def move_to(self, target_id, trans): """ Moves the item to the designated target. @param target_id: The ID of the destination container @type target_id: str @param trans: A valid transaction handle @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ user = currentThread().context.user user_role = permsresolver.get_access(self, user) can_move = (user_role > permsresolver.AUTHOR) ## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id) parent_id = self._parentid target = _db.get_item(target_id, trans) if target == None or target._isDeleted: raise exceptions.ObjectNotFound, ( 'The target container "%s" does not exist.' % target_id , False) if isinstance(self, Shortcut): contentclass = self.get_target_contentclass(trans) else: contentclass = self.get_contentclass() user_role2 = permsresolver.get_access(target, user) if self.isCollection and target.is_contained_in(self._id, trans): raise exceptions.ContainmentError, \ 'Cannot move item to destination.\n' + \ 'The destination is contained in the source.' if (not(self._isSystem) and can_move and user_role2 > permsresolver.READER): if not(contentclass in target.containment): raise exceptions.ContainmentError, \ 'The target container does not accept ' + \ 'objects of type\n"%s".' % contentclass self._parentid = target._id self.inheritRoles = False self.modified = time.time() _db.check_unique(self, None, trans) _db.put_item(self, trans) # update target target.modified = time.time() _db.put_item(target, trans) # update parent parent = _db.get_item(parent_id, trans) parent.modified = time.time() _db.put_item(parent, trans) else: raise exceptions.PermissionDenied, \ 'The object was not moved.\n' + \ 'The user has insufficient permissions.'
def move_to(self, target): """ Moves the item to the designated target. @param target: The id of the target container or the container object itself @type target: str OR L{Container} @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ user = context.user user_role = permsresolver.get_access(self, user) can_move = user_role > permsresolver.AUTHOR ## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id) parent_id = self._pid if isinstance(target, (str, bytes)): target = db._db.get_item(target) if target is None or target._isDeleted: raise exceptions.ObjectNotFound("The target container does not exist.") contentclass = self.get_contentclass() user_role2 = permsresolver.get_access(target, user) if self.isCollection and target.is_contained_in(self._id): raise exceptions.ContainmentError( "Cannot move item to destination.\n" "The destination is contained in the source." ) if not (self._isSystem) and can_move and user_role2 > permsresolver.READER: if contentclass not in target.containment: raise exceptions.ContainmentError( "The target container does not accept " 'objects of type\n"%s".' % contentclass ) db._db.delete_item(self) self._pid = target._id self.inheritRoles = False self.modified = time.time() db._db.put_item(self) # update target if self.isCollection: target._nc += 1 else: target._ni += 1 target.modified = time.time() db._db.put_item(target) # update parent parent = db._db.get_item(parent_id) parent.modified = time.time() db._db.put_item(parent) else: raise exceptions.PermissionDenied("The object was not moved.\n" "The user has insufficient permissions.")
def properties(self): "Displays a generic edit form based on the object's schema" sLang = context.request.get_lang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = iUserRole == permsresolver.READER admin = iUserRole == permsresolver.COORDINATOR modified = date.Date(self.modified) params = { "URI": self.id, "ICON": self.__image__, "TITLE": xml.xml_encode(self.displayName.value), "MODIFIED": modified.format(DATES_FORMAT, sLang), "MODIFIED_BY": xml.xml_encode(self.modifiedBy), "CONTENTCLASS": self.contentclass, "PROPERTIES": [], "EXTRA_TABS": [], "ADMIN": admin, "ROLES_INHERITED": str(self.inheritRoles).lower(), "ACTION_DISABLED": str(readonly).lower(), "METHOD": "update", } # inspect item properties for attr_name in self.__props__: attr = getattr(self, attr_name) if isinstance(attr, datatypes.DataType): control, tab = _getControlFromAttribute(self, attr_name, attr, readonly) params["PROPERTIES"].append(control) params["EXTRA_TABS"].append(tab) return params
def update(self, data): "Updates an object based on values contained inside the data dictionary" # get user role iUserRole = permsresolver.get_access(self, context.user) if "__rolesinherited" in data and iUserRole == permsresolver.COORDINATOR: self.inheritRoles = data.pop("__rolesinherited") if not self.inheritRoles: acl = data.pop("__acl") if acl: security = {} for descriptor in acl: security[descriptor["id"]] = int(descriptor["role"]) self.security = security for prop in data: oAttr = getattr(self, prop) if isinstance(oAttr, datatypes.File): # see if the user has uploaded a new file if data[prop]["tempfile"]: oAttr.filename = data[prop]["filename"] sPath = context.server.temp_folder + "/" + data[prop]["tempfile"] oAttr.load_from_file(sPath) elif isinstance(oAttr, datatypes.Date): oAttr.value = data[prop].value elif isinstance(oAttr, datatypes.Integer): oAttr.value = int(data[prop]) else: oAttr.value = data[prop] self.update() return True
