Ejemplo n.º 1
0
    def edit(self, name=None, widget=True):
        group = None

        if not name:
            target = url_for(".create")
        else:
            group = usergroup.Group(name)
            target = url_for(".save", name=name)

        dset = self._setup_dataset(target, group)
        if name:
            if not env.request.user.has("GROUP_MANAGEMENT"):
                raise error.PrewikkaUserError(
                    _("Permission Denied"),
                    N_("Access denied to group settings"),
                    log_priority=log.WARNING)

            permissions = env.auth.get_group_permissions(group)

            dset["permissions"] = []
            for perm in sorted(usergroup.ACTIVE_PERMISSIONS):
                dset["permissions"].append((perm, perm in permissions, False))

        dset["widget"] = widget
        dset["extra_content"] = filter(
            None,
            hookmanager.trigger("HOOK_GROUPMANAGEMENT_EXTRA_CONTENT", group,
                                "group"))

        return dset.render()
Ejemplo n.º 2
0
    def save(self, name):
        group = usergroup.Group(name)
        list(hookmanager.trigger("HOOK_GROUPMANAGEMENT_GROUP_MODIFY", group))

        old_permissions = env.auth.get_group_permissions(group)
        permissions = self._make_permissions_from_parameters(old_permissions)

        self.log_property_list_change("permissions", group, old_permissions,
                                      permissions)

        env.auth.set_group_permissions(group, permissions)
        if env.auth.is_member_of(group, env.request.user):
            env.request.user.permissions = env.auth.get_user_permissions(
                env.request.user)

        # Group memberships
        if env.auth.can_manage_group_members():
            users = set(
                usergroup.User(i)
                for i in env.request.parameters.getlist("member_object"))
            self.log_property_list_change("users", group,
                                          env.auth.get_group_members(group),
                                          users)
            env.auth.set_group_members(group, users)

        return response.PrewikkaResponse({
            "type": "reload",
            "target": ".commonlisting"
        })
Ejemplo n.º 3
0
    def delete(self):
        if not env.request.user.has("GROUP_MANAGEMENT"):
            raise error.PrewikkaUserError(
                N_("Permission Denied"),
                N_("Access denied to groups modification"),
                log_priority=log.WARNING)

        for obj in env.request.parameters.getlist("id"):
            usergroup.Group(groupid=obj).delete()
Ejemplo n.º 4
0
    def create(self):
        group_name = env.request.parameters.get("name")
        if not group_name:
            raise error.PrewikkaUserError(N_("Could not create group"),
                                          N_("No group name provided"))

        if group_name.startswith("/"):
            raise error.PrewikkaUserError(
                N_("Could not create group"),
                N_("Group name cannot start with a slash"))

        group = usergroup.Group(group_name)
        if env.auth.has_group(group):
            raise error.PrewikkaUserError(
                N_("Could not create group"),
                N_("Group %s already exists", group_name))

        group.create()
        return self.save(group_name)
Ejemplo n.º 5
0
 def get_group_list(self, search=None):
     query = "SELECT name, groupid FROM Prewikka_Group"
     if search:
         query += " WHERE name LIKE %s" % self.escape("%%%s%%" % search)
     return [usergroup.Group(*r) for r in self.query(query)]
Ejemplo n.º 6
0
 def get_member_of(self, user):
     return [usergroup.Group(*r) for r in self.query("SELECT PG.name, PUG.groupid FROM Prewikka_User_Group PUG "
                                                     "JOIN Prewikka_Group PG USING (groupid) WHERE userid = %s", user.id)]
Ejemplo n.º 7
0
 def get_group_by_id(self, id_):
     ret = self.query(
         "SELECT name, groupid FROM Prewikka_Group WHERE groupid = %s", id_)
     return usergroup.Group(*ret[0]) if ret else None
Ejemplo n.º 8
0
    def save(self, name):
        user = usergroup.User(name)
        modify_self = env.request.user == user

        if not env.auth.has_user(user):
            raise error.PrewikkaUserError(N_("Invalid user"),
                                          N_("Specified user does not exist"),
                                          log_priority=log.WARNING)

        if name != env.request.user.name and not env.request.user.has(
                "USER_MANAGEMENT"):
            raise error.PrewikkaUserError(
                N_("Permission Denied"),
                N_("Cannot modify other users settings"),
                log_priority=log.WARNING)

        if not env.request.parameters[
                "language"] in localization.get_languages():
            raise error.PrewikkaUserError(
                N_("Invalid Language"),
                N_("Specified language does not exist"),
                log_priority=log.WARNING)

        if not env.request.parameters[
                "timezone"] in localization.get_timezones():
            raise error.PrewikkaUserError(
                N_("Invalid Timezone"),
                N_("Specified timezone does not exist"),
                log_priority=log.WARNING)

        if "password_new" in env.request.parameters and env.request.parameters[
                "password_new"] != env.request.parameters.get(
                    "password_new_confirmation"):
            raise error.PrewikkaUserError(N_("Password error"),
                                          N_("Password mismatch"))

        reload_type = 0

        for param, reload in (("fullname", "none"), ("email", "none"),
                              ("timezone", "view"), ("theme", "window"),
                              ("language", "window")):
            value = env.request.parameters.get(param)
            if value != user.get_property(param):
                if value:
                    user.set_property(param, value)
                else:
                    user.del_property(param)

                if modify_self:
                    reload_type = max(reload_type, ReloadEnum[reload])

        list(hookmanager.trigger("HOOK_USERMANAGEMENT_USER_MODIFY", user))

        if env.request.user.has(
                "USER_MANAGEMENT") and env.auth.can_manage_permissions():
            permissions = self._make_permissions_from_parameters(
                user.permissions)

            if permissions != set(user.permissions):
                old_perms = set(
                    env.auth.get_user_permissions(
                        user, ignore_group=True)).difference(
                            env.auth.get_user_permissions_from_groups(user))
                user.permissions = permissions
                self.log_property_list_change("permissions", user, old_perms,
                                              permissions)
                reload_type = max(
                    ReloadEnum["window"] if modify_self else
                    ReloadEnum[".commonlisting"], reload_type)

            # Group memberships
            if env.auth.can_manage_group_members():
                groups = set(
                    usergroup.Group(i)
                    for i in env.request.parameters.getlist("member_object"))
                if groups != set(env.auth.get_member_of(user)):
                    self.log_property_list_change("groups", user,
                                                  env.auth.get_member_of(user),
                                                  groups)
                    env.auth.set_member_of(user, groups)
                    reload_type = max(
                        ReloadEnum["window"] if modify_self else
                        ReloadEnum[".commonlisting"], reload_type)

        if "password_new" in env.request.parameters:
            if modify_self:
                try:
                    env.auth.authenticate(
                        name,
                        env.request.parameters.get("password_current", ""))
                except auth.AuthError:
                    raise error.PrewikkaUserError(
                        N_("Password error"), N_("Invalid password specified"))

            env.auth.set_password(user, env.request.parameters["password_new"])

        user.sync_properties()

        if reload_type > ReloadEnum["none"]:
            return response.PrewikkaResponse({
                "type": "reload",
                "target": reload_type.name
            })