X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;ds=sidebyside;f=bluechips%2Flib%2Fpermissions.py;h=2249726b8a554e264e79632e4b03654f130625ef;hb=91c2916731b30a0c43a2259dad2228c51421a06c;hp=75429eae20d9024dd973a3a5598fa7d1caab40f7;hpb=7e5a8123b75d71f5540bb0e538bb757b188019ec;p=bluechips.git

diff --git a/bluechips/lib/permissions.py b/bluechips/lib/permissions.py
index 75429ea..2249726 100644
--- a/bluechips/lib/permissions.py
+++ b/bluechips/lib/permissions.py
@@ -20,6 +20,16 @@ class BlueChipUser(RequestPermission):
             raise NotAuthorizedError('You are not allowed access.') # pragma: nocover
         return app(environ, start_response)
 
+class BlueChipResident(RequestPermission):
+    def check(self, app, environ, start_response):
+        if 'user' not in environ:
+            raise NotAuthenticatedError('Not Authenticated')
+
+        if not getattr(environ['user'], 'resident', False):
+            raise NotAuthorizedError('You are not allowed access.')
+
+        return app(environ, start_response)
+
 class DummyAuthenticate(AddDictToEnviron):
     """
     Set the authkit.authenticate environment variable so