fix: add missing check_space_access function to encryptid_auth
Also imported by portal/views_shared_space.py but never defined, causing a second ImportError after the SpacePermission fix. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
parent
2b20b23d0b
commit
f26850ded2
|
|
@ -264,3 +264,46 @@ class EncryptIDMiddleware:
|
||||||
request.encryptid_user = get_or_create_user(claims)
|
request.encryptid_user = get_or_create_user(claims)
|
||||||
|
|
||||||
return self.get_response(request)
|
return self.get_response(request)
|
||||||
|
|
||||||
|
|
||||||
|
# ---------------------------------------------------------------------------
|
||||||
|
# Space access helper (used by non-DRF views)
|
||||||
|
# ---------------------------------------------------------------------------
|
||||||
|
|
||||||
|
def check_space_access(request, space_config):
|
||||||
|
"""
|
||||||
|
Check if a request has write access to a shared space.
|
||||||
|
|
||||||
|
Args:
|
||||||
|
request: Django HttpRequest
|
||||||
|
space_config: dict with 'visibility' and 'owner_did'
|
||||||
|
|
||||||
|
Returns:
|
||||||
|
dict with 'allowed' (bool) and 'reason' (str)
|
||||||
|
"""
|
||||||
|
visibility = space_config.get('visibility', 'public')
|
||||||
|
|
||||||
|
if visibility == 'public':
|
||||||
|
return {'allowed': True, 'reason': ''}
|
||||||
|
|
||||||
|
if visibility == 'public_read':
|
||||||
|
if request.user and request.user.is_authenticated:
|
||||||
|
return {'allowed': True, 'reason': ''}
|
||||||
|
return {'allowed': False, 'reason': 'Authentication required to upload'}
|
||||||
|
|
||||||
|
if visibility == 'authenticated':
|
||||||
|
if request.user and request.user.is_authenticated:
|
||||||
|
return {'allowed': True, 'reason': ''}
|
||||||
|
return {'allowed': False, 'reason': 'Authentication required'}
|
||||||
|
|
||||||
|
if visibility == 'members_only':
|
||||||
|
if not (request.user and request.user.is_authenticated):
|
||||||
|
return {'allowed': False, 'reason': 'Authentication required'}
|
||||||
|
owner_did = space_config.get('owner_did', '')
|
||||||
|
if not owner_did:
|
||||||
|
return {'allowed': False, 'reason': 'Space has no owner configured'}
|
||||||
|
if getattr(request.user, 'email', '') == owner_did:
|
||||||
|
return {'allowed': True, 'reason': ''}
|
||||||
|
return {'allowed': False, 'reason': 'Only the space owner can upload'}
|
||||||
|
|
||||||
|
return {'allowed': False, 'reason': 'Unknown visibility setting'}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue