def revoke_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.membership_type == GroupMembershipType.ldap: raise GroupOwnerModificationForbidden('An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden('You are not an owner of group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') if len(group.owners())==1 and not identity.current.user.is_admin(): raise GroupOwnerModificationForbidden('Cannot remove the only owner') else: group.revoke_ownership(user=user, agent=identity.current.user, service=service) # hack to return the user removing this owner # so that if the user was logged in as a group # owner, he/she can be redirected appropriately return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.ldap: raise GroupOwnerModificationForbidden('An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden('You are not an owner of the group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') else: for assoc in group.user_group_assocs: if assoc.user == user: if not assoc.is_owner: assoc.is_owner = True group.record_activity(user=identity.current.user, service=service, field=u'Owner', action='Added', old=u'', new=user.user_name) return ''
def revoke_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.membership_type == GroupMembershipType.ldap: raise GroupOwnerModificationForbidden( 'An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden( 'You are not an owner of group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') if len(group.owners()) == 1 and not identity.current.user.is_admin(): raise GroupOwnerModificationForbidden( 'Cannot remove the only owner') else: group.revoke_ownership(user=user, agent=identity.current.user, service=service) # hack to return the user removing this owner # so that if the user was logged in as a group # owner, he/she can be redirected appropriately return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.ldap: raise GroupOwnerModificationForbidden( 'An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden( 'You are not an owner of the group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') else: for assoc in group.user_group_assocs: if assoc.user == user: if not assoc.is_owner: assoc.is_owner = True group.record_activity(user=identity.current.user, service=service, field=u'Owner', action='Added', old=u'', new=user.user_name) return ''
def revoke_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.ldap: raise GroupOwnerModificationForbidden('An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden('You are not an owner of group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') if len(group.owners())==1 and not identity.current.user.is_admin(): raise GroupOwnerModificationForbidden('Cannot remove the only owner') else: for assoc in group.user_group_assocs: if assoc.user == user: if assoc.is_owner: assoc.is_owner = False group.record_activity(user=identity.current.user, service=service, field=u'Owner', action='Removed', old=user.user_name, new=u'') # hack to return the user removing this owner # so that if the user was logged in as a group # owner, he/she can be redirected appropriately return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.membership_type == GroupMembershipType.ldap: raise GroupOwnerModificationForbidden( 'An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden( 'You are not an owner of the group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') else: group.grant_ownership(user=user, agent=identity.current.user, service=service) return ''
def _check_user_email(email_address, user_id): try: user_by_email = User.by_email_address(email_address) except NoResultFound: # Email not being used pass else: #raise ValueError user_by_id = User.by_id(user_id) if user_by_id != user_by_email: # An existing email that is not theirs raise ValueError
def remove_submission_delegate(self, delegate_id, service=u'WEBUI'): user = identity.current.user try: submission_delegate = User.by_id(delegate_id) except NoResultFound: flash(_(u'%s is not a valid user id' % delegate_id)) redirect('.') user.remove_submission_delegate(submission_delegate, service=service) flash(_(u'%s removed as a submission delegate' % submission_delegate)) redirect('.')
def unremove(self, id, **kw): try: user = User.by_id(id) except InvalidRequestError: flash(_(u'Invalid user id %s' % id)) raise redirect('.') flash(_(u'%s Re-Added') % user.display_name) try: self._unremove(user=user) except BX, e: flash(_(u'Failed to Re-Add User %s, due to %s' % e))
def remove(self, id, **kw): try: user = User.by_id(id) except InvalidRequestError: flash(_(u'Invalid user id %s' % id)) raise redirect('.') try: self._remove(user=user, method='WEBUI') except BX, e: flash( _(u'Failed to remove User %s, due to %s' % (user.user_name, e))) raise redirect('.')
