394     

   394 

   395 

   395 def has_global_perm_or_perm_on_text(global_perm_name, perm_name, must_be_logged_in=False, redirect_field_name=REDIRECT_FIELD_NAME, api=False):

   396 

   396   def _dec(view_func):

   397     def _check_global_or_local_perm(request, *args, **kwargs):

   398       if must_be_logged_in and not is_authenticated(request):

   399         if not api:

   400           raise UnauthorizedException('Should be logged in')

   401         else:

   402           return rc.FORBIDDEN

   403 

   404       if has_perm(request, global_perm_name, text=None): 

   405         return view_func(request, *args, **kwargs)

   406             

   407       if cm_settings.NO_SECURITY:

   408         return view_func(request, *args, **kwargs)

   409 

   410       if 'key' in kwargs: 

   411         text = get_object_or_404(Text, key=kwargs['key'])                

   412       else:

   413         raise Exception('no security check possible')

   414                 

   415       # in api, the view has an object as first parameter, request is args[0]

   416       if not api:                

   417         req = request

   418       else:                    

   419         req = args[0]     

   420 

   421       if has_perm(req, perm_name, text=text): 

   422         return view_func(request, *args, **kwargs)

   423             

   424       if not api:

   425         raise UnauthorizedException('No perm %s' % perm_name)

   426       else:

   427         return rc.FORBIDDEN

   428 

   429       raise UnauthorizedException('No global perm %s nor local perm %s' %(global_perm_name, perm_name))

   430 

   431     _check_global_or_local_perm.__doc__ = view_func.__doc__

   432     _check_global_or_local_perm.__dict__ = view_func.__dict__

   433 

   434     return _check_global_or_local_perm

   435   return _dec