OnlineJudge/account/decorators.py

import functools

from utils.api import JSONResponse

from .models import ProblemPermission

from contest.models import Contest, ContestType, ContestStatus


class BasePermissionDecorator(object):
    def __init__(self, func):
        self.func = func

    def __get__(self, obj, obj_type):
        return functools.partial(self.__call__, obj)

    def error(self, data):
        return JSONResponse.response({"error": "permission-denied", "data": data})

    def __call__(self, *args, **kwargs):
        self.request = args[1]

        if self.check_permission():
            if self.request.user.is_disabled:
                return self.error("Your account is disabled")
            return self.func(*args, **kwargs)
        else:
            return self.error("Please login in first")

    def check_permission(self):
        raise NotImplementedError()


class login_required(BasePermissionDecorator):
    def check_permission(self):
        return self.request.user.is_authenticated()


class super_admin_required(BasePermissionDecorator):
    def check_permission(self):
        user = self.request.user
        return user.is_authenticated() and user.is_super_admin()


class admin_role_required(BasePermissionDecorator):
    def check_permission(self):
        user = self.request.user
        return user.is_authenticated() and user.is_admin_role()


class problem_permission_required(admin_role_required):
    def check_permission(self):
        if not super(problem_permission_required, self).check_permission():
            return False
        if self.request.user.problem_permission == ProblemPermission.NONE:
            return False
        return True


def check_contest_permission(func):
    """
    只供Class based view 使用，检查用户是否有权进入该contest，
    若通过验证，在view中可通过self.contest获得该contest
    """
    @functools.wraps(func)
    def _check_permission(*args, **kwargs):
        self = args[0]
        request = args[1]
        user = request.user
        if kwargs.get("contest_id"):
            contest_id = kwargs.pop("contest_id")
        else:
            contest_id = request.GET.get("contest_id")
        if not contest_id:
            return self.error("Parameter contest_id not exist.")

        try:
            # use self.contest to avoid query contest again in view.
            self.contest = Contest.objects.get(id=contest_id, visible=True)
        except Contest.DoesNotExist:
            return self.error("Contest %s doesn't exist" % contest_id)

        if self.contest.status == ContestStatus.CONTEST_NOT_START and user != self.contest.created_by:
            return self.error("Contest has not started yet.")

        if self.contest.contest_type == ContestType.PASSWORD_PROTECTED_CONTEST:
            # Anonymous
            if not user.is_authenticated():
                return self.error("Please login in first.")
            # creator
            if user == self.contest.created_by:
                return func(*args, **kwargs)
            # password error
            if ("contests" not in request.session) or (self.contest.id not in request.session["contests"]):
                return self.error("Password is required.")

        return func(*args, **kwargs)

    return _check_permission
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								import functools
-												增加 login_required decorator 和对应的测试

											
										
										
											2015-08-04 05:22:37 +00:00
-												使用Python3和更科学的API写法

											
										
										
											2016-11-19 04:32:23 +00:00
+								from utils.api import JSONResponse
-												isort

											
										
										
											2017-01-23 08:48:04 +00:00
-												rename some method and add some decorator

											
										
										
											2017-02-10 03:41:01 +00:00
+								from .models import ProblemPermission
-												增加 login_required decorator 和对应的测试

											
										
										
											2015-08-04 05:22:37 +00:00
-												添加contest access api

											
										
										
											2017-07-20 07:52:11 +00:00
+								from contest.models import Contest, ContestType, ContestStatus
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
-												增加 login_required decorator 和对应的测试

											
										
										
											2015-08-04 05:22:37 +00:00
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								class BasePermissionDecorator(object):
 								    def __init__(self, func):
 								        self.func = func
-												增加 login_required decorator 和对应的测试

											
										
										
											2015-08-04 05:22:37 +00:00
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								    def __get__(self, obj, obj_type):
 								        return functools.partial(self.__call__, obj)
-												add some tests

											
										
										
											2016-10-29 18:17:35 +00:00
+								    def error(self, data):
-												使用Python3和更科学的API写法

											
										
										
											2016-11-19 04:32:23 +00:00
+								        return JSONResponse.response({"error": "permission-denied", "data": data})
-												add some tests

											
										
