if slug:
return self.backend.distros.get_by_slug(slug)
+ # Uploads
+
+ def _get_upload(self, uuid):
+ upload = self.backend.uploads.get_by_uuid(uuid)
+
+ # Check permissions
+ if upload and not upload.has_perm(self.current_user):
+ raise tornado.web.HTTPError(403, "%s has no permissions for upload %s" % (self.current_user, upload))
+
+ return upload
+
def get_argument_upload(self, *args, **kwargs):
"""
Returns an upload
uuid = self.get_argument(*args, **kwargs)
if uuid:
- return self.backend.uploads.get_by_uuid(uuid)
+ return self._get_upload(uuid)
def get_argument_uploads(self, *args, **kwargs):
"""
uuids = self.get_arguments(*args, **kwargs)
# Return all uploads
- return [self.backend.uploads.get_by_uuid(uuid) for uuid in uuids]
+ return [self._get_upload(uuid) for uuid in uuids]
def get_argument_user(self, *args, **kwargs):
name = self.get_argument(*args, **kwargs)
projects / pbs.git / commitdiff
