00:00
|
|
|
|
class BasePermissionDecorator(object):
|
|
|
|
|
def __init__(self, func):
|
|
|
|
|
self.func = func
|
2015-08-04 05:22:37 +00:00
|
|
|
|
|
2015-10-14 01:57:43 +00:00
|
|
|
|
def __get__(self, obj, obj_type):
|
|
|
|
|
return functools.partial(self.__call__, obj)
|
|
|
|
|
|
2016-10-29 18:17:35 +00:00
|
|
|
|
def error(self, data):
|
2016-11-19 04:32:23 +00:00
|
|
|
|
return JSONResponse.response({"error": "permission-denied", "data": data})
|
2016-10-29 18:17:35 +00:00
|
|
|
|
|
2015-10-14 01:57:43 +00:00
|
|
|
|
def __call__(self, *args, **kwargs):
|
2016-10-29 18:17:35 +00:00
|
|
|
|
self.request = args[1]
|
2015-10-14 01:57:43 +00:00
|
|
|
|
|
|
|
|
|
if self.check_permission():
|
2016-06-23 04:19:16 +00:00
|
|
|
|
if self.request.user.is_disabled:
|
2017-04-18 18:03:48 +00:00
|
|
|
|
return self.error("Your account is disabled")
|
2015-10-14 01:57:43 +00:00
|
|
|
|
return self.func(*args, **kwargs)
|
2015-08-06 04:25:16 +00:00
|
|
|
|
else:
|
2017-04-18 18:03:48 +00:00
|
|
|
|
return self.error("Please login in first")
|
2015-09-22 08:18:32 +00:00
|
|
|
|
|
2015-10-14 01:57:43 +00:00
|
|
|
|
def check_permission(self):
|
|
|
|
|
raise NotImplementedError()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class login_required(BasePermissionDecorator):
|
|
|
|
|
def check_permission(self):
|
|
|
|
|
return self.request.user.is_authenticated()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class super_admin_required(BasePermissionDecorator):
|
|
|
|
|
def check_permission(self):
|
2017-02-10 03:41:01 +00:00
|
|
|
|
user = self.request.user
|
|
|
|
|
return user.is_authenticated() and user.is_super_admin()
|
2015-09-22 08:18:32 +00:00
|
|
|
|
|
|
|
|
|
|
2017-02-10 03:41:01 +00:00
|
|
|
|
class admin_role_required(BasePermissionDecorator):
|
2015-10-14 01:57:43 +00:00
|
|
|
|
def check_permission(self):
|
2017-02-10 03:41:01 +00:00
|
|
|
|
user = self.request.user
|
|
|
|
|
return user.is_authenticated() and user.is_admin_role()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class problem_permission_required(admin_role_required):
|
|
|
|
|
def check_permission(self):
|
|
|
|
|
if not super(problem_permission_required, self).check_permission():
|
|
|
|
|
return False
|
|
|
|
|
if self.request.user.problem_permission == ProblemPermission.NONE:
|
|
|
|
|
return False
|
|
|
|
|
return True
|
2017-07-17 13:28:06 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def check_contest_permission(func):
|
|
|
|
|
"""
|
|
|
|
|
只供Class based view 使用,检查用户是否有权进入该contest,
|
|
|
|
|
若通过验证,在view中可通过self.contest获得该contest
|
|
|
|
|
"""
|
|
|
|
|
@functools.wraps(func)
|
|
|
|
|
def _check_permission(*args, **kwargs):
|
|
|
|
|
self = args[0]
|
|
|
|
|
request = args[1]
|
|
|
|
|
user = request.user
|
2017-07-18 03:25:08 +00:00
|
|
|
|
if kwargs.get("contest_id"):
|
|
|
|
|
contest_id = kwargs.pop("contest_id")
|
2017-07-17 13:28:06 +00:00
|
|
|
|
else:
|
2017-07-18 03:25:08 +00:00
|
|
|
|
contest_id = request.GET.get("contest_id")
|
2017-07-17 13:28:06 +00:00
|
|
|
|
if not contest_id:
|
|
|
|
|
return self.error("Parameter contest_id not exist.")
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
# use self.contest to avoid query contest again in view.
|
|
|
|
|
self.contest = Contest.objects.get(id=contest_id, visible=True)
|
|
|
|
|
except Contest.DoesNotExist:
|
|
|
|
|
return self.error("Contest %s doesn't exist" % contest_id)
|
|
|
|
|
|
2017-07-20 07:52:11 +00:00
|
|
|
|
if self.contest.status == ContestStatus.CONTEST_NOT_START and user != self.contest.created_by:
|
|
|
|
|
return self.error("Contest has not started yet.")
|
|
|
|
|
|
2017-07-17 13:28:06 +00:00
|
|
|
|
if self.contest.contest_type == ContestType.PASSWORD_PROTECTED_CONTEST:
|
|
|
|
|
# Anonymous
|
|
|
|
|
if not user.is_authenticated():
|
|
|
|
|
return self.error("Please login in first.")
|
|
|
|
|
# creator
|
2017-07-20 07:52:11 +00:00
|
|
|
|
if user == self.contest.created_by:
|
2017-07-17 13:28:06 +00:00
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
|
# password error
|
|
|
|
|
if ("contests" not in request.session) or (self.contest.id not in request.session["contests"]):
|
|
|
|
|
return self.error("Password is required.")
|
|
|
|
|
|
|
|
|
|
return func(*args, **kwargs)
|
|
|
|
|
|
|
|
|
|
return _check_permission
|