Example #1
0
 def groupsInApp(self, currentuser, fullyQualifiedAppName):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     # permit(self.isOwnerOfApp(currentuser, app) or self.isSystemUser(currentuser),
     #         "Only owner of app %s or systemuser can get groups" % app.fqin)
     authorize_context_owner(False, self, currentuser, None, app)
     groups=app.applicationgroups
     return [e.info() for e in groups]
Example #2
0
 def removeGroup(self,currentuser, fqgn):
     remgrp=self.getGroup(currentuser, fqgn)
     authorize_context_owner(False, self, currentuser, None, remgrp)
     #BUG: group deletion is very fraught. Once someone else is in there
     #the semantics go crazy
     remgrp.delete(safe=True)
     return OK
Example #3
0
 def changeOwnershipOfLibrary(self, currentuser, fqln, newowner, groupmode=False):
     libq=Library.objects(basic__fqin=fqln)
     if groupmode:
         try:
             groupq=Group.objects(basic__fqin=newowner)
             group=groupq.get()
             newowner=group.basic.fqin
         except:
             #make sure target exists.
             doabort('BAD_REQ', "No such group %s" % newowner)
         authorize_context_member(False, self, currentuser, None, group)
     else:
         try:
             userq= User.objects(nick=newowner)
             newowner=userq.get().nick
         except:
             #make sure target exists.
             doabort('BAD_REQ', "No such user %s" % newowner)
     try:
         lib=libq.get()
     except:
         doabort('BAD_REQ', "No such group %s" % fqtn)
     authorize_context_owner(False, self, currentuser, None, lib)
     try:
         oldownernick=lib.owner
         if groupmode:
             lib.update(safe_update=True, set__owner = newowner, push__members=newowner)
         else:
             lib.update(safe_update=True, set__owner = newowner, push__members=newowner, pull__members=oldownernick)
     except:
         doabort('BAD_REQ', "Failed changing owner from %s to %s for lib %s" % (oldownernick, newowner, fqln))
     return newowner
Example #4
0
 def usersInApp(self, currentuser, fullyQualifiedAppName):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     #owner gets users here as its a bigger context
     authorize_context_owner(False, self, currentuser, None, app)
     # permit(self.isMemberOfApp(currentuser, app) or self.isSystemUser(currentuser),
     #         "Only member of app %s or systemuser can get users" % app.fqin)
     users=app.applicationusers
     return [e.info() for e in users]
Example #5
0
 def removeUserFromGroup(self, currentuser, fullyQualifiedGroupName, usertoberemoved):
     grp=self.getGroup(currentuser, fullyQualifiedGroupName)
     #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
     authorize_context_owner(False, self, currentuser, None, grp)
     try:
         usertoberemoved.groupsin.remove(grp)
     except:
         doabort('BAD_REQ', "Failed removing user %s from group %s" % (usertoberemoved.nick, grp.fqin))
     return OK
Example #6
0
 def inviteUserToApp(self, currentuser, fullyQualifiedAppName, usertobeadded, authspec):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     #permit(self.isOwnerOfApp(currentuser, app) or self.isSystemUser(currentuser), "User %s must be owner of app %s or systemuser" % (currentuser.nick, app.fqin))
     authorize_context_owner(False, self, currentuser, None, app)
     try:
         usertobeadded.applicationsinvitedto.append(app)
     except:
         doabort('BAD_REQ', "Failed inviting user %s to app %s" % (usertobeadded.nick, app.fqin))
     return usertobeaded
Example #7
0
 def removeUserFromApp(self, currentuser, fullyQualifiedAppName, usertoberemoved):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     #permit(self.isOwnerOfApp(currentuser, app) or self.isSystemUser(currentuser), "User %s must be owner of app %s or systemuser" % (currentuser.nick, app.fqin))
     authorize_context_owner(False, self, currentuser, None, app)
     try:
         usertoberemoved.applicationsin.remove(app)
     except:
         doabort('BAD_REQ', "Failed removing user %s from app %s" % (usertoberemoved.nick, app.fqin))
     return OK
Example #8
0
 def inviteUserToApp(self, currentuser, fqan, usertobeaddednick):
     app=self.getApp(currentuser, fqan)
     userq= User.objects(nick=usertobeaddednick)
     authorize_context_owner(False, self, currentuser, None, app)
     try:
         userq.update(safe_update=True, push__appsinvitedto=fqan)
     except:
         doabort('BAD_REQ', "Failed inviting user %s to app %s" % (usertobeadded.nick, fqan))
     return usertobeaddednick
Example #9
0
 def inviteUserToGroup(self, currentuser, fullyQualifiedGroupName, usertobeadded, authspec):
     grp=self.getGroup(currentuser, fullyQualifiedGroupName)
     #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
     authorize_context_owner(False, self, currentuser, None, grp)
     try:
         usertobeadded.groupsinvitedto.append(grp)
     except:
         doabort('BAD_REQ', "Failed inviting user %s to group %s" % (usertobeadded.nick, grp.fqin))
     return usertobeadded
Example #10
0
 def inviteUserToGroup(self, currentuser, fqgn, usertobeaddednick):
     grp=self.getGroup(currentuser, fqgn)
     userq= User.objects(nick=usertobeaddednick)
     authorize_context_owner(False, self, currentuser, None, grp)
     try:
         userq.update(safe_update=True, push__groupsinvitedto=fqgn)
     except:
         doabort('BAD_REQ', "Failed inviting user %s to group %s" % (usertobeadded.nick, fqgn))
     #print "IIIII", userq.get().groupsinvitedto
     return usertobeaddednick
Example #11
0
 def addUserToGroup(self, currentuser, grouporfullyQualifiedGroupName, usertobeadded, authspec):
     grp=_group(currentuser, self, grouporfullyQualifiedGroupName)
     if grp.fqin!='[email protected]/group:public':
         #special case so any user can add themselves to public group
         #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
         authorize_context_owner(False, self, currentuser, None, grp)
     try:
         usertobeadded.groupsin.append(grp)
     except:
         doabort('BAD_REQ', "Failed adding user %s to group %s" % (usertobeadded.nick, grp.fqin))
     return usertobeadded
Example #12
0
    def removeApp(self,currentuser, fullyQualifiedAppName):
        remapp=self.getApp(currentuser, fullyQualifiedAppName)
        authorize_context_owner(False, self, currentuser, None, remapp)

