Ejemplo n.º 1
0
Archivo: auth.py Proyecto: zeth/magpy
    def check_permissions(self,
                          success,
                          failure=None,
                          permissions=None):  # pylint: disable=W0221
        """Check that the user is allowed to use the resources
        defined in permissions.
        permissions - a dictionary with each entry having a
                        resource type as the key, and a list of permissions
                        as the values, e.g.
                        {'author': ['read', 'create', 'update', 'delete']}
        success - the callback to run on success.
        failure - the callback to run on failure.
        """
        if not permissions:
            permissions = {arg: dejsonify(self.request.arguments[arg][0])
                           for arg in self.request.arguments}
        if not failure:
            failure = self.permission_denied

        # 1. get user
        # 2. get relevant groups
        # 2. get models
        # 3. combine them together
        # 4. Test it against the input

        if not self.get_secure_cookie("user"):
            # We are not logged in, go to the next stage
            return self._get_models_for_check_perms(
                groups=None,
                error=None,
                user=None,
                permissions=permissions,
                success=success,
                failure=failure)

        callback = partial(self._get_relevant_groups,
                           permissions=permissions,
                           success=success,
                           failure=failure)
        coll = self.get_collection('_user')
        coll.find_one({'_id': self.get_secure_cookie("user")},
                      callback=callback,
                      fields=['_permissions'])
Ejemplo n.º 2
0
Archivo: auth.py Proyecto: zeth/magpy
    def check_permissions(self, success, failure=None, permissions=None):  # pylint: disable=W0221
        """Check that the user is allowed to use the resources
        defined in permissions.
        permissions - a dictionary with each entry having a
                        resource type as the key, and a list of permissions
                        as the values, e.g.
                        {'author': ['read', 'create', 'update', 'delete']}
        success - the callback to run on success.
        failure - the callback to run on failure.
        """
        if not permissions:
            permissions = {
                arg: dejsonify(self.request.arguments[arg][0])
                for arg in self.request.arguments
            }
        if not failure:
            failure = self.permission_denied

        # 1. get user
        # 2. get relevant groups
        # 2. get models
        # 3. combine them together
        # 4. Test it against the input

        if not self.get_secure_cookie("user"):
            # We are not logged in, go to the next stage
            return self._get_models_for_check_perms(groups=None,
                                                    error=None,
                                                    user=None,
                                                    permissions=permissions,
                                                    success=success,
                                                    failure=failure)

        callback = partial(self._get_relevant_groups,
                           permissions=permissions,
                           success=success,
                           failure=failure)
        coll = self.get_collection('_user')
        coll.find_one({'_id': self.get_secure_cookie("user")},
                      callback=callback,
                      fields=['_permissions'])
Ejemplo n.º 3
0
    def _parse_arguments(self, resource):
        """Parse the critera to make friendly searches."""
        kwargs = {}
        count = None
        arguments = self.request.arguments
        if arguments:
            query = dict((key, value[0]) for \
                             key, value in six.iteritems(arguments))
            if '_limit' in query:
                try:
                    kwargs['limit'] = int(dejsonify(query['_limit']))
                except ValueError:
                    print("Warning: Invalid _limit parameter.")
                del query['_limit']

            if '_sort' in query:
                kwargs['sort'] = dejsonify(query['_sort'])
                del query['_sort']

            if '_skip' in query:
                try:
                    kwargs['skip'] = int(dejsonify(query['_skip']))
                except ValueError:
                    print("Warning: Invalid _skip parameter.")
                del query['_skip']

            if '_count' in query:
                count = dejsonify(query['_count'])
                del query['_count']

            if '_fields' in query:
                kwargs['fields'] = dejsonify(query['_fields'])
                del query['_fields']

            if query:
                # Decode any decoded values
                kwargs['spec'] = {}

                for key, value in six.iteritems(query):
                    kwargs['spec'][key] = dejsonify(value)

        if count == "true":
            return self._count_results(resource, kwargs)

        return self._get_results(count=None,
                                 error=None,
                                 resource=resource,
                                 kwargs=kwargs)
Ejemplo n.º 4
0
Archivo: api.py Proyecto: zeth/magpy
    def _parse_arguments(self, resource):
        """Parse the critera to make friendly searches."""
        kwargs = {}
        count = None
        arguments = self.request.arguments
        if arguments:
            query = dict((key, value[0]) for \
                             key, value in six.iteritems(arguments))
            if '_limit' in query:
                try:
                    kwargs['limit'] = int(dejsonify(query['_limit']))
                except ValueError:
                    print("Warning: Invalid _limit parameter.")
                del query['_limit']

            if '_sort' in query:
                kwargs['sort'] = dejsonify(query['_sort'])
                del query['_sort']

            if '_skip' in query:
                try:
                    kwargs['skip'] = int(dejsonify(query['_skip']))
                except ValueError:
                    print("Warning: Invalid _skip parameter.")
                del query['_skip']

            if '_count' in query:
                count = dejsonify(query['_count'])
                del query['_count']

            if '_fields' in query:
                kwargs['fields'] = dejsonify(query['_fields'])
                del query['_fields']

            if query:
                # Decode any decoded values
                kwargs['spec'] = {}

                for key, value in six.iteritems(query):
                    kwargs['spec'][key] = dejsonify(value)

        if count == "true":
            return self._count_results(resource, kwargs)

        return self._get_results(count=None, error=None,
                                 resource=resource, kwargs=kwargs)