def can_anonymous_read(siloname, id=None):
# if silo/id object is not under embargo, return true
if granary.issilo(siloname):
silo = granary.get_rdf_silo(siloname)
if not is_embargoed(silo, id):
# Not embargoed, so files+md readable
return True
else:
return False
def can_anonymous_read(siloname, id=None):
# if silo/id object is not under embargo, return true
if granary.issilo(siloname):
silo = granary.get_rdf_silo(siloname)
if not is_embargoed(silo, id):
# Not embargoed, so files+md readable
return True
else:
return False
def is_creator(username, siloname, id):
if granary.issilo(siloname):
silo = granary.get_rdf_silo(siloname)
if silo.exists(id):
item = silo.get_item(id)
if item.manifest and item.manifest.state and 'metadata' in item.manifest.state and item.manifest.state['metadata'] and \
'createdby' in item.manifest.state['metadata'] and item.manifest.state['metadata']['createdby']:
return (username == item.manifest.state['metadata']['createdby'])
return False
def can_list_silo(user, siloname):
# if user is admin/manager/submitter or creator of id then okay
if granary.issilo(siloname):
if can_anonymous_read(siloname, id):
return ALLDATA
else:
if user.is_authenticated():
if user.is_administrator(siloname) or user.is_manager(siloname) or is_creator(user.username, siloname, id):
return ALLDATA
return MDONLY
else:
raise NotASilo()
def is_creator(username, siloname, id):
if granary.issilo(siloname):
silo = granary.get_rdf_silo(siloname)
if silo.exists(id):
item = silo.get_item(id)
if (
item.manifest
and item.manifest.state
and "metadata" in item.manifest.state
and item.manifest.state["metadata"]
and "createdby" in item.manifest.state["metadata"]
and item.manifest.state["metadata"]["createdby"]
):
return username == item.manifest.state["metadata"]["createdby"]
return False
def can_list_silo(user, siloname):
# if user is admin/manager/submitter or creator of id then okay
if granary.issilo(siloname):
if can_anonymous_read(siloname, id):
return ALLDATA
else:
if user.is_authenticated():
if (
user.is_administrator(siloname)
or user.is_manager(siloname)
or is_creator(user.username, siloname, id)
):
return ALLDATA
return MDONLY
else:
raise NotASilo()
def can_read(user, siloname, id=None):
# if silo/id object is not under embargo, return true
# else if user is admin/manager or creator of id then all is visible
# otherwise, just show MD (or nothing if repository set to block MD)
if granary.issilo(siloname):
if can_anonymous_read(siloname, id):
return ALLDATA
else:
if user.is_authenticated():
if user.is_administrator(siloname) or user.is_manager(siloname):
return ALLDATA
elif user.is_submitter(siloname):
if id == None or is_creator(user.username, siloname, id):
# submitter to repository - allow read to silo contents
return ALLDATA
return MDONLY
else:
raise NotASilo()
def can_read(user, siloname, id=None):
# if silo/id object is not under embargo, return true
# else if user is admin/manager or creator of id then all is visible
# otherwise, just show MD (or nothing if repository set to block MD)
if granary.issilo(siloname):
if can_anonymous_read(siloname, id):
return ALLDATA
else:
if user.is_authenticated():
if user.is_administrator(siloname) or user.is_manager(siloname):
return ALLDATA
elif user.is_submitter(siloname):
if id == None or is_creator(user.username, siloname, id):
# submitter to repository - allow read to silo contents
return ALLDATA
return MDONLY
else:
raise NotASilo()
def can_write(user, siloname, id=None):
# False if not authenticated
# True if admin/manager
# or True if submitter AND creator of id
# or True if submitter and no id is given (ie silo rights)
# else False
if not user.is_authenticated():
return False
if granary.issilo(siloname):
if user.is_administrator(siloname) or user.is_manager(siloname):
return True
elif user.is_submitter(siloname):
if id == None:
return True
elif is_creator(user.username, siloname, id):
return True
return False
else:
raise NotASilo()
def can_write(user, siloname, id=None):
# False if not authenticated
# True if admin/manager
# or True if submitter AND creator of id
# or True if submitter and no id is given (ie silo rights)
# else False
if not user.is_authenticated():
return False
if granary.issilo(siloname):
if user.is_administrator(siloname) or user.is_manager(siloname):
return True
elif user.is_submitter(siloname):
if id == None:
return True
elif is_creator(user.username, siloname, id):
return True
return False
else:
raise NotASilo()
