def _CheckUserHasAccessMaybeSetStatus(self, tourney, ns_pair, ew_pair):
''' Tests if the current user has access to a hand with given players.
Uses the pair id code, if any, set in the request header to see if the user
is in one of the teams playing the hand. Directors always have access.
Args:
tourney. Tournament. Current tournament.
ns_pair: Integer. Pair number of team playing North/South.
ew_pair: Integer. Pair number of team playing East/West.
Returns:
A (Boolean, Integer) pair. First member is True iff the user has access
to the hand between ns_pair and ew_pair. Second member is the pair number
of the user. Only set if first member is True.
'''
user = users.get_current_user()
error = "Forbidden User"
if user and tourney.owner_id == user.user_id():
return (True, 0)
pair_id = GetPairIdFromRequest(self.request)
if not pair_id:
SetErrorStatus(self.response, 403, error,
"User does not own tournament and is not authenticated " +
"with a pair code to overwrite this hand.")
return (False, None)
player_pairs = PlayerPair.query(
ndb.OR(PlayerPair.pair_no == int(ns_pair),
PlayerPair.pair_no == int(ew_pair)),
ancestor=tourney.key).fetch()
if (not player_pairs) or (pair_id not in [p.id for p in player_pairs]):
SetErrorStatus(self.response, 403, error,
"User does not own tournament and is authenticated with " +
"the wrong code for involved pairs")
return (False, None)
return (True, next(p.pair_no for p in player_pairs if p.id == pair_id))
评论列表
文章目录