										
											2016-10-29 18:17:35 +00:00
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								    def __call__(self, *args, **kwargs):
-												add some tests

											
										
										
											2016-10-29 18:17:35 +00:00
+								        self.request = args[1]
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
 								        if self.check_permission():
-												修改账户系统以及部分用户权限写法

增加部分测试和注释，完善国际化

											
										
										
											2016-06-23 04:19:16 +00:00
+								            if self.request.user.is_disabled:
-												remove i18n

											
										
										
											2017-04-18 18:03:48 +00:00
+								                return self.error("Your account is disabled")
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								            return self.func(*args, **kwargs)
-												增加 @admin_required 修饰符代码和对应的测试

											
										
										
											2015-08-06 04:25:16 +00:00
+								        else:
-												remove i18n

											
										
										
											2017-04-18 18:03:48 +00:00
+								            return self.error("Please login in first")
-												增加判断管理员权限的 decorator

											
										
										
											2015-09-22 08:18:32 +00:00
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								    def check_permission(self):
 								        raise NotImplementedError()
 								class login_required(BasePermissionDecorator):
 								    def check_permission(self):
 								        return self.request.user.is_authenticated()
 								class super_admin_required(BasePermissionDecorator):
 								    def check_permission(self):
-												rename some method and add some decorator

											
										
										
											2017-02-10 03:41:01 +00:00
+								        user = self.request.user
 								        return user.is_authenticated() and user.is_super_admin()
-												增加判断管理员权限的 decorator

											
										
										
											2015-09-22 08:18:32 +00:00
-												rename some method and add some decorator

											
										
										
											2017-02-10 03:41:01 +00:00
+								class admin_role_required(BasePermissionDecorator):
-												修复 account 里面失败的测试；优化权限 decorator 的写法

											
										
										
											2015-10-14 01:57:43 +00:00
+								    def check_permission(self):
-												rename some method and add some decorator

											
										
										
											2017-02-10 03:41:01 +00:00
+								        user = self.request.user
 								        return user.is_authenticated() and user.is_admin_role()
 								class problem_permission_required(admin_role_required):
 								    def check_permission(self):
 								        if not super(problem_permission_required, self).check_permission():
 								            return False
 								        if self.request.user.problem_permission == ProblemPermission.NONE:
 								            return False
 								        return True
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
 								def check_contest_permission(func):
 								    """
 								    只供Class based view 使用，检查用户是否有权进入该contest，
 								    若通过验证，在view中可通过self.contest获得该contest
 								    """
 								    @functools.wraps(func)
 								    def _check_permission(*args, **kwargs):
 								        self = args[0]
 								        request = args[1]
 								        user = request.user
-												reformat code.

											
										
										
											2017-07-18 03:25:08 +00:00
+								        if kwargs.get("contest_id"):
 								            contest_id = kwargs.pop("contest_id")
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
+								        else:
-												reformat code.

											
										
										
											2017-07-18 03:25:08 +00:00
+								            contest_id = request.GET.get("contest_id")
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
+								        if not contest_id:
 								            return self.error("Parameter contest_id not exist.")
 								        try:
 								            # use self.contest to avoid query contest again in view.
 								            self.contest = Contest.objects.get(id=contest_id, visible=True)
 								        except Contest.DoesNotExist:
 								            return self.error("Contest %s doesn't exist" % contest_id)
-												添加contest access api

											
										
										
											2017-07-20 07:52:11 +00:00
+								        if self.contest.status == ContestStatus.CONTEST_NOT_START and user != self.contest.created_by:
 								            return self.error("Contest has not started yet.")
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
+								        if self.contest.contest_type == ContestType.PASSWORD_PROTECTED_CONTEST:
 								            # Anonymous
 								            if not user.is_authenticated():
 								                return self.error("Please login in first.")
 								            # creator
-												添加contest access api

											
										
										
											2017-07-20 07:52:11 +00:00
+								            if user == self.contest.created_by:
-												contest and contest_problems api.
add ordering for contest and submission models

											
										
										
											2017-07-17 13:28:06 +00:00
+								                return func(*args, **kwargs)
 								            # password error
 								            if ("contests" not in request.session) or (self.contest.id not in request.session["contests"]):
 								                return self.error("Password is required.")
 								        return func(*args, **kwargs)
 								    return _check_permission