        # permit(self.isOwnerOfApp(currentuser, remapp) or self.isSystemUser(currentuser),
        #         "Only owner of app %s or systemuser can remove app" % remapp.fqin)
        #How will the cascades work? removing users? should we not archive?
        #from an ORM perspective its like groups should be added to a new table ArchivedGroup,
        #or perhaps just flagged "archived"
        self.session.delete(remapp)
        return OK
Example #13
0
 def changeOwnershipOfGroup(self, currentuser, fullyQualifiedGroupName, usertobenewowner):
     grp=self.getGroup(currentuser, fullyQualifiedGroupName)
     #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
     authorize_context_owner(False, self, currentuser, None, grp)
     permit(self.isMemberOfGroup(usertobenewowner, grp), " User %s must be member of grp %s" % (currentuser.nick, grp.fqin))
     try:
         oldownernick=grp.owner.nick
         grp.owner = usertobenewowner
     except:
         doabort('BAD_REQ', "Failed changing owner from %s to %s for group %s" % (oldownernick, usertobenewowner.nick, grp.fqin))
     return usertobenewowner
Example #14
0
 def removeGroupFromApp(self, currentuser, fullyQualifiedAppName, fullyQualifiedGroupName):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     grp=self.getGroup(currentuser, fullyQualifiedGroupName)
     #permit(self.isOwnerOfGroup(currentuser, grp), "User %s must be owner of group %s" % (currentuser.nick, grp.fqin))
     #permit(self.isMemberOfApp(currentuser, app), "User %s must be member of app %s" % (currentuser.nick, app.fqin))
     authorize_context_owner(False, self, currentuser, None, grp)
     authorize_context_member(False, self, currentuser, None, app)
     try:
         grp.applicationsin.remove(app)
         #pubsub depending on what we want to do to delete
     except:
         doabort('BAD_REQ', "Failed removing group %s from app %s" % (grp.fqin, app.fqin))
     return OK
Example #15
0
    def removeUserFromApp(self, currentuser, fqan, usertoberemovednick):
        appq=App.objects(basic__fqin=fqan)
        userq= User.objects(nick=usertoberemovednick)

        try:
            app=appq.get()
        except:
            doabort('BAD_REQ', "No such app %s" % fqan)
        authorize_context_owner(False, self, currentuser, None, app)
        try:
            userq.update(safe_update=True, pull_groupsin=fqan)
            appq.update(safe_update=True, pull__members=usertoberemovednick)
        except:
            doabort('BAD_REQ', "Failed removing user %s from app %s" % (usertoberemovednick, fqan))
        return OK
Example #16
0
 def addGroupToApp(self, currentuser, fullyQualifiedAppName, fullyQualifiedGroupName, authspec):
     app=self.getApp(currentuser, fullyQualifiedAppName)
     grp=self.getGroup(currentuser, fullyQualifiedGroupName)
     #You must be owner of the group and member of the app
     #no useras stuff here?
     #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
     #permit(self.isMemberOfApp(currentuser, app) or self.isSystemUser(currentuser), "User %s must be member of app %s or systemuser" % (currentuser.nick, app.fqin))
     authorize_context_owner(False, self, currentuser, None, grp)
     authorize_context_member(False, self, currentuser, None, app)
     try:
         grp.applicationsin.append(app)
         #pubsub must add the individual users. BUG is that how we want to do it?
     except:
         doabort('BAD_REQ', "Failed adding group %s to app %s" % (grp.fqin, app.fqin))
     return grp
Example #17
0
    def addUserToApp(self, currentuser, fqan, usertobeaddednick):
        appq=App.objects(basic__fqin=fqan)
        userq= User.objects(nick=usertobeaddednick)

