def revoke_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.membership_type == GroupMembershipType.ldap:
raise GroupOwnerModificationForbidden('An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden('You are not an owner of group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
if len(group.owners())==1 and not identity.current.user.is_admin():
raise GroupOwnerModificationForbidden('Cannot remove the only owner')
else:
group.revoke_ownership(user=user, agent=identity.current.user, service=service)
# hack to return the user removing this owner
# so that if the user was logged in as a group
# owner, he/she can be redirected appropriately
return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.ldap:
raise GroupOwnerModificationForbidden('An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden('You are not an owner of the group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
else:
for assoc in group.user_group_assocs:
if assoc.user == user:
if not assoc.is_owner:
assoc.is_owner = True
group.record_activity(user=identity.current.user, service=service,
field=u'Owner', action='Added',
old=u'', new=user.user_name)
return ''
def revoke_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.membership_type == GroupMembershipType.ldap:
raise GroupOwnerModificationForbidden(
'An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden(
'You are not an owner of group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
if len(group.owners()) == 1 and not identity.current.user.is_admin():
raise GroupOwnerModificationForbidden(
'Cannot remove the only owner')
else:
group.revoke_ownership(user=user,
agent=identity.current.user,
service=service)
# hack to return the user removing this owner
# so that if the user was logged in as a group
# owner, he/she can be redirected appropriately
return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.ldap:
raise GroupOwnerModificationForbidden(
'An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden(
'You are not an owner of the group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
else:
for assoc in group.user_group_assocs:
if assoc.user == user:
if not assoc.is_owner:
assoc.is_owner = True
group.record_activity(user=identity.current.user,
service=service,
field=u'Owner',
action='Added',
old=u'',
new=user.user_name)
return ''
def revoke_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.ldap:
raise GroupOwnerModificationForbidden('An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden('You are not an owner of group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
if len(group.owners())==1 and not identity.current.user.is_admin():
raise GroupOwnerModificationForbidden('Cannot remove the only owner')
else:
for assoc in group.user_group_assocs:
if assoc.user == user:
if assoc.is_owner:
assoc.is_owner = False
group.record_activity(user=identity.current.user, service=service,
field=u'Owner', action='Removed',
old=user.user_name, new=u'')
# hack to return the user removing this owner
# so that if the user was logged in as a group
# owner, he/she can be redirected appropriately
return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.membership_type == GroupMembershipType.ldap:
raise GroupOwnerModificationForbidden(
'An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden(
'You are not an owner of the group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
else:
group.grant_ownership(user=user,
agent=identity.current.user,
service=service)
return ''
def _check_user_email(email_address, user_id):
try:
user_by_email = User.by_email_address(email_address)
except NoResultFound: # Email not being used
pass
else:
#raise ValueError
user_by_id = User.by_id(user_id)
if user_by_id != user_by_email: # An existing email that is not theirs
raise ValueError
def remove_submission_delegate(self, delegate_id, service=u'WEBUI'):
user = identity.current.user
try:
submission_delegate = User.by_id(delegate_id)
except NoResultFound:
flash(_(u'%s is not a valid user id' % delegate_id))
redirect('.')
user.remove_submission_delegate(submission_delegate, service=service)
flash(_(u'%s removed as a submission delegate' % submission_delegate))
redirect('.')
def remove_submission_delegate(self, delegate_id, service=u'WEBUI'):
user = identity.current.user
try:
submission_delegate = User.by_id(delegate_id)
except NoResultFound:
flash(_(u'%s is not a valid user id' % delegate_id))
redirect('.')
user.remove_submission_delegate(submission_delegate, service=service)
flash(_(u'%s removed as a submission delegate' % submission_delegate))
redirect('.')
def unremove(self, id, **kw):
try:
user = User.by_id(id)
except InvalidRequestError:
flash(_(u'Invalid user id %s' % id))
raise redirect('.')
flash(_(u'%s Re-Added') % user.display_name)
try:
self._unremove(user=user)
except BX, e:
flash(_(u'Failed to Re-Add User %s, due to %s' % e))
def remove(self, id, **kw):
try:
user = User.by_id(id)
except InvalidRequestError:
flash(_(u'Invalid user id %s' % id))
raise redirect('.')
try:
self._remove(user=user, method='WEBUI')
except BX, e:
flash( _(u'Failed to remove User %s, due to %s' % (user.user_name, e)))
raise redirect('.')
def unremove(self, id, **kw):
try:
user = User.by_id(id)
except InvalidRequestError:
flash(_(u'Invalid user id %s' % id))
raise redirect('.')
flash( _(u'%s Re-Added') % user.display_name )
try:
self._unremove(user=user)
except BX, e:
flash( _(u'Failed to Re-Add User %s, due to %s' % e))
def remove(self, id, **kw):
try:
user = User.by_id(id)
except InvalidRequestError:
flash(_(u'Invalid user id %s' % id))
raise redirect('.')
