Gitlab CSE Unil

Commit a6e14ea5 authored by Julien Furrer's avatar Julien Furrer
Browse files

Bug fix: trying to register new user on locked AnObj crash

-> now raise a PermissionDenied

-> for a TTP shared, accept registration
parent 19db8234
...@@ -34,9 +34,10 @@ class PermissionClass(object): ...@@ -34,9 +34,10 @@ class PermissionClass(object):
raise NotImplementedError() raise NotImplementedError()
def _register_user(self, user, anobj): def _register_user(self, user, anobj):
if not anobj.locked: if anobj.locked:
return False
AnObjMembership.objects.create(anobj=anobj, user=user) AnObjMembership.objects.create(anobj=anobj, user=user)
# anobj.members.add(user) return True
def _revoke_user(self, user, anobj): def _revoke_user(self, user, anobj):
if not anobj.locked: if not anobj.locked:
...@@ -164,6 +165,10 @@ class ATTP(PermissionClass): ...@@ -164,6 +165,10 @@ class ATTP(PermissionClass):
def __init__(self, ttp_id=None): def __init__(self, ttp_id=None):
self.ttp_id = ttp_id self.ttp_id = ttp_id
def _register_user(self, user, anobj):
AnObjMembership.objects.create(anobj=anobj, user=user)
return True
def set_attp_status(self, request, anobj, status): def set_attp_status(self, request, anobj, status):
key = "attp_{ttp_id}{user_id}{uuid}".format( key = "attp_{ttp_id}{user_id}{uuid}".format(
ttp_id=self.ttp_id, user_id=request.user.id, ttp_id=self.ttp_id, user_id=request.user.id,
...@@ -209,7 +214,8 @@ class ATTP(PermissionClass): ...@@ -209,7 +214,8 @@ class ATTP(PermissionClass):
else: else:
if request.user not in anobj.members.all(): if request.user not in anobj.members.all():
self._register_user(request.user, anobj) if not self._register_user(request.user, anobj):
raise PermissionDenied()
# Check ownership # Check ownership
owners = anobj.owners.all() owners = anobj.owners.all()
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment