Beispiel #1
0
 def addPerms(dbres, ctx, name, session, request):
    try:
       log.info(dbres)
       if dbres and len(dbres)>0:
          session.dmpermissions[request.path]=dbres[0][0]
       if neededPermission(request.method) in session.dmpermissions[request.path]:
          log.info("PERMISSION DB OK, USER: "******" SESSION: "+str(session.uid)) #+" ARGS: "+str(request.args)+" REQ "+str(request))
          self.core.updateSession(session.uid, session, self)
          return rend.Page.locateChild(self, ctx, name)
    except:
       try:
          log.info("Error getting permission from DB USER: "******" SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
       except:
          log.info("Error getting permission from DB USER: GUEST  SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
    try:
       log.info("PERMISSION DB DENIED, USER: "******" SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
    except:
       log.info("PERMISSION DB DENIED, USER: GUEST SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
    return permissionDenied(), ()
Beispiel #2
0
 def locateChild(self, ctx, name):
    session = inevow.ISession(ctx)
    request = inevow.IRequest(ctx)
    try:
       uname = session.mind.perms.username
    except:
       uname = 'guest'
    if not 'sse' in dir(session):
       session.sse = False
    if not 'dmpermissions' in dir(session):
       session.dmpermissions={}
    if request.path in WEB_SYSTEM_PATHS:
       log.info("WEB_SYSTEM_PATH: USER: "******" SESSION: "+str(session.uid)) #+" ARGS: "+str(request.args)+" REQ "+str(request))
       return rend.Page.locateChild(self, ctx, name)
    if request.path in session.dmpermissions.keys():
       if neededPermission(request.method) in session.dmpermissions[request.path]:
          log.debug("PERMISSION OK, SESSION: "+str(session.uid)) #+" ARGS: "+str(request.args)+" REQ "+str(request))
          self.core.updateSession(session.uid, session, self)
          return rend.Page.locateChild(self, ctx, name)
    else:
       return self._addPermissions(ctx, name, session, request)
    log.debug("PERMISSION DENIED, SESSION: "+str(session.uid)+" ARGS: "+str(request.args)+" REQ "+str(request))
    #return rend.Page.locateChild(self, ctx, name)
    return permissionDenied(), ()