Ejemplos de check_permissions en Python

Ejemplo n.º 1

def before_inserting_nodes(items):
    """Before inserting a node in the collection we check if the user is allowed
    and we append the project id to it.
    """
    from pillar.auth import current_user

    nodes_collection = current_app.data.driver.db['nodes']

    def find_parent_project(node):
        """Recursive function that finds the ultimate parent of a node."""
        if node and 'parent' in node:
            parent = nodes_collection.find_one({'_id': node['parent']})
            return find_parent_project(parent)
        if node:
            return node
        else:
            return None

    for item in items:
        check_permissions('nodes', item, 'POST')
        if 'parent' in item and 'project' not in item:
            parent = nodes_collection.find_one({'_id': item['parent']})
            project = find_parent_project(parent)
            if project:
                item['project'] = project['_id']

        # Default the 'user' property to the current user.
        item.setdefault('user', current_user.user_id)

Ejemplo n.º 2

def share_node(node_id):
    """Shares a node, or returns sharing information."""

    node_id = str2id(node_id)
    nodes_coll = current_app.data.driver.db['nodes']

    node = nodes_coll.find_one({'_id': node_id},
                               projection={
                                   'project': 1,
                                   'node_type': 1,
                                   'short_code': 1
                               })
    if not node:
        raise wz_exceptions.NotFound('Node %s does not exist.' % node_id)

    check_permissions('nodes', node, request.method)

    log.info('Sharing node %s', node_id)

    short_code = node.get('short_code')
    status = 200

    if not short_code:
        if request.method == 'POST':
            short_code = generate_and_store_short_code(node)
            make_world_gettable(node)
            status = 201
        else:
            return '', 204

    return jsonify(eve_hooks.short_link_info(short_code), status=status)

Ejemplo n.º 3

def before_returning_node(node):
    # Run validation process, since GET on nodes entry point is public
    check_permissions('nodes', node, 'GET', append_allowed_methods=True)

    # Embed short_link_info if the node has a short_code.
    short_code = node.get('short_code')
    if short_code:
        node['short_link'] = short_link_info(short_code)['short_link']

Ejemplo n.º 4

def project_quotas(project_id):
    """Returns information about the project's limits."""

    # Check that the user has GET permissions on the project itself.
    project = mongo.find_one_or_404('projects', project_id)
    check_permissions('projects', project, 'GET')

    file_size_used = utils.project_total_file_size(project_id)

    info = {
        'file_size_quota': None,  # TODO: implement this later.
        'file_size_used': file_size_used,
    }

    return jsonify(info)

Ejemplo n.º 5

Archivo: hooks.py Proyecto: armadillica/pillar

def project_node_type_has_method(response):
    """Check for a specific request arg, and check generate the allowed_methods
    list for the required node_type.
    """

    node_type_name = request.args.get('node_type', '')

    # Proceed only node_type has been requested
    if not node_type_name:
        return

    # Look up the node type in the project document
    if not any(node_type.get('name') == node_type_name
               for node_type in response['node_types']):
        return abort(404)

    # Check permissions and append the allowed_methods to the node_type
    check_permissions('projects', response, 'GET', append_allowed_methods=True,
                      check_node_type=node_type_name)

Ejemplo n.º 6

Archivo: hooks.py Proyecto: babbysross/pillar

def before_delete_project(document):
    """Checks permissions before we allow deletion"""

    check_permissions('projects', document, request.method)
    log.info('Deleting project %s on behalf of user %s', document['_id'],
             current_user)

Ejemplo n.º 7

Archivo: hooks.py Proyecto: babbysross/pillar

def before_edit_check_permissions(document, original):
    check_permissions('projects', original, request.method)

Ejemplo n.º 8

Archivo: hooks.py Proyecto: babbysross/pillar

def before_returning_project_permissions(response):
    # Run validation process, since GET on nodes entry point is public
    check_permissions('projects', response, 'GET', append_allowed_methods=True)

Ejemplo n.º 9

def before_delete_project(document):
    """Checks permissions before we allow deletion"""

    check_permissions('projects', document, request.method)

Ejemplo n.º 10

def before_deleting_node(node: dict):
    check_permissions('nodes', node, 'DELETE')

Ejemplo n.º 11

def before_replacing_node(item, original):
    check_permissions('nodes', original, 'PUT')
    update_file_name(item)

Ejemplo n.º 12

def before_deleting_node(node: dict):
    check_permissions('nodes', node, 'DELETE')
    remove_project_references(node)