        try:
            app=appq.get()
        except:
            doabort('BAD_REQ', "No such app %s" %  fqan)
        authorize_context_owner(False, self, currentuser, None, app)
        try:
            userq.update(safe_update=True, push__appsin=fqan)
            appq.update(safe_update=True, push__members=usertobeaddednick)
        except:
            doabort('BAD_REQ', "Failed adding user %s to app %s" % (usertobeaddednick, fqan))
        return usertobeaddednick
Example #18
0
    def addUserToGroup(self, currentuser, fqgn, usertobeaddednick):
        grpq=Group.objects(basic__fqin=fqgn)
        userq= User.objects(nick=usertobeaddednick)

        try:
            grp=grpq.get()
        except:
            doabort('BAD_REQ', "No such group %s" %  fqgn)

        if fqgn!='adsgut/group:public':
            #special case so any user can add themselves to public group
            #permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
            authorize_context_owner(False, self, currentuser, None, grp)
        try:
            userq.update(safe_update=True, push__groupsin=fqgn)
            grpq.update(safe_update=True, push__members=usertobeaddednick)
        except:
            doabort('BAD_REQ', "Failed adding user %s to group %s" % (usertobeaddednick, fqgn))
        return usertobeaddednick
Example #19
0
 def changeOwnershipOfGroup(self, currentuser, fqgn, usertobenewownernick):
     grpq=Group.objects(basic__fqin=fqgn)
     userq= User.objects(nick=usertobenewownernick)
     try:
         usertobenewowner=userq.get()
     except:
         doabort('BAD_REQ', "No such user %s" % usertobenewownernick)
     try:
         grp=grpq.get()
     except:
         doabort('BAD_REQ', "No such group %s" % fqgn)
     authorize_context_owner(False, self, currentuser, None, grp)
     permit(self.isMemberOfGroup(usertobenewowner, grp), " User %s must be member of grp %s" % (currentuser.nick, fqgn))
     try:
         oldownernick=grp.owner
         grp.update(safe_update=True, set__owner = usertobenewownernick)
     except:
         doabort('BAD_REQ', "Failed changing owner from %s to %s for group %s" % (oldownernick, usertobenewowner.nick, fqgn))
     return usertobenewownernick
Example #20
0
 def changeOwnershipOfType(self, currentuser, fqtypen, typetype, newowner, groupmode=False):
     if typetype=="itemtype":
         typeo=ItemType
     elif typrtype=="tagtype":
         typeo=TagType
     typq=typeo.objects(basic__fqin=fqtypen)
     if groupmode:
         try:
             groupq=Group.objects(basic__fqin=newowner)
             group=groupq.get()
             newowner=group.basic.fqin
         except:
             #make sure target exists.
             doabort('BAD_REQ', "No such group %s" % newowner)
         authorize_context_member(False, self, currentuser, None, group)
     else:
         try:
             userq= User.objects(nick=newowner)
             newowner=userq.get().nick
         except:
             #make sure target exists.
             doabort('BAD_REQ', "No such user %s" % newowner)
     try:
         typ=typq.get()
     except:
         doabort('BAD_REQ', "No such group %s" % fqtypen)
     authorize_context_owner(False, self, currentuser, None, typ)
     try:
         oldownernick=typ.owner
         if groupmode:
             typ.update(safe_update=True, set__owner = newowner)
         else:
             typ.update(safe_update=True, set__owner = newowner)
     except:
         doabort('BAD_REQ', "Failed changing owner from %s to %s for type %s" % (oldownernick, newowner, fqtypen))
     return newowner
Example #21
0
 def usersInApp(self, currentuser, fqan):
     app=self.getApp(currentuser, fqan)
     #owner gets users here as its a bigger context
     authorize_context_owner(False, self, currentuser, None, app)
     users=app.members
     return users
Example #22
0
 def removeApp(self,currentuser, fqan):
     remapp=self.getApp(currentuser, fqan)
     authorize_context_owner(False, self, currentuser, None, remapp)
     #BUG: app deletion, just like group deletion, is fraught.
     remapp.delete(safe=True)
     return OK