def changeOwnershipOfOwnable(self, currentuser, owner, fqon, newowner):
"this is used for things like itentypes and tagtypes, not for g/a/l. Also for tags?"
otype = gettype(fqon)
oq = otype.objects(basic__fqin=fqon)
try:
ownable = oq.get()
except:
doabort("BAD_REQ", "No such ownable %s %s" % (otype.__name__, fqon))
authorize_ownable_owner(False, self, currentuser, owner, ownable)
# try:
# newowner=self.getUserForFqin(currentuser, newownerfqin)
# except:
# #make sure target exists.
# doabort('BAD_REQ', "No such newowner %s" % newownerfqin)
newownerfqin = newowner.basic.fqin
permit(
self.isMemberOfMembable(currentuser, newowner, ownable),
" Possible new owner %s must be member of ownable %s %s" % (newownerfqin, ptype.__name__, fqpn),
)
try:
oldownerfqpn = ownable.owner
# memb=MembableEmbedded(mtype=User.classname, fqmn=newowner.basic.fqin, readwrite=True, pname = newowner.presentable_name())
memb = is_me_in_pble(newowner, ownable.members)
# oq.filter(members__fqmn=newowner.basic.fqin).update_one(safe_update=True, set__owner = newowner.basic.fqin, set__members_S=memb)
ownable.update(safe_update=True, set__owner=newowner.basic.fqin)
except:
doabort(
"BAD_REQ",
"Failed changing owner from %s to %s for ownable %s %s"
% (oldownerfqpn, newowner.basic.fqin, otype.__name__, fqon),
)
newowner.reload()
ownable.reload()
return newowner, ownable
def acceptInviteToApp(self, currentuser, fullyQualifiedAppName, me, authspec):
app=self.getApp(currentuser, fullyQualifiedAppName)
authorize(False, self, currentuser, me)
permit(self.isInvitedToApp(me, app), "User %s must be invited to app %s" % (me.nick, app.fqin))
try:
me.applicationsin.append(app)
except:
doabort('BAD_REQ', "Failed in user %s accepting invite to app %s" % (me.nick, app.fqin))
return me
def changeOwnershipOfGroup(self, currentuser, fullyQualifiedGroupName, usertobenewowner):
grp=self.getGroup(currentuser, fullyQualifiedGroupName)
#permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
authorize_context_owner(False, self, currentuser, None, grp)
permit(self.isMemberOfGroup(usertobenewowner, grp), " User %s must be member of grp %s" % (currentuser.nick, grp.fqin))
try:
oldownernick=grp.owner.nick
grp.owner = usertobenewowner
except:
doabort('BAD_REQ', "Failed changing owner from %s to %s for group %s" % (oldownernick, usertobenewowner.nick, grp.fqin))
return usertobenewowner
def acceptInviteToGroup(self, currentuser, fullyQualifiedGroupName, me, authspec):
grp=self.getGroup(currentuser, fullyQualifiedGroupName)
authorize(False, self, currentuser, me)
permit(self.isInvitedToGroup(me, grp), "User %s must be invited to group %s" % (me.nick, grp.fqin))
#permit(self.isInvitedToGroup(me, grp) or self.isSystemUser(currentuser), "User %s must be invited to group %s or currentuser must be systemuser" % (me.nick, grp.fqin))
try:
me.groupsin.append(grp)
except:
doabort('BAD_REQ', "Failed in user %s accepting invite to group %s" % (me.nick, grp.fqin))
return me
def changeOwnershipOfGroup(self, currentuser, fqgn, usertobenewownernick):
grpq=Group.objects(basic__fqin=fqgn)
userq= User.objects(nick=usertobenewownernick)
try:
usertobenewowner=userq.get()
except:
doabort('BAD_REQ', "No such user %s" % usertobenewownernick)
try:
grp=grpq.get()
except:
doabort('BAD_REQ', "No such group %s" % fqgn)
authorize_context_owner(False, self, currentuser, None, grp)
permit(self.isMemberOfGroup(usertobenewowner, grp), " User %s must be member of grp %s" % (currentuser.nick, fqgn))
try:
oldownernick=grp.owner
grp.update(safe_update=True, set__owner = usertobenewownernick)
except:
doabort('BAD_REQ', "Failed changing owner from %s to %s for group %s" % (oldownernick, usertobenewowner.nick, fqgn))
return usertobenewownernick
def acceptInviteToApp(self, currentuser, fqan, menick):
appq=Group.objects(basic__fqin=fqan)
userq= User.objects(nick=menick)
try:
me=userq.get()
except:
doabort('BAD_REQ', "No such user %s" % menick)
try:
app=appq.get()
except:
doabort('BAD_REQ', "No such app %s" % fqan)
authorize(False, self, currentuser, me)
permit(self.isInvitedToApp(me, app.basic.fqin), "User %s must be invited to app %s" % (menick, fqan))
try:
userq.update(safe_update=True, push__appsin=fqan, pull__appsinvitedto=fqan)
appq.update(safe_update=True, push__members=menick)
except:
doabort('BAD_REQ', "Failed in user %s accepting invite to app %s" % (menick, fqan))
return menick
def acceptInviteToGroup(self, currentuser, fqgn, menick):
grpq=Group.objects(basic__fqin=fqgn)
userq= User.objects(nick=menick)
try:
me=userq.get()
except:
doabort('BAD_REQ', "No such user %s" % menick)
try:
grp=grpq.get()
except:
doabort('BAD_REQ', "No such group %s" % fqgn)
authorize(False, self, currentuser, me)
print "JJJJJ", me.groupsinvitedto
permit(self.isInvitedToGroup(me, grp.basic.fqin), "User %s must be invited to group %s" % (menick, fqgn))
try:
userq.update(safe_update=True, push__groupsin=fqgn, pull__groupsinvitedto=fqgn)
grpq.update(safe_update=True, push__members=menick)
except:
doabort('BAD_REQ', "Failed in user %s accepting invite to group %s" % (menick, fqgn))
return menick
def acceptInviteToPostable(self, currentuser, fqpn, me):
"do i accept the invite?"
