def edit(self, name=None, widget=True):
group = None
if not name:
target = url_for(".create")
else:
group = usergroup.Group(name)
target = url_for(".save", name=name)
dset = self._setup_dataset(target, group)
if name:
if not env.request.user.has("GROUP_MANAGEMENT"):
raise error.PrewikkaUserError(
_("Permission Denied"),
N_("Access denied to group settings"),
log_priority=log.WARNING)
permissions = env.auth.get_group_permissions(group)
dset["permissions"] = []
for perm in sorted(usergroup.ACTIVE_PERMISSIONS):
dset["permissions"].append((perm, perm in permissions, False))
dset["widget"] = widget
dset["extra_content"] = filter(
None,
hookmanager.trigger("HOOK_GROUPMANAGEMENT_EXTRA_CONTENT", group,
"group"))
return dset.render()
def save(self, name):
group = usergroup.Group(name)
list(hookmanager.trigger("HOOK_GROUPMANAGEMENT_GROUP_MODIFY", group))
old_permissions = env.auth.get_group_permissions(group)
permissions = self._make_permissions_from_parameters(old_permissions)
self.log_property_list_change("permissions", group, old_permissions,
permissions)
env.auth.set_group_permissions(group, permissions)
if env.auth.is_member_of(group, env.request.user):
env.request.user.permissions = env.auth.get_user_permissions(
env.request.user)
# Group memberships
if env.auth.can_manage_group_members():
users = set(
usergroup.User(i)
for i in env.request.parameters.getlist("member_object"))
self.log_property_list_change("users", group,
env.auth.get_group_members(group),
users)
env.auth.set_group_members(group, users)
return response.PrewikkaResponse({
"type": "reload",
"target": ".commonlisting"
})
def delete(self):
if not env.request.user.has("GROUP_MANAGEMENT"):
raise error.PrewikkaUserError(
N_("Permission Denied"),
N_("Access denied to groups modification"),
log_priority=log.WARNING)
for obj in env.request.parameters.getlist("id"):
usergroup.Group(groupid=obj).delete()
def create(self):
group_name = env.request.parameters.get("name")
if not group_name:
raise error.PrewikkaUserError(N_("Could not create group"),
N_("No group name provided"))
if group_name.startswith("/"):
raise error.PrewikkaUserError(
N_("Could not create group"),
N_("Group name cannot start with a slash"))
group = usergroup.Group(group_name)
if env.auth.has_group(group):
raise error.PrewikkaUserError(
N_("Could not create group"),
N_("Group %s already exists", group_name))
group.create()
return self.save(group_name)
def get_group_list(self, search=None):
query = "SELECT name, groupid FROM Prewikka_Group"
if search:
query += " WHERE name LIKE %s" % self.escape("%%%s%%" % search)
return [usergroup.Group(*r) for r in self.query(query)]
def get_member_of(self, user):
return [usergroup.Group(*r) for r in self.query("SELECT PG.name, PUG.groupid FROM Prewikka_User_Group PUG "
"JOIN Prewikka_Group PG USING (groupid) WHERE userid = %s", user.id)]
def get_group_by_id(self, id_):
ret = self.query(
"SELECT name, groupid FROM Prewikka_Group WHERE groupid = %s", id_)
return usergroup.Group(*ret[0]) if ret else None
def save(self, name):
user = usergroup.User(name)
modify_self = env.request.user == user
if not env.auth.has_user(user):
raise error.PrewikkaUserError(N_("Invalid user"),
N_("Specified user does not exist"),
log_priority=log.WARNING)
if name != env.request.user.name and not env.request.user.has(
"USER_MANAGEMENT"):
raise error.PrewikkaUserError(
N_("Permission Denied"),
N_("Cannot modify other users settings"),
log_priority=log.WARNING)
if not env.request.parameters[
"language"] in localization.get_languages():
raise error.PrewikkaUserError(
N_("Invalid Language"),
N_("Specified language does not exist"),
log_priority=log.WARNING)
if not env.request.parameters[
"timezone"] in localization.get_timezones():
raise error.PrewikkaUserError(
N_("Invalid Timezone"),
N_("Specified timezone does not exist"),
log_priority=log.WARNING)
if "password_new" in env.request.parameters and env.request.parameters[
"password_new"] != env.request.parameters.get(
"password_new_confirmation"):
raise error.PrewikkaUserError(N_("Password error"),
N_("Password mismatch"))
reload_type = 0
for param, reload in (("fullname", "none"), ("email", "none"),
("timezone", "view"), ("theme", "window"),
("language", "window")):
value = env.request.parameters.get(param)
if value != user.get_property(param):
if value:
user.set_property(param, value)
else:
user.del_property(param)
if modify_self:
reload_type = max(reload_type, ReloadEnum[reload])
list(hookmanager.trigger("HOOK_USERMANAGEMENT_USER_MODIFY", user))
if env.request.user.has(
"USER_MANAGEMENT") and env.auth.can_manage_permissions():
permissions = self._make_permissions_from_parameters(
user.permissions)
if permissions != set(user.permissions):
old_perms = set(
env.auth.get_user_permissions(
user, ignore_group=True)).difference(
env.auth.get_user_permissions_from_groups(user))
user.permissions = permissions
self.log_property_list_change("permissions", user, old_perms,
permissions)
reload_type = max(
ReloadEnum["window"] if modify_self else
ReloadEnum[".commonlisting"], reload_type)
# Group memberships
if env.auth.can_manage_group_members():
groups = set(
usergroup.Group(i)
for i in env.request.parameters.getlist("member_object"))
if groups != set(env.auth.get_member_of(user)):
self.log_property_list_change("groups", user,
env.auth.get_member_of(user),
groups)
env.auth.set_member_of(user, groups)
reload_type = max(
ReloadEnum["window"] if modify_self else
ReloadEnum[".commonlisting"], reload_type)
if "password_new" in env.request.parameters:
if modify_self:
try:
env.auth.authenticate(
name,
env.request.parameters.get("password_current", ""))
except auth.AuthError:
raise error.PrewikkaUserError(
N_("Password error"), N_("Invalid password specified"))
env.auth.set_password(user, env.request.parameters["password_new"])
user.sync_properties()
if reload_type > ReloadEnum["none"]:
return response.PrewikkaResponse({
"type": "reload",
"target": reload_type.name
})