def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
dbs.extend([SSUser.db(userId) for userId in userIds])
# validate
writeable = theUser.writeable()
if set(writeable) != set(dbs):
return error("Operation not permitted. You don't have permission to publish to some of these gruops", PermissionError)
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def publish(self, id):
# NOTE: should maybe take publishData url parameter - David 9/5/2009
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id, loggedInUser)
if not theShift:
return error("Resource does not exist.", ResourceDoesNotExistError)
if theShift.type != "shift":
return error("Resource is not of type shift", ResourceTypeError)
publishData = json.loads(helper.getRequestBody())
# convert targets to actual database references
if publishData.get("targets"):
from server.models.group import Group
from server.models.ssuser import SSUser
theUser = SSUser.read(loggedInUser)
targets = publishData["targets"]
# convert short names to group ids
shortNames = [target[1:] for target in targets if target[0] == "&"]
groupIds = Group.shortNamesToIds(shortNames)
# convert user name to user ids
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
# create list of dbs being published to
dbs = [Group.db(groupId) for groupId in groupIds]
# validate groups
writeable = theUser.writeable()
if not set(dbs).issubset(set(writeable)):
return error(
"Operation not permitted. You don't have permission to publish to some of these groups",
PermissionError)
# TODO: validate against blocked users - David 2/15/10
dbs.extend([SSUser.db(userId) for userId in userIds])
publishData["dbs"] = dbs
return data(theShift.publish(publishData))
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.", PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
def share(self, id, users):
from server.models.ssuser import SSUser
loggedInUser = helper.getLoggedInUser()
theShift = Shift.read(id)
if not theShift or theShift.publishData.private:
return error("You don't have permission to view this shift.",
PermissionError)
targets = users.split(" ")
userNames = [target[1:] for target in targets if target[0] == "@"]
userIds = SSUser.namesToIds(userNames)
theShift.shareWith(userIds, fromUser=SSUser.read(loggedInUser))
return ack