def getInfo(self): "Returns info about the container's contents" sLang = context.request.get_lang() lstChildren = [] children = self.get_children() for child in children: obj = { 'id': child.id, 'cc': child.contentclass, 'image': child.__image__, 'displayName': child.displayName.value, 'isCollection': child.isCollection, 'modified': date.Date(child.modified)} if hasattr(child, 'size'): obj['size'] = child.size lstChildren.append(obj) containment = [] for contained in self.containment: image = misc.get_rto_by_name(contained).__image__ if not type(image) == str: image = '' localestring = resources.get_resource(contained, sLang) containment.append([localestring, contained, image]) return { 'displayName': self.displayName.value, 'path': misc.get_full_path(self), 'parentid': self.parentid, 'iscollection': self.isCollection, 'containment': containment, 'user_role': permsresolver.get_access(self, context.user), 'contents': lstChildren}
def new(self): "Displays a generic form for creating a new object" sCC = context.request.queryString['cc'][0] oNewItem = misc.get_rto_by_name(sCC)() role = permsresolver.get_access(self, context.user) params = { 'CC': sCC, 'URI': self.id, 'TITLE': '@@CREATE@@ "@@%s@@"' % sCC, 'ICON': oNewItem.__image__, 'PROPERTIES': [], 'EXTRA_TABS': [], 'ADMIN': role == permsresolver.COORDINATOR, 'ROLES_INHERITED': 'true', 'ACTION_DISABLED': 'false', 'METHOD': 'create'} # inspect item properties for attr_name in oNewItem.__props__: attr = getattr(oNewItem, attr_name) if isinstance(attr, datatypes.DataType): control, tab = baseitem._getControlFromAttribute(oNewItem, attr_name, attr, False, True) params['PROPERTIES'].append(control) params['EXTRA_TABS'].append(tab) return params
def update(self, trans): """ Updates the item. @param trans: A valid transaction handle @return: None """ old_item = _db.get_item(self._id, trans) parent = _db.get_item(self._parentid, trans) user = currentThread().context.user user_role = permsresolver.get_access(old_item, user) if user_role > permsresolver.READER: # set security if user_role == permsresolver.COORDINATOR: # user is COORDINATOR if (self.inheritRoles != old_item.inheritRoles) or \ (not self.inheritRoles and \ self.security != old_item.security): self._applySecurity(parent, trans) else: # restore previous ACL self.security = old_item.security self.inheritRoles = old_item.inheritRoles _db.handle_update(self, old_item, trans) self.modifiedBy = user.displayName.value self.modified = time.time() parent.modified = self.modified _db.put_item(self, trans) _db.put_item(parent, trans) else: raise exceptions.PermissionDenied, \ 'The user does not have update permissions.'
def create(self, data): "Creates a new item" oNewItem = misc.get_rto_by_name(data.pop('CC'))() # get user role iUserRole = permsresolver.get_access(self, context.user) if '__rolesinherited' in data and iUserRole == permsresolver.COORDINATOR: oNewItem.inheritRoles = data.pop('__rolesinherited') if not oNewItem.inheritRoles: acl = data.pop('__acl') if acl: security = {} for descriptor in acl: security[descriptor['id']] = int(descriptor['role']) oNewItem.security = security # set props for prop in data: oAttr = getattr(oNewItem, prop) if isinstance(oAttr, datatypes.File): if data[prop]['tempfile']: oAttr.filename = data[prop]['filename'] sPath = (context.server.temp_folder + '/' + data[prop]['tempfile']) oAttr.load_from_file(sPath) os.remove(sPath) elif isinstance(oAttr, datatypes.Date): oAttr.value = data[prop].value elif isinstance(oAttr, datatypes.Integer): oAttr.value = int(data[prop]) else: oAttr.value = data[prop] oNewItem.append_to(self) return oNewItem.id
def delete(self, trans): """ Deletes the item permanently. @param trans: A valid transaction handle @return: None """ user = currentThread().context.user self = _db.get_item(self._id, trans) user_role = permsresolver.get_access(self, user) can_delete = (user_role > permsresolver.AUTHOR) or \ (user_role == permsresolver.AUTHOR and self._owner == user._id) if (not(self._isSystem) and can_delete): # delete item physically self._delete(trans) # update container parent = _db.get_item(self._parentid, trans) parent.modified = time.time() _db.put_item(parent, trans) else: raise exceptions.PermissionDenied, \ 'The object was not deleted.\n' + \ 'The user has insufficient permissions.'
