def trace_permissions():
embed = request.args.get('embed', '')
user_id = request.args.get('user', '')
folder_path = request.args.get('path', '')
if folder_path == '':
folder_path = os.path.sep
folder = None
user = None
users = []
user_has_admin = False
trace = None
err_msg = None
db_session = data_engine.db_get_session()
try:
# Get folder and selected user info
# User can be None for an anonymous user
user_id = parse_int(user_id)
if user_id != 0:
user = data_engine.get_user(user_id, _db_session=db_session)
if user is None:
raise DoesNotExistError('This user no longer exists')
folder = data_engine.get_folder(folder_path=folder_path,
_db_session=db_session)
if folder is None or folder.status == Folder.STATUS_DELETED:
raise DoesNotExistError('This folder no longer exists')
# Get users list
users = data_engine.list_users(status=User.STATUS_ACTIVE,
order_field=User.username,
_db_session=db_session)
# Get the folder+user traced permissions
trace = permissions_engine._trace_folder_permissions(folder, user)
# Flag on the UI if the user has admin
for gdict in trace['groups']:
gperms = gdict['group'].permissions
if gperms.admin_files or gperms.admin_all:
user_has_admin = True
break
except Exception as e:
log_security_error(e, request)
err_msg = safe_error_str(e)
finally:
try:
return render_template(
'admin_trace_permissions.html',
embed=embed,
folder=folder,
folder_is_root=folder.is_root() if folder else False,
user=user,
user_list=users,
trace=trace,
user_has_admin=user_has_admin,
err_msg=err_msg,
GROUP_ID_PUBLIC=Group.ID_PUBLIC)
finally:
db_session.close()
def get(self, user_id=None):
if user_id is None:
# List users
status_filter = self._get_validated_status_arg(request)
ulist = data_engine.list_users(status=status_filter,
order_field=User.username)
return make_api_success_response(object_to_dict_list(ulist))
else:
# Get single user
user = data_engine.get_user(user_id)
if user is None:
raise DoesNotExistError(str(user_id))
return make_api_success_response(object_to_dict(user))
def get(self, user_id=None):
if user_id is None:
# List users
ulist = data_engine.list_users(order_field=User.username)
# Do not give out anything password related
udictlist = object_to_dict_list(ulist)
for user in udictlist:
del user['password']
return make_api_success_response(udictlist)
else:
# Get single user
user = data_engine.get_user(user_id)
if user is None:
raise DoesNotExistError(str(user_id))
# Do not give out anything password related
udict = object_to_dict(user)
del udict['password']
return make_api_success_response(udict)
def group_edit(group_id):
embed = request.args.get('embed', '')
group = None
users = []
err_msg = None
try:
users = data_engine.list_users(status=User.STATUS_ACTIVE,
order_field=User.username)
if group_id > 0:
group = data_engine.get_group(group_id=group_id, load_users=True)
except Exception as e:
log_security_error(e, request)
err_msg = safe_error_str(e)
return render_template('admin_group_edit.html',
embed=embed,
users=users,
group=group,
err_msg=err_msg,
GROUP_ID_PUBLIC=Group.ID_PUBLIC,
GROUP_TYPE_LOCAL=Group.GROUP_TYPE_LOCAL,
GROUP_TYPE_SYSTEM=Group.GROUP_TYPE_SYSTEM,
STATUS_ACTIVE=User.STATUS_ACTIVE)
def group_edit(group_id):
embed = request.args.get('embed', '')
group = None
users = []
err_msg = None
try:
users = data_engine.list_users(status=User.STATUS_ACTIVE, order_field=User.username)
if group_id > 0:
group = data_engine.get_group(group_id=group_id, load_users=True)
except Exception as e:
log_security_error(e, request)
err_msg = str(e)
return render_template(
'admin_group_edit.html',
embed=embed,
users=users,
group=group,
err_msg=err_msg,
GROUP_ID_PUBLIC=Group.ID_PUBLIC,
GROUP_TYPE_LOCAL=Group.GROUP_TYPE_LOCAL,
GROUP_TYPE_SYSTEM=Group.GROUP_TYPE_SYSTEM,
STATUS_ACTIVE=User.STATUS_ACTIVE
)
def user_list():
return render_template(
'admin_user_list.html',
users=data_engine.list_users(order_field=User.username))
def user_list():
return render_template(
'admin_user_list.html',
users=data_engine.list_users(order_field=User.username)
)
def trace_permissions():
embed = request.args.get('embed', '')
user_id = request.args.get('user', '')
folder_path = request.args.get('path', '')
if folder_path == '':
folder_path = os.path.sep
folder = None
user = None
users = []
user_has_admin = False
trace = None
err_msg = None
db_session = data_engine.db_get_session()
try:
# Get folder and selected user info
# User can be None for an anonymous user
user_id = parse_int(user_id)
if user_id != 0:
user = data_engine.get_user(user_id, _db_session=db_session)
if user is None:
raise DoesNotExistError('This user no longer exists')
folder = data_engine.get_folder(folder_path=folder_path, _db_session=db_session)
if folder is None or folder.status == Folder.STATUS_DELETED:
raise DoesNotExistError('This folder no longer exists')
# Get users list
users = data_engine.list_users(
status=User.STATUS_ACTIVE,
order_field=User.username,
_db_session=db_session
)
# Get the folder+user traced permissions
trace = permissions_engine._trace_folder_permissions(folder, user)
# Flag on the UI if the user has admin
for gdict in trace['groups']:
gperms = gdict['group'].permissions
if gperms.admin_files or gperms.admin_all:
user_has_admin = True
break
except Exception as e:
log_security_error(e, request)
err_msg = str(e)
finally:
try:
return render_template(
'admin_trace_permissions.html',
embed=embed,
folder=folder,
folder_is_root=folder.is_root() if folder else False,
user=user,
user_list=users,
trace=trace,
user_has_admin=user_has_admin,
err_msg=err_msg,
GROUP_ID_PUBLIC=Group.ID_PUBLIC
)
finally:
db_session.close()
