Ejemplo n.º 1
0
def view(request):
    session = DBSession()
    ro, view_params = view_init(request, session, 'actors')

    actors = [('user', Role.to_str(Role.edit), ro.owner)]
    for pol in ro.auth:
        actors.append(('user', Role.to_str(pol.role), pol.actor))

    view_params["actors"] = actors

    return view_params
Ejemplo n.º 2
0
def register_new_actor(request, session, ro, new_uid):
    """Register a new user according to info in form

    Args:
        request: (Request)
        session: (DBSession)
        ro: (ResearchObject)
        new_uid: (str) id of user to add to ro auth

    Returns:
        (bool): whether ro has changed and need to be reloaded
    """
    role = Role.from_str(request.params.get("role_new", "denied"))

    actor = Actor.get(session, new_uid)
    if actor is not None:
        if new_uid in (pol.actor for pol in ro.auth):
            msg = "%s already a direct member" % actor.id
            request.session.flash(msg, 'warning')
            return False

        ro.add_policy(session, actor, role)
        request.session.flash("New actor %s added" % actor.id, 'success')
        return True

    request.session.flash("Actor %s does not exists" % new_uid, 'warning')
    return False
Ejemplo n.º 3
0
def view(request):
    allow_edit = request.unauthenticated_userid is not None

    session = DBSession()

    params = dict(request.params)
    main_search = params.pop('main_search', None)
    if main_search is not None:
        groups = [gr.strip() for gr in main_search.split(" ")
                  if len(gr.strip()) > 0]
        for gr in groups:
            if ":" in gr:
                k, v = gr.split(":")
                params[k.strip()] = v.strip()
            else:
                params["name"] = gr

    res = search(session, params)
    ros = []
    for ro in res:
        role = ro.access_role(session, request.unauthenticated_userid)
        if role != Role.denied:
            ros.append((Role.to_str(role), ro))

    query = " ".join("%s:%s" % kv for kv in params.items())

    return {'allow_edit': allow_edit, 'query': query, 'ros': ros}
Ejemplo n.º 4
0
def view(request):
    session = DBSession()
    team, view_params = view_init(request, session, 'members')

    members = []
    for pol in team.auth:
        members.append((Role.to_str(pol.role), pol.actor))

    view_params["members"] = members

    return view_params
Ejemplo n.º 5
0
def view(request):
    session = DBSession()
    team, view_params = edit_init(request, session, 'members')

    need_update = 'update' in request.params
    if not need_update:
        for pol in team.auth:
            rm_button_id = "rm_%s" % pol.actor
            if rm_button_id in request.params:
                need_update = True

    if need_update:
        need_reload = False

        # check for new members
        new_uid = request.params['new_member']
        if len(new_uid) > 0:
            need_reload = register_new_user(request, session, team, new_uid)

        # update user roles
        for pol in team.auth:
            # check need to remove
            if "rm_%s" % pol.actor in request.params:
                team.remove_policy(session, pol.actor)
                request.session.flash("User %s removed" % pol.actor, 'success')
                need_reload = True
            else:  # update roles
                if pol.actor == new_uid and need_reload:
                    new_role_str = request.params.get("role_new", "denied")
                else:
                    new_role_str = request.params.get("role_%s" % pol.actor,
                                                      "denied")
                new_role = Role.from_str(new_role_str)

                if new_role != pol.role:
                    team.update_policy(session, pol.actor, new_role)
                    need_reload = True

        if need_reload:
            loc = request.current_route_url()
            return HTTPFound(location=loc)
    else:
        pass

    members = []

    for pol in team.auth:
        members.append((pol.role, pol.actor))

    view_params["members"] = members

    return view_params
Ejemplo n.º 6
0
def register_new_user(request, session, team, new_uid):
    """Register a new user according to info in form

    Args:
        request: (Request)
        session: (DBSession)
        team: (Team)
        new_uid: (str) id of user to add to team auth

    Returns:
        (bool): whether team has changed and need to be reloaded
    """
    if new_uid == team.id:
        msg = "Cannot be a member of itself"
        request.session.flash(msg, 'warning')
        return False

    role = Role.from_str(request.params.get("role_new", "denied"))

    member = User.get(session, new_uid)
    if member is not None:
        if new_uid in (pol.actor for pol in team.auth):
            msg = "%s already a direct member" % member.id
            request.session.flash(msg, 'warning')
            return False

        team.add_policy(session, member, role)
        request.session.flash("New member %s added" % member.id, 'success')
        return True

    member = Team.get(session, new_uid)
    if member is not None:
        if team.has_member(session, new_uid):
            request.session.flash("%s already a member" % member.id, 'warning')
            return False

        if member.has_member(session, team.id):
            msg = "Circular reference %s is a member of %s" % (team.id,
                                                               member.id)
            request.session.flash(msg, 'warning')
            return False

        team.add_policy(session, member, role)
        request.session.flash("New member %s added" % member.id, 'success')
        return True

    request.session.flash("User %s does not exists" % new_uid, 'warning')
    return False