1 files changed, 47 insertions, 0 deletions

diff --git a/sugar_network/node/auth.py b/sugar_network/node/auth.py
new file mode 100644
index 0000000..fdb7975
--- /dev/null
+++ b/sugar_network/node/auth.py
@@ -0,0 +1,47 @@
+# Copyright (C) 2012 Aleksey Lim
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+from ConfigParser import ConfigParser
+from os.path import join, exists
+
+import active_document as ad
+from sugar_network import node
+from active_toolkit import enforce
+
+
+_config = None
+
+
+def validate(request, role):
+    enforce(_validate(request.principal, role), ad.Forbidden,
+            'No enough permissions to proceed the operation')
+
+
+def try_validate(request, role):
+    return _validate(request.principal, role) or False
+
+
+def _validate(user, role):
+    global _config
+
+    if _config is None:
+        _config = ConfigParser()
+        config_path = join(node.data_root.value, 'authorization.conf')
+        if exists(config_path):
+            _config.read(config_path)
+
+    if _config.has_option(user, role):
+        return _config.get(user, role).strip().lower() in \
+                ('true', 'on', '1', 'allow')