try:
self._remove(user=user, method='WEBUI')
except BX, e:
flash( _(u'Failed to remove User %s, due to %s' % (user.user_name, e)))
raise redirect('.')
def validate_python(self, form_fields, state):
user_id = form_fields['user_id']
user_name = form_fields['user_name']
existing_user = User.by_user_name(user_name)
try:
if not user_id: # New user
if existing_user: # with a duplicate name
raise ValueError
else:
if existing_user:
current_user = User.by_id(user_id)
if current_user != existing_user:
raise ValueError
except ValueError:
error = {'user_name' : self.message('not_unique', state)}
raise Invalid('Login name is not unique', form_fields,
state, error_dict=error)
def save(self, **kw):
if kw.get('user_id'):
user = User.by_id(kw['user_id'])
else:
user = User()
session.add(user)
user.display_name = kw['display_name']
user.user_name = kw['user_name']
user.email_address = kw['email_address']
if kw.get('disabled') != user.disabled:
user.disabled = kw.get('disabled')
if user.disabled:
self._disable(user, method="WEBUI")
if kw['password'] != user.password:
user.password = kw['password']
flash(_(u"%s saved" % user.display_name))
redirect(".")
def save(self, **kw):
if kw.get('user_id'):
user = User.by_id(kw['user_id'])
else:
user = User()
session.add(user)
user.display_name = kw['display_name']
user.user_name = kw['user_name']
user.email_address = kw['email_address']
if kw.get('disabled') != user.disabled:
user.disabled = kw.get('disabled')
if user.disabled:
self._disable(user, method="WEBUI")
if kw['password'] != user.password:
user.password = kw['password']
flash( _(u"%s saved" % user.display_name) )
redirect(".")
def edit(self, id=None, **kw):
if id:
user = User.by_id(id)
title = _(u'User %s') % user.user_name
value = user
else:
user = None
title = _(u'New user')
value = kw
return_vals = dict(form=self.user_form,
action='./save',
title=title,
options={},
value=value)
if id:
return_vals['groupsgrid'] = self.show_groups()
else:
return_vals['groupsgrid'] = None
return return_vals
def edit(self, id=None, **kw):
if id:
user = User.by_id(id)
title = _(u'User %s') % user.user_name
value = user
else:
user = None
title = _(u'New user')
value = kw
return_vals = dict(form=self.user_form,
action='./save',
title=title,
options={},
value=value)
if id:
return_vals['groupsgrid'] = self.show_groups()
else:
return_vals['groupsgrid'] = None
return return_vals
def validate_python(self, form_fields, state):
user_id = form_fields['user_id']
user_name = form_fields['user_name']
existing_user = User.by_user_name(user_name)
try:
if not user_id: # New user
if existing_user: # with a duplicate name
raise ValueError
else:
if existing_user:
current_user = User.by_id(user_id)
if current_user != existing_user:
raise ValueError
except ValueError:
error = {'user_name': self.message('not_unique', state)}
raise Invalid('Login name is not unique',
form_fields,
state,
error_dict=error)
def revoke_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.ldap:
raise GroupOwnerModificationForbidden(
'An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden(
'You are not an owner of group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
if len(group.owners()) == 1 and not identity.current.user.is_admin():
raise GroupOwnerModificationForbidden(
'Cannot remove the only owner')
else:
for assoc in group.user_group_assocs:
if assoc.user == user:
if assoc.is_owner:
assoc.is_owner = False
group.record_activity(user=identity.current.user,
service=service,
field=u'Owner',
action='Removed',
old=user.user_name,
new=u'')
# hack to return the user removing this owner
# so that if the user was logged in as a group
# owner, he/she can be redirected appropriately
return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw):
if group_id is not None and id is not None:
group = Group.by_id(group_id)
user = User.by_id(id)
service = 'WEBUI'
else:
group = Group.by_name(kw['group_name'])
user = User.by_user_name(kw['member_name'])
service = 'XMLRPC'
if group.membership_type == GroupMembershipType.ldap:
raise GroupOwnerModificationForbidden('An LDAP group does not have an owner')
if not group.can_edit(identity.current.user):
raise GroupOwnerModificationForbidden('You are not an owner of the group %s' % group)
if user not in group.users:
raise GroupOwnerModificationForbidden('User is not a group member')
else:
group.grant_ownership(user=user, agent=identity.current.user, service=service)
return ''
def old_get_group():
if 'id' in request.args:
user = User.by_id(request.args['id'])
if user is not None:
return flask_redirect(absolute_url(user.href))
raise NotFound404()
def old_get_group():
if 'id' in request.args:
user = User.by_id(request.args['id'])
if user is not None:
return flask_redirect(absolute_url(user.href))
raise NotFound404()