ptype = gettype(fqpn)
postableq = ptype.objects(basic__fqin=fqpn)
# userq= User.objects(basic__fqin=mefqin)
# try:
# me=userq.get()
# except:
# doabort('BAD_REQ', "No such user %s" % mefqin)
mefqin = me.basic.fqin
try:
postable = postableq.get()
except:
doabort("BAD_REQ", "No such postable %s %s" % (ptype.__name__, fqpn))
authorize(False, self, currentuser, me)
permit(
self.isInvitedToPostable(currentuser, me, postable),
"User %s must be invited to postable %s %s" % (mefqin, ptype.__name__, fqpn),
)
try:
inviteds = postable.inviteds
memb = None
for inv in inviteds:
if inv.fqmn == mefqin:
memb = inv
pe = None
for uinv in me.postablesinvitedto:
if uinv.fqpn == fqpn:
pe = uinv
if memb == None or pe == None:
doabort("BAD_REQ", "User %s was never invited to postable %s %s" % (mefqin, ptype.__name__, fqpn))
me.update(safe_update=True, push__postablesin=pe, pull__postablesinvitedto__fqpn=pe.fqpn)
postableq.update(safe_update=True, push__members=memb, pull__inviteds__fqmn=memb.fqmn)
except:
doabort("BAD_REQ", "Failed in user %s accepting invite to gpostable %s %s" % (mefqin, ptype.__name__, fqpn))
me.reload()
return me, postableq.get()
def changeOwnershipOfPostable(self, currentuser, owner, fqpn, newowner):
"give ownership over to another user for g/a/l"
ptype = gettype(fqpn)
postableq = ptype.objects(basic__fqin=fqpn)
try:
postable = postableq.get()
except:
doabort("BAD_REQ", "No such postable %s %s" % (ptype.__name__, fqpn))
# Before anything else, make sure I own the stuff so can transfer it.
# Bug this dosent work if useras is a group
# useras must be member of postable
authorize_postable_owner(False, self, currentuser, owner, postable)
# try:
# newowner=self.getUserForFqin(currentuser, newownerfqin)
# except:
# #make sure target exists.
# doabort('BAD_REQ', "No such newowner %s" % newownerfqin)
newownerfqin = newowner.basic.fqin
# Either as a user or a group, you must be member of group/app or app respectively to
# transfer membership there. But what does it mean for a group to own a group.
# it makes sense for library and app, but not for group. Though currently let us have it
# there. Then if a group owns a group, the person doing the changing must be owner.
# newowner must be member of the postable (group cant own itself)
permit(
self.isMemberOfPostable(currentuser, newowner, postable),
" Possible new owner %s must be member of postable %s %s" % (newownerfqin, ptype.__name__, fqpn),
)
# BUG new orners rwmode must be true!
# we have removed the possibility of group ownership of postables. CHECK. I've removed the push right now as i assume new owner
# must be a member of postable. How does this affect tag ownership if at all?
try:
# we dont need to be that protective here as we have checked for ownership
# and only owners can do this
oldownerfqpn = postable.owner
members = postable.members
# get new user me
# memb=MembableEmbedded(mtype=User.classname, fqmn=newowner.basic.fqin, readwrite=True, pname = newowner.presentable_name())
memb = is_me_in_pble(newowner, postable.members)
# get postable pe
# If owner the pe must already be there.
pe = is_pe_in_mble(postable, owner.postablesowned)
# pe=PostableEmbedded(ptype=ptype.classname,fqpn=postable.basic.fqin, owner=newowner.adsid, pname = postable.presentable_name(), readwrite=True, description=postable.basic.description)
# find new owner as member, locate in postable his membership, update it with readwrite if needed, and make him owner
# add embedded postable to his ownership and his membership
postable.update(safe_update=True, set__owner=newowner.basic.fqin)
newowner.update(safe_update=True, push__postablesowned=pe)
# for old owner we have removed ownership by changing owner, now remove ownership from him
owner.update(safe_update=True, pull__postablesowned__fqpn=fqpn)
# if newownertype != User:
#
# postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=memb)
# else:
# postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=newowner.basic.fqin, pull__members=oldownerfqpn)
except:
doabort(
"BAD_REQ",
"Failed changing owner from %s to %s for postable %s %s"
% (oldownerfqpn, newowner.basic.fqin, ptype.__name__, fqpn),
)
newowner.reload()
postable.reload()
owner.reload()
return newowner, postable