def update(self, data): "Updates an object based on values contained inside the data dictionary" # get user role iUserRole = permsresolver.get_access(self, context.user) if '__rolesinherited' in data and iUserRole == permsresolver.COORDINATOR: self.inheritRoles = data.pop('__rolesinherited') if not self.inheritRoles: acl = data.pop('__acl') if acl: security = {} for descriptor in acl: security[descriptor['id']] = int(descriptor['role']) self.security = security for prop in data: oAttr = getattr(self, prop) if isinstance(oAttr, datatypes.File): # see if the user has uploaded a new file if data[prop]['tempfile']: oAttr.filename = data[prop]['filename'] sPath = (context.server.temp_folder + '/' + data[prop]['tempfile']) oAttr.load_from_file(sPath) elif isinstance(oAttr, datatypes.Date): oAttr.value = data[prop].value elif isinstance(oAttr, datatypes.Integer): oAttr.value = int(data[prop]) else: oAttr.value = data[prop] self.update() return True
def properties(self): "Displays a generic edit form based on the object's schema" sLang = context.request.get_lang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = (iUserRole == permsresolver.READER) admin = (iUserRole == permsresolver.COORDINATOR) modified = date.Date(self.modified) params = { 'URI': self.id, 'ICON': self.__image__, 'TITLE': xml.xml_encode(self.displayName.value), 'MODIFIED': modified.format(DATES_FORMAT, sLang), 'MODIFIED_BY': xml.xml_encode(self.modifiedBy), 'CONTENTCLASS': self.contentclass, 'PROPERTIES': [], 'EXTRA_TABS': [], 'ADMIN': admin, 'ROLES_INHERITED': str(self.inheritRoles).lower(), 'ACTION_DISABLED': str(readonly).lower(), 'METHOD': 'update' } # inspect item properties for attr_name in self.__props__: attr = getattr(self, attr_name) if isinstance(attr, datatypes.DataType): control, tab = \ _getControlFromAttribute(self, attr_name, attr, readonly) params['PROPERTIES'].append(control) params['EXTRA_TABS'].append(tab) return params
def new(self): "Displays a generic form for creating a new object" sCC = context.request.queryString['cc'][0] oNewItem = misc.get_rto_by_name(sCC)() role = permsresolver.get_access(self, context.user) params = { 'CC': sCC, 'URI': self.id, 'TITLE': '@@CREATE@@ "@@%s@@"' % sCC, 'ICON': oNewItem.__image__, 'PROPERTIES': [], 'EXTRA_TABS': [], 'ADMIN': role == permsresolver.COORDINATOR, 'ROLES_INHERITED': 'true', 'ACTION_DISABLED': 'false', 'METHOD': 'create' } # inspect item properties for attr_name in oNewItem.__props__: attr = getattr(oNewItem, attr_name) if isinstance(attr, datatypes.DataType): control, tab = baseitem._getControlFromAttribute( oNewItem, attr_name, attr, False, True) params['PROPERTIES'].append(control) params['EXTRA_TABS'].append(tab) return params
def getInfo(self): "Returns info about the container's contents" sLang = context.request.get_lang() lstChildren = [] children = self.get_children() for child in children: obj = { 'id': child.id, 'cc': child.contentclass, 'image': child.__image__, 'displayName': child.displayName.value, 'isCollection': child.isCollection, 'modified': date.Date(child.modified) } if hasattr(child, 'size'): obj['size'] = child.size lstChildren.append(obj) containment = [] for contained in self.containment: image = misc.get_rto_by_name(contained).__image__ if not type(image) == str: image = '' localestring = resources.get_resource(contained, sLang) containment.append([localestring, contained, image]) return { 'displayName': self.displayName.value, 'path': misc.get_full_path(self), 'parentid': self.parentid, 'iscollection': self.isCollection, 'containment': containment, 'user_role': permsresolver.get_access(self, context.user), 'contents': lstChildren }
def new(self): "Displays the form for creating a new application" new_app = common.Application() role = permsresolver.get_access(self, context.user) return { 'CC': new_app.contentclass, 'URI': self.id, 'ICON': new_app.__image__, 'ADMIN': role == permsresolver.COORDINATOR}
def new(self): "Displays the form for creating a new application" new_app = common.Application() role = permsresolver.get_access(self, context.user) return { 'CC': new_app.contentclass, 'URI': self.id, 'ICON': new_app.__image__, 'ADMIN': role == permsresolver.COORDINATOR }
def new(self): oGroup = security.Group() role = permsresolver.get_access(self, context.user) return { 'CC': oGroup.contentclass, 'URI': self.id, 'REL_CC': '|'.join(oGroup.members.relCc), 'ICON': oGroup.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(oGroup.policies.relCc), 'ADMIN': role == permsresolver.COORDINATOR}
def new(self): oGroup = security.Group() role = permsresolver.get_access(self, context.user) return { 'CC': oGroup.contentclass, 'URI': self.id, 'REL_CC': '|'.join(oGroup.members.relCc), 'ICON': oGroup.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(oGroup.policies.relCc), 'ADMIN': role == permsresolver.COORDINATOR }
def new(self): "Displays the form for creating a new user" oUser = security.User() role = permsresolver.get_access(self, context.user) return { 'CC': oUser.contentclass, 'URI': self.id, 'REL_CC': '|'.join(oUser.memberof.relCc), 'ICON': oUser.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(oUser.policies.relCc), 'ADMIN': role == permsresolver.COORDINATOR}
def new(self): "Displays the form for creating a new user" oUser = security.User() role = permsresolver.get_access(self, context.user) return { 'CC': oUser.contentclass, 'URI': self.id, 'REL_CC': '|'.join(oUser.memberof.relCc), 'ICON': oUser.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(oUser.policies.relCc), 'ADMIN': role == permsresolver.COORDINATOR }
def _get_item(self, s): item = persist.loads(s) if self.fetch_all: if self.resolve_shortcuts: while item != None and isinstance(item, Shortcut): item = _db.get_item(item.target.value, self._txn) else: # check read permissions access = permsresolver.get_access(item, self._thread.context.user) if item._isDeleted or access == 0: item = None elif self.resolve_shortcuts and isinstance(item, Shortcut): item = item.get_target(self._txn) return item
def _get_item(self, s): item = persist.loads(s) if not self.enforce_permissions: if self.resolve_shortcuts: while item is not None and isinstance(item, Shortcut): item = _db.get_item(item.target.value) else: # check read permissions access = permsresolver.get_access(item, context.user) if item._isDeleted or access == 0: item = None elif self.resolve_shortcuts and isinstance(item, Shortcut): item = item.get_target() return item
def append_to(self, parent): """ Adds the item to the specified container. @param parent: The id of the destination container or the container itself @type parent: str OR L{Container} @return: None """ if isinstance(parent, basestring): parent = db._db.get_item(parent) contentclass = self.get_contentclass() user = context.user user_role = permsresolver.get_access(parent, user) if user_role == permsresolver.READER: raise exceptions.PermissionDenied( 'The user does not have write permissions ' 'on the parent folder.') if contentclass not in parent.containment: raise exceptions.ContainmentError( 'The target container does not accept ' 'objects of type\n"%s".' % contentclass) # set security to new item if user_role == permsresolver.COORDINATOR: # user is COORDINATOR self._apply_security(parent, True) else: # user is not COORDINATOR self.inheritRoles = True self.security = parent.security self._owner = user._id self._created = time.time() self.modifiedBy = user.displayName.value self.modified = time.time() self._pid = parent._id db._db.handle_update(self, None) db._db.put_item(self) if self.isCollection: parent._nc += 1 else: parent._ni += 1 parent.modified = self.modified db._db.put_item(parent) db._db.handle_post_update(self, None)
def recycle(self, rb_id, trans): """ Moves the item to the specified recycle bin. The item then becomes inaccessible. @param rb_id: The id of the destination container, which must be a L{RecycleBin} instance @type rb_id: str @param trans: A valid transaction handle @return: None """ user = currentThread().context.user self = _db.get_item(self._id, trans) user_role = permsresolver.get_access(self, user) can_delete = (user_role > permsresolver.AUTHOR) or \ (user_role == permsresolver.AUTHOR and self._owner == user._id) if (not(self._isSystem) and can_delete): deleted = DeletedItem(self, trans) deleted._owner = user._id deleted._created = time.time() deleted.modifiedBy = user.displayName.value deleted.modified = time.time() deleted._parentid = rb_id # check recycle bin's containment recycle_bin = _db.get_item(rb_id, trans) if not(deleted.get_contentclass() in recycle_bin.containment): raise exceptions.ContainmentError, \ 'The target container does not accept ' + \ 'objects of type\n"%s".' % deleted.get_contentclass() _db.handle_update(deleted, None, trans) _db.put_item(deleted, trans) # delete item logically self._recycle(trans) # update container parent = _db.get_item(self._parentid, trans) parent.modified = time.time() _db.put_item(parent, trans) else: raise exceptions.PermissionDenied, \ 'The object was not deleted.\n' + \ 'The user has insufficient permissions.'
def get_child_by_name(self, name): """ This method returns the child with the specified name. @param name: The name of the child @type name: str @return: The child object if a child with the given name exists else None. @rtype: L{GenericItem} """ item = db._db.get_child_by_name(self._id, name) if item is not None: user_role = permsresolver.get_access(item, context.user) if user_role < permsresolver.READER: return None return item
def _restore(self, deleted, target): """ Restores a logically deleted item to the designated target. @return: None """ # check permissions user = context.user user_role = permsresolver.get_access(target, user) if user_role > permsresolver.READER: deleted._pid = target._id deleted.inheritRoles = False deleted._undelete() else: raise exceptions.PermissionDenied("The user does not have write permissions on the " "destination folder.")