def unremove(self, id, **kw): try: user = User.by_id(id) except InvalidRequestError: flash(_(u'Invalid user id %s' % id)) raise redirect('.') flash( _(u'%s Re-Added') % user.display_name ) try: self._unremove(user=user) except BX, e: flash( _(u'Failed to Re-Add User %s, due to %s' % e))
def validate_python(self, form_fields, state): user_id = form_fields['user_id'] user_name = form_fields['user_name'] existing_user = User.by_user_name(user_name) try: if not user_id: # New user if existing_user: # with a duplicate name raise ValueError else: if existing_user: current_user = User.by_id(user_id) if current_user != existing_user: raise ValueError except ValueError: error = {'user_name' : self.message('not_unique', state)} raise Invalid('Login name is not unique', form_fields, state, error_dict=error)
def save(self, **kw): if kw.get('user_id'): user = User.by_id(kw['user_id']) else: user = User() session.add(user) user.display_name = kw['display_name'] user.user_name = kw['user_name'] user.email_address = kw['email_address'] if kw.get('disabled') != user.disabled: user.disabled = kw.get('disabled') if user.disabled: self._disable(user, method="WEBUI") if kw['password'] != user.password: user.password = kw['password'] flash(_(u"%s saved" % user.display_name)) redirect(".")
def save(self, **kw): if kw.get('user_id'): user = User.by_id(kw['user_id']) else: user = User() session.add(user) user.display_name = kw['display_name'] user.user_name = kw['user_name'] user.email_address = kw['email_address'] if kw.get('disabled') != user.disabled: user.disabled = kw.get('disabled') if user.disabled: self._disable(user, method="WEBUI") if kw['password'] != user.password: user.password = kw['password'] flash( _(u"%s saved" % user.display_name) ) redirect(".")
def edit(self, id=None, **kw): if id: user = User.by_id(id) title = _(u'User %s') % user.user_name value = user else: user = None title = _(u'New user') value = kw return_vals = dict(form=self.user_form, action='./save', title=title, options={}, value=value) if id: return_vals['groupsgrid'] = self.show_groups() else: return_vals['groupsgrid'] = None return return_vals
def validate_python(self, form_fields, state): user_id = form_fields['user_id'] user_name = form_fields['user_name'] existing_user = User.by_user_name(user_name) try: if not user_id: # New user if existing_user: # with a duplicate name raise ValueError else: if existing_user: current_user = User.by_id(user_id) if current_user != existing_user: raise ValueError except ValueError: error = {'user_name': self.message('not_unique', state)} raise Invalid('Login name is not unique', form_fields, state, error_dict=error)
def revoke_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.ldap: raise GroupOwnerModificationForbidden( 'An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden( 'You are not an owner of group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') if len(group.owners()) == 1 and not identity.current.user.is_admin(): raise GroupOwnerModificationForbidden( 'Cannot remove the only owner') else: for assoc in group.user_group_assocs: if assoc.user == user: if assoc.is_owner: assoc.is_owner = False group.record_activity(user=identity.current.user, service=service, field=u'Owner', action='Removed', old=user.user_name, new=u'') # hack to return the user removing this owner # so that if the user was logged in as a group # owner, he/she can be redirected appropriately return str(identity.current.user.user_id)
def grant_owner(self, group_id=None, id=None, **kw): if group_id is not None and id is not None: group = Group.by_id(group_id) user = User.by_id(id) service = 'WEBUI' else: group = Group.by_name(kw['group_name']) user = User.by_user_name(kw['member_name']) service = 'XMLRPC' if group.membership_type == GroupMembershipType.ldap: raise GroupOwnerModificationForbidden('An LDAP group does not have an owner') if not group.can_edit(identity.current.user): raise GroupOwnerModificationForbidden('You are not an owner of the group %s' % group) if user not in group.users: raise GroupOwnerModificationForbidden('User is not a group member') else: group.grant_ownership(user=user, agent=identity.current.user, service=service) return ''
def old_get_group(): if 'id' in request.args: user = User.by_id(request.args['id']) if user is not None: return flask_redirect(absolute_url(user.href)) raise NotFound404()