Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
edx-platform/lms/djangoapps/course_api/permissions.py
Kyle McCormick 151bd13666 Use full names for common.djangoapps imports; warn when using old style (#25477) 
* Generate common/djangoapps import shims for LMS
* Generate common/djangoapps import shims for Studio
* Stop appending project root to sys.path
* Stop appending common/djangoapps to sys.path
* Import from common.djangoapps.course_action_state instead of course_action_state
* Import from common.djangoapps.course_modes instead of course_modes
* Import from common.djangoapps.database_fixups instead of database_fixups
* Import from common.djangoapps.edxmako instead of edxmako
* Import from common.djangoapps.entitlements instead of entitlements
* Import from common.djangoapps.pipline_mako instead of pipeline_mako
* Import from common.djangoapps.static_replace instead of static_replace
* Import from common.djangoapps.student instead of student
* Import from common.djangoapps.terrain instead of terrain
* Import from common.djangoapps.third_party_auth instead of third_party_auth
* Import from common.djangoapps.track instead of track
* Import from common.djangoapps.util instead of util
* Import from common.djangoapps.xblock_django instead of xblock_django
* Add empty common/djangoapps/__init__.py to fix pytest collection
* Fix pylint formatting violations
* Exclude import_shims/ directory tree from linting
2020-11-10 07:02:01 -05:00

37 lines
1.1 KiB
Python
Raw Permalink Blame History

"""
Course API Authorization functions
"""
from common.djangoapps.student.roles import GlobalStaff
def can_view_courses_for_username(requesting_user, target_username):
"""
Determine whether `requesting_user` has permission to view courses available
to the user identified by `target_username`.
Arguments:
requesting_user (User): The user requesting permission to view another
target_username (string):
The name of the user `requesting_user` would like
to access.
Return value:
Boolean:
`True` if `requesting_user` is authorized to view courses as
`target_username`. Otherwise, `False`
Raises:
TypeError if target_username is empty or None.
"""
# AnonymousUser has no username, so we test for requesting_user's own
# username before prohibiting an empty target_username.
if requesting_user.username == target_username:
return True
elif not target_username:
raise TypeError("target_username must be specified")
else:
staff = GlobalStaff()
return staff.has_user(requesting_user)
Reference in New Issue View Git Blame Copy Permalink