def append_to(self, parent, trans): """ Adds the item to the specified container. @param parent: The id of the destination container or the container itself @type parent: str OR L{Container} @param trans: A valid transaction handle @return: None """ if type(parent) == str: parent = _db.get_item(parent, trans) if isinstance(self, Shortcut): contentclass = self.get_target_contentclass(trans) else: contentclass = self.get_contentclass() user = currentThread().context.user user_role = permsresolver.get_access(parent, user) if user_role == permsresolver.READER: raise exceptions.PermissionDenied, \ 'The user does not have write permissions ' + \ 'on the parent folder.' if not(contentclass in parent.containment): raise exceptions.ContainmentError, \ 'The target container does not accept ' + \ 'objects of type\n"%s".' % contentclass # set security to new item if user_role == permsresolver.COORDINATOR: # user is COORDINATOR self._applySecurity(parent, trans) else: # user is not COORDINATOR self.inheritRoles = True self.security = parent.security self._owner = user._id self._created = time.time() self.modifiedBy = user.displayName.value self.modified = time.time() self._parentid = parent._id _db.handle_update(self, None, trans) parent.modified = self.modified _db.put_item(self, trans) _db.put_item(parent, trans)
def append_to(self, parent): """ Adds the item to the specified container. @param parent: The id of the destination container or the container itself @type parent: str OR L{Container} @return: None """ if isinstance(parent, basestring): parent = db._db.get_item(parent) contentclass = self.get_contentclass() user = context.user user_role = permsresolver.get_access(parent, user) if user_role == permsresolver.READER: raise exceptions.PermissionDenied("The user does not have write permissions " "on the parent folder.") if contentclass not in parent.containment: raise exceptions.ContainmentError( "The target container does not accept " 'objects of type\n"%s".' % contentclass ) # set security to new item if user_role == permsresolver.COORDINATOR: # user is COORDINATOR self._apply_security(parent, True) else: # user is not COORDINATOR self.inheritRoles = True self.security = parent.security self._owner = user._id self._created = time.time() self.modifiedBy = user.displayName.value self.modified = time.time() self._pid = parent._id db._db.handle_update(self, None) db._db.put_item(self) if self.isCollection: parent._nc += 1 else: parent._ni += 1 parent.modified = self.modified db._db.put_item(parent) db._db.handle_post_update(self, None)
def get_item(oid, trans=None): """ Fetches an object from the database. If the user has no read permissions on the object or the item has been deleted then C{None} is returned. @param oid: The object's ID or the object's full path. @type oid: str @param trans: A valid transaction handle. @rtype: L{GenericItem<porcupine.systemObjects.GenericItem>} """ item = _db.get_item(oid, trans) if item != None and not item._isDeleted and \ permsresolver.get_access(item, currentThread().context.user) != 0: return item
def get_item(oid, trans=None): """ Fetches an object from the database. If the user has no read permissions on the object or the item has been deleted then C{None} is returned. @param oid: The object's ID or the object's full path. @type oid: str @param trans: A valid transaction handle. @rtype: L{GenericItem<porcupine.systemObjects.GenericItem>} """ item = _db.get_item(oid) if item is not None and not item._isDeleted and \ permsresolver.get_access(item, context.user) != 0: return item
def properties(self): "Displays the group's properties form" sLang = context.request.get_lang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = (iUserRole == permsresolver.READER) admin = (iUserRole == permsresolver.COORDINATOR) params = { 'ID': self.id, 'ICON': self.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(self.policies.relCc), 'NAME': xml.xml_encode(self.displayName.value), 'DESCRIPTION': xml.xml_encode(self.description.value), 'MODIFIED': date.Date(self.modified).format(baseitem.DATES_FORMAT, sLang), 'MODIFIED_BY': xml.xml_encode(self.modifiedBy), 'CONTENTCLASS': self.contentclass, 'SELECT_FROM': self.parentid, 'REL_CC': '|'.join(self.members.relCc), 'READONLY': str(readonly).lower(), 'ADMIN': admin, 'ROLES_INHERITED': str(self.inheritRoles).lower() } members_options = [] members = self.members.get_items() for user in members: members_options += [ xml.xml_encode(user.__image__), user.id, xml.xml_encode(user.displayName.value) ] params['MEMBERS'] = ';'.join(members_options) policies_options = [] policies = self.policies.get_items() for policy in policies: policies_options += [ xml.xml_encode(policy.__image__), policy.id, xml.xml_encode(policy.displayName.value) ] params['POLICIES'] = ';'.join(policies_options) return params
def copy_to(self, target): """ Copies the item to the designated target. @param target: The id of the target container or the container object itself @type target: str OR L{Container} @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ if isinstance(target, (str, bytes)): target = db._db.get_item(target) if target is None or target._isDeleted: raise exceptions.ObjectNotFound( 'The target container does not exist.') contentclass = self.get_contentclass() if self.isCollection and target.is_contained_in(self._id): raise exceptions.ContainmentError( 'Cannot copy item to destination.\n' 'The destination is contained in the source.') # check permissions on target folder user = context.user user_role = permsresolver.get_access(target, user) if not (self._isSystem) and user_role > permsresolver.READER: if contentclass not in target.containment: raise exceptions.ContainmentError( 'The target container does not accept ' 'objects of type\n"%s".' % contentclass) self._copy(target, clear_inherited=True) # update parent if self.isCollection: target._nc += 1 else: target._ni += 1 target.modified = time.time() db._db.put_item(target) else: raise exceptions.PermissionDenied( 'The object was not copied.\n' 'The user has insufficient permissions.')
def _restore(self, deleted, target): """ Restores a logically deleted item to the designated target. @return: None """ # check permissions user = context.user user_role = permsresolver.get_access(target, user) if user_role > permsresolver.READER: deleted._pid = target._id deleted.inheritRoles = False deleted._undelete() else: raise exceptions.PermissionDenied( 'The user does not have write permissions on the ' 'destination folder.')
def copy_to(self, target_id, trans): """ Copies the item to the designated target. @param target_id: The ID of the destination container @type target_id: str @param trans: A valid transaction handle @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ target = _db.get_item(target_id, trans) if target == None or target._isDeleted: raise exceptions.ObjectNotFound, ( 'The target container "%s" does not exist.' % target_id , False) if isinstance(self, Shortcut): contentclass = self.get_target_contentclass(trans) else: contentclass = self.get_contentclass() if self.isCollection and target.is_contained_in(self._id, trans): raise exceptions.ContainmentError, \ 'Cannot copy item to destination.\n' + \ 'The destination is contained in the source.' # check permissions on target folder user = currentThread().context.user user_role = permsresolver.get_access(target, user) if not(self._isSystem) and user_role > permsresolver.READER: if not(contentclass in target.containment): raise exceptions.ContainmentError, \ 'The target container does not accept ' + \ 'objects of type\n"%s".' % contentclass self._copy(target, trans, clear_inherited=True) # update parent target.modified = time.time() _db.put_item(target, trans) else: raise exceptions.PermissionDenied, \ 'The object was not copied.\n' + \ 'The user has insufficient permissions.'
def copy_to(self, target): """ Copies the item to the designated target. @param target: The id of the target container or the container object itself @type target: str OR L{Container} @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ if isinstance(target, (str, bytes)): target = db._db.get_item(target) if target is None or target._isDeleted: raise exceptions.ObjectNotFound("The target container does not exist.") contentclass = self.get_contentclass() if self.isCollection and target.is_contained_in(self._id): raise exceptions.ContainmentError( "Cannot copy item to destination.\n" "The destination is contained in the source." ) # check permissions on target folder user = context.user user_role = permsresolver.get_access(target, user) if not (self._isSystem) and user_role > permsresolver.READER: if contentclass not in target.containment: raise exceptions.ContainmentError( "The target container does not accept " 'objects of type\n"%s".' % contentclass ) self._copy(target, clear_inherited=True) # update parent if self.isCollection: target._nc += 1 else: target._ni += 1 target.modified = time.time() db._db.put_item(target) else: raise exceptions.PermissionDenied("The object was not copied.\n" "The user has insufficient permissions.")
def properties(self): "Displays the group's properties form" sLang = context.request.get_lang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = (iUserRole == permsresolver.READER) admin = (iUserRole == permsresolver.COORDINATOR) params = { 'ID': self.id, 'ICON': self.__image__, 'SELECT_FROM_POLICIES': 'policies', 'POLICIES_REL_CC': '|'.join(self.policies.relCc), 'NAME': xml.xml_encode(self.displayName.value), 'DESCRIPTION': xml.xml_encode(self.description.value), 'MODIFIED': date.Date(self.modified).format( baseitem.DATES_FORMAT, sLang), 'MODIFIED_BY': xml.xml_encode(self.modifiedBy), 'CONTENTCLASS': self.contentclass, 'SELECT_FROM': self.parentid, 'REL_CC': '|'.join(self.members.relCc), 'READONLY': str(readonly).lower(), 'ADMIN': admin, 'ROLES_INHERITED': str(self.inheritRoles).lower()} members_options = [] members = self.members.get_items() for user in members: members_options += [xml.xml_encode(user.__image__), user.id, xml.xml_encode(user.displayName.value)] params['MEMBERS'] = ';'.join(members_options) policies_options = [] policies = self.policies.get_items() for policy in policies: policies_options += [xml.xml_encode(policy.__image__), policy.id, xml.xml_encode(policy.displayName.value)] params['POLICIES'] = ';'.join(policies_options) return params
def recycle(self, rb_id): """ Moves the item to the specified recycle bin. The item then becomes inaccessible. @param rb_id: The id of the destination container, which must be a L{RecycleBin} instance @type rb_id: str @return: None """ user = context.user self_ = db._db.get_item(self._id) user_role = permsresolver.get_access(self_, user) can_delete = (user_role > permsresolver.AUTHOR) or \ (user_role == permsresolver.AUTHOR and self_._owner == user._id) if (not (self_._isSystem) and can_delete): deleted = DeletedItem(self_) deleted._owner = user._id deleted._created = time.time() deleted.modifiedBy = user.displayName.value deleted.modified = time.time() deleted._pid = rb_id # check recycle bin's containment recycle_bin = db._db.get_item(rb_id) if deleted.get_contentclass() not in recycle_bin.containment: raise exceptions.ContainmentError( 'The target container does not accept ' 'objects of type\n"%s".' % deleted.get_contentclass()) db._db.handle_update(deleted, None) db._db.put_item(deleted) db._db.handle_post_update(deleted, None) # delete item logically self_._recycle() else: raise exceptions.PermissionDenied( 'The object was not deleted.\n' 'The user has insufficient permissions.')
def delete(self): """ Deletes the item permanently. @return: None """ user = context.user self_ = db._db.get_item(self._id) user_role = permsresolver.get_access(self_, user) can_delete = (user_role > permsresolver.AUTHOR) or ( user_role == permsresolver.AUTHOR and self_._owner == user._id ) if not (self_._isSystem) and can_delete: # delete item physically self_._delete() else: raise exceptions.PermissionDenied("The object was not deleted.\n" "The user has insufficient permissions.")
def delete(self): """ Deletes the item permanently. @return: None """ user = context.user self_ = db._db.get_item(self._id) user_role = permsresolver.get_access(self_, user) can_delete = (user_role > permsresolver.AUTHOR) or \ (user_role == permsresolver.AUTHOR and self_._owner == user._id) if (not (self_._isSystem) and can_delete): # delete item physically self_._delete() else: raise exceptions.PermissionDenied( 'The object was not deleted.\n' 'The user has insufficient permissions.')
def recycle(self, rb_id): """ Moves the item to the specified recycle bin. The item then becomes inaccessible. @param rb_id: The id of the destination container, which must be a L{RecycleBin} instance @type rb_id: str @return: None """ user = context.user self_ = db._db.get_item(self._id) user_role = permsresolver.get_access(self_, user) can_delete = (user_role > permsresolver.AUTHOR) or ( user_role == permsresolver.AUTHOR and self_._owner == user._id ) if not (self_._isSystem) and can_delete: deleted = DeletedItem(self_) deleted._owner = user._id deleted._created = time.time() deleted.modifiedBy = user.displayName.value deleted.modified = time.time() deleted._pid = rb_id # check recycle bin's containment recycle_bin = db._db.get_item(rb_id) if deleted.get_contentclass() not in recycle_bin.containment: raise exceptions.ContainmentError( "The target container does not accept " 'objects of type\n"%s".' % deleted.get_contentclass() ) db._db.handle_update(deleted, None) db._db.put_item(deleted) db._db.handle_post_update(deleted, None) # delete item logically self_._recycle() else: raise exceptions.PermissionDenied("The object was not deleted.\n" "The user has insufficient permissions.")
def properties(self): "Displays the application's properties form" context = HttpContext.current() sLang = context.request.getLang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = (iUserRole == 1) modified = date.Date(self.modified) return { 'ID' : self.id, 'IMG' : self.__image__, 'NAME' : xml.xml_encode(self.displayName.value), 'DESCRIPTION' : xml.xml_encode(self.description.value), 'ICON' : self.icon.value, 'LAUNCH_URL' : xml.xml_encode(self.launchUrl.value), 'MODIFIED' : modified.format(baseitem.DATES_FORMAT, sLang), 'MODIFIED_BY' : xml.xml_encode(self.modifiedBy), 'CONTENTCLASS' : self.contentclass, 'SECURITY_TAB' : baseitem._getSecurity(self, context.user), 'READONLY' : str(readonly).lower() }
def properties(self): "Displays the application's properties form" sLang = context.request.get_lang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = (iUserRole == permsresolver.READER) admin = (iUserRole == permsresolver.COORDINATOR) modified = date.Date(self.modified) return { 'ID': self.id, 'IMG': self.__image__, 'NAME': xml.xml_encode(self.displayName.value), 'DESCRIPTION': xml.xml_encode(self.description.value), 'ICON': self.icon.value, 'LAUNCH_URL': xml.xml_encode(self.launchUrl.value), 'MODIFIED': modified.format(baseitem.DATES_FORMAT, sLang), 'MODIFIED_BY': xml.xml_encode(self.modifiedBy), 'CONTENTCLASS': self.contentclass, 'ADMIN': admin, 'ROLES_INHERITED': str(self.inheritRoles).lower(), 'READONLY': str(readonly).lower()}
def update(self): """ Updates the item. @return: None """ old_item = db._db.get_item(self._id) if self._pid is not None: parent = db._db.get_item(self._pid) else: parent = None user = context.user user_role = permsresolver.get_access(old_item, user) if user_role > permsresolver.READER: # set security if user_role == permsresolver.COORDINATOR: # user is COORDINATOR if (self.inheritRoles != old_item.inheritRoles) or \ (not self.inheritRoles and \ self.security != old_item.security): self._apply_security(parent, False) else: # restore previous ACL self.security = old_item.security self.inheritRoles = old_item.inheritRoles self.modifiedBy = user.displayName.value self.modified = time.time() db._db.handle_update(self, old_item) db._db.put_item(self) if parent is not None: parent.modified = self.modified db._db.put_item(parent) db._db.handle_post_update(self, old_item) else: raise exceptions.PermissionDenied( 'The user does not have update permissions.')
def update(self): """ Updates the item. @return: None """ old_item = db._db.get_item(self._id) if self._pid is not None: parent = db._db.get_item(self._pid) else: parent = None user = context.user user_role = permsresolver.get_access(old_item, user) if user_role > permsresolver.READER: # set security if user_role == permsresolver.COORDINATOR: # user is COORDINATOR if (self.inheritRoles != old_item.inheritRoles) or ( not self.inheritRoles and self.security != old_item.security ): self._apply_security(parent, False) else: # restore previous ACL self.security = old_item.security self.inheritRoles = old_item.inheritRoles self.modifiedBy = user.displayName.value self.modified = time.time() db._db.handle_update(self, old_item) db._db.put_item(self) if parent is not None: parent.modified = self.modified db._db.put_item(parent) db._db.handle_post_update(self, old_item) else: raise exceptions.PermissionDenied("The user does not have update permissions.")
def properties(self): "Displays the group's properties form" context = HttpContext.current() sLang = context.request.getLang() user = context.user iUserRole = permsresolver.get_access(self, user) readonly = iUserRole == 1 params = { "ID": self.id, "ICON": self.__image__, "SELECT_FROM_POLICIES": "policies", "POLICIES_REL_CC": "|".join(self.policies.relCc), "NAME": xml.xml_encode(self.displayName.value), "DESCRIPTION": xml.xml_encode(self.description.value), "MODIFIED": date.Date(self.modified).format(baseitem.DATES_FORMAT, sLang), "MODIFIED_BY": xml.xml_encode(self.modifiedBy), "CONTENTCLASS": self.contentclass, "SELECT_FROM": self.parentid, "REL_CC": "|".join(self.members.relCc), "READONLY": str(readonly).lower(), } members_options = [] members = self.members.get_items() for user in members: members_options += [xml.xml_encode(user.__image__), user.id, xml.xml_encode(user.displayName.value)] params["MEMBERS"] = ";".join(members_options) policies_options = [] policies = self.policies.get_items() for policy in policies: policies_options += [xml.xml_encode(policy.__image__), policy.id, xml.xml_encode(policy.displayName.value)] params["POLICIES"] = ";".join(policies_options) params["SECURITY_TAB"] = baseitem._getSecurity(self, user) return params
def move_to(self, target): """ Moves the item to the designated target. @param target: The id of the target container or the container object itself @type target: str OR L{Container} @return: None @raise L{porcupine.exceptions.ObjectNotFound}: If the target container does not exist. """ user = context.user user_role = permsresolver.get_access(self, user) can_move = (user_role > permsresolver.AUTHOR) ## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id) parent_id = self._pid if isinstance(target, (str, bytes)): target = db._db.get_item(target) if target is None or target._isDeleted: raise exceptions.ObjectNotFound( 'The target container does not exist.') contentclass = self.get_contentclass() user_role2 = permsresolver.get_access(target, user) if self.isCollection and target.is_contained_in(self._id): raise exceptions.ContainmentError( 'Cannot move item to destination.\n' 'The destination is contained in the source.') if (not (self._isSystem) and can_move and user_role2 > permsresolver.READER): if contentclass not in target.containment: raise exceptions.ContainmentError( 'The target container does not accept ' 'objects of type\n"%s".' % contentclass) db._db.delete_item(self) self._pid = target._id self.inheritRoles = False self.modified = time.time() db._db.put_item(self) # update target if self.isCollection: target._nc += 1 else: target._ni += 1 target.modified = time.time() db._db.put_item(target) # update parent parent = db._db.get_item(parent_id) parent.modified = time.time() db._db.put_item(parent) else: raise exceptions.PermissionDenied( 'The object was not moved.\n' 'The user has insufficient permissions.')