Commit 3932f5c5 authored by Christopher R. Gabriel's avatar Christopher R. Gabriel Committed by Enrico Zini
Browse files

Groups rename

parent c8794711
......@@ -347,7 +347,14 @@ class SchoolController(controllers.Controller, identity.SecureResource, ScrapBoo
response.headerMap['Content-Disposition'] = 'filename=activity-report-%s-%s.zip' % (school.name.lower().replace(" ","_"), datetime.now().strftime("%Y%m%d%H%M"))
return report.makeZip()
@expose()
def edit_activity(self, id, **kw):
auth = octomonui.auth.Base()
try:
school = auth.access_activity(id)
except octomonui.auth.AuthException, e:
return str(e)
@expose()
@expose('json')
def add_activity(self, id, **kw):
......@@ -356,7 +363,6 @@ class SchoolController(controllers.Controller, identity.SecureResource, ScrapBoo
school = auth.access_school(id)
except octomonui.auth.AuthException, e:
return str(e)
# Validate the form
try:
#print ", ".join(["%s:%s"%(a,b) for a,b in kw.iteritems()])
......
......@@ -75,6 +75,23 @@ class Base:
return school
def access_activity(self, id):
"""
Check that the current user can access the activity with the given ID,
then return the Activity object for it.
"""
id = self.validate_id(id, "activity")
try:
activity = octomonui.model.Activity.get(id)
except SQLObjectNotFound:
self.fail("Activity not found")
if not self.is_admin() or activity.user != self.icu:
self.fail("User cannot access this activity")
return activity
def access_host(self, id):
"""
Check that the current user can access the host with the given ID,
......
......@@ -60,7 +60,7 @@ kid.encoding="utf-8"
tg.include_widgets = ['turbogears.mochikit']
# Set to True if the scheduler should be started
tg.scheduler = True
#tg.scheduler = True
# Set session or cookie
session_filter.on = True
......@@ -113,7 +113,7 @@ identity.soldapprovider.port = 389
identity.soldapprovider.basedn = "dc=fuss,dc=bz,dc=it"
identity.soldapprovider.autocreate = True
identity.provider='octomonui'
#identity.provider='octomonui'
# The names of the fields on the login form containing the visitor's user ID
# and password. In addition, the submit button is specified simply so its
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment