def get_process_name_dict(search_type, project_code='', is_group_restricted=False, sobject=None):
'''get process names for pipelines with a particular search type'''
pipes = []
if sobject:
pipe_code = sobject.get_value('pipeline_code', no_exception=True)
if pipe_code:
pipe = Pipeline.get_by_code(pipe_code)
if pipe:
pipes = [pipe]
if not pipes:
pipes = Pipeline.get_by_search_type(search_type, project_code)
process_name_dict = {}
my_group_names = LoginGroup.get_group_names()
if pipes:
for pipe in pipes:
visible_process_names = []
process_names = pipe.get_process_names(recurse=True)
if is_group_restricted:
for process_name in process_names:
group_name = pipe.get_group(process_name)
if group_name and group_name not in my_group_names:
continue
else:
visible_process_names.append(process_name)
else:
visible_process_names.extend(process_names)
process_name_dict[pipe.get_code()] = visible_process_names
return process_name_dict
def url_commit(self):
from pyasm.web import WebContainer
web = WebContainer.get_web()
group_name = web.get_form_value("group_name")
group = LoginGroup.get_by_group_name(group_name)
attr = SecurityRulesAttr(group,"access_rules")
# go through each msg and process
change_made = False
msgs = web.get_form_values("url_levels")
for msg in msgs:
url, level = msg.split("|")
try:
attr.add_url_access(url,level)
except CommandExitException:
pass
else:
change_made = True
# only commit if a change has bee made
if change_made:
group.set_value("access_rules", attr.get_xml() )
group.commit()
else:
raise CommandExitException()
self.description = "Modified url '%s' security settings" % url
def get_process_name_dict(search_type, project_code='', is_group_restricted=False, sobject=None):
'''get process names for pipelines with a particular search type'''
pipes = []
if sobject:
pipe_code = sobject.get_value('pipeline_code', no_exception=True)
if pipe_code:
pipe = Pipeline.get_by_code(pipe_code)
if pipe:
pipes = [pipe]
if not pipes:
pipes = Pipeline.get_by_search_type(search_type, project_code)
process_name_dict = {}
my_group_names = LoginGroup.get_group_names()
if pipes:
for pipe in pipes:
visible_process_names = []
process_names = pipe.get_process_names(recurse=True)
if is_group_restricted:
for process_name in process_names:
group_name = pipe.get_group(process_name)
if group_name and group_name not in my_group_names:
continue
else:
visible_process_names.append(process_name)
else:
visible_process_names.extend(process_names)
process_name_dict[pipe.get_code()] = visible_process_names
return process_name_dict
def url_commit(my):
from pyasm.web import WebContainer
web = WebContainer.get_web()
group_name = web.get_form_value("group_name")
group = LoginGroup.get_by_group_name(group_name)
attr = SecurityRulesAttr(group, "access_rules")
# go through each msg and process
change_made = False
msgs = web.get_form_values("url_levels")
for msg in msgs:
url, level = msg.split("|")
try:
attr.add_url_access(url, level)
except CommandExitException:
pass
else:
change_made = True
# only commit if a change has bee made
if change_made:
group.set_value("access_rules", attr.get_xml())
group.commit()
else:
raise CommandExitException()
my.description = "Modified url '%s' security settings" % url
def get_mail_users(my, column):
# mail groups
recipients = set()
expr = my.notification.get_value(column, no_exception=True)
if expr:
sudo = Sudo()
# Introduce an environment that can be reflected
env = {
'sobject': my.sobject
}
#if expr.startswith("@"):
# logins = Search.eval(expr, list=True, env_sobjects=env)
#else:
parts = expr.split("\n")
# go through each login and evaluate each
logins = []
for part in parts:
if part.startswith("@") or part.startswith("{"):
results = Search.eval(part, list=True, env_sobjects=env)
# clear the container after each expression eval
ExpressionParser.clear_cache()
# these can just be login names, get the actual Logins
if results:
if isinstance(results[0], basestring):
login_sobjs = Search.eval("@SOBJECT(sthpw/login['login','in','%s'])" %'|'.join(results), list=True)
login_list = SObject.get_values(login_sobjs, 'login')
for result in results:
# the original result could be an email address already
if result not in login_list:
logins.append(result)
if login_sobjs:
logins.extend( login_sobjs )
else:
logins.extend(results)
elif part.find("@") != -1:
# this is just an email address
logins.append( part )
elif part:
# this is a group
group = LoginGroup.get_by_code(part)
if group:
logins.extend( group.get_logins() )
del sudo
else:
notification_id = my.notification.get_id()
logins = GroupNotification.get_logins_by_id(notification_id)
for login in logins:
recipients.add(login)
return recipients
def get_mail_users(my, column):
# mail groups
recipients = set()
expr = my.notification.get_value(column, no_exception=True)
if expr:
sudo = Sudo()
# Introduce an environment that can be reflected
env = {'sobject': my.sobject}
#if expr.startswith("@"):
# logins = Search.eval(expr, list=True, env_sobjects=env)
#else:
parts = expr.split("\n")
# go through each login and evaluate each
logins = []
for part in parts:
if part.startswith("@") or part.startswith("{"):
results = Search.eval(part, list=True, env_sobjects=env)
# clear the container after each expression eval
ExpressionParser.clear_cache()
# these can just be login names, get the actual Logins
if results:
if isinstance(results[0], basestring):
login_sobjs = Search.eval(
"@SOBJECT(sthpw/login['login','in','%s'])" %
'|'.join(results),
list=True)
login_list = SObject.get_values(
login_sobjs, 'login')
for result in results:
# the original result could be an email address already
if result not in login_list:
logins.append(result)
if login_sobjs:
logins.extend(login_sobjs)
else:
logins.extend(results)
elif part.find("@") != -1:
# this is just an email address
logins.append(part)
elif part:
# this is a group
group = LoginGroup.get_by_code(part)
if group:
logins.extend(group.get_logins())
del sudo
else:
notification_id = my.notification.get_id()
logins = GroupNotification.get_logins_by_id(notification_id)
for login in logins:
recipients.add(login)
return recipients
def get_display(my):
div = DivWdg()
div.add_class("spt_security")
div.add_attr("id", "SecurityManagerWdg")
div.add_attr("spt_class_name", Common.get_full_class_name(my) )
div.add_attr("spt_search_key", my.search_key)
div.add_attr("spt_update", "true")
project_div = DivWdg()
project_div.add_color("background", "background")
project_div.add_color("color", "color")
project_div.add_style("padding: 10px")
project_div.add_border()
project_div.add_style("width: 300px")
group = SearchKey.get_by_search_key(my.search_key)
title = DivWdg()
title.add_class("maq_search_bar")
name = group.get_value("login_group")
title.add("Global security settings for %s" % name)
project_div.add(title)
access_rules = group.get_xml_value("access_rules")
access_manager = AccessManager()
access_manager.add_xml_rules(access_rules)
access_level = group.get_access_level()
project_code = group.get_value('project_code')
if project_code:
project_codes = set(project_code)
else:
project_codes = set()
xml = LoginGroup.get_default_access_rule(access_level, project_codes)
access_manager.add_xml_rules(xml)
group = "builtin"
global_default_access = "deny"
list_div = DivWdg()
list_div.add_style("color: #222")
for item in permission_list:
if item.get('group'):
group_div = DivWdg()
list_div.add(group_div)
group_div.add_style("margin-top: 10px")
group_div.add_style("font-weight: bold")
group_div.add(item.get('group'))
group_div.add("<hr/>")
continue
item_div = DivWdg()
list_div.add(item_div)
item_div.add_style("margin-top: 5px")
key = item.get('key')
item_default = item.get('default')
if item_default:
default_access = item_default
else:
default_access = global_default_access
allowed = access_manager.check_access(group, key, "allow", default=default_access)
checkbox = CheckboxWdg("rule")
if allowed:
checkbox.set_checked()
checkbox.set_option("value", key)
item_div.add(checkbox)
item_div.add_style("color: #222")
item_div.add(item.get('title') )
project_div.add(list_div)
project_div.add("<hr>")
#close_script = "spt.popup.close(bvr.src_el.getParent('.spt_popup'))"
save_button = ActionButtonWdg(title="Save", tip="Save Security Settings")
save_button.add_behavior( {
"type": "click_up",
"cbjs_action": "el=bvr.src_el.getParent('.spt_security');spt.panel.refresh(el);" } )
save_button.add_style("margin-left: auto")
save_button.add_style("margin-right: auto")
project_div.add(save_button)
div.add(project_div)
if my.update == "true":
div.add(HtmlElement.br())
div.add(HtmlElement.b(my.description))
return div
def get_display(self):
div = DivWdg()
div.add_class("spt_security")
div.add_attr("id", "SecurityManagerWdg")
div.add_attr("spt_class_name", Common.get_full_class_name(self) )
div.add_attr("spt_search_key", self.search_key)
div.add_attr("spt_update", "true")
project_div = DivWdg()
project_div.add_color("background", "background")
project_div.add_color("color", "color")
project_div.add_style("padding: 10px")
project_div.add_border()
project_div.add_style("width: 300px")
group = SearchKey.get_by_search_key(self.search_key)
title = DivWdg()
title.add_class("maq_search_bar")
name = group.get_value("login_group")
title.add("Global security settings for %s" % name)
project_div.add(title)
access_rules = group.get_xml_value("access_rules")
access_manager = AccessManager()
access_manager.add_xml_rules(access_rules)
access_level = group.get_access_level()
project_code = group.get_value('project_code')
if project_code:
project_codes = set(project_code)
else:
project_codes = set()
xml = LoginGroup.get_default_access_rule(access_level, project_codes)
access_manager.add_xml_rules(xml)
group = "builtin"
global_default_access = "deny"
list_div = DivWdg()
list_div.add_style("color: #222")
for item in permission_list:
if item.get('group'):
group_div = DivWdg()
list_div.add(group_div)
group_div.add_style("margin-top: 10px")
group_div.add_style("font-weight: bold")
group_div.add(item.get('group'))
group_div.add("<hr/>")
continue
item_div = DivWdg()
list_div.add(item_div)
item_div.add_style("margin-top: 5px")
key = item.get('key')
item_default = item.get('default')
if item_default:
default_access = item_default
else:
default_access = global_default_access
allowed = access_manager.check_access(group, key, "allow", default=default_access)
checkbox = CheckboxWdg("rule")
if allowed:
checkbox.set_checked()
checkbox.set_option("value", key)
item_div.add(checkbox)
item_div.add_style("color: #222")
item_div.add(item.get('title') )
project_div.add(list_div)
project_div.add("<hr>")
#close_script = "spt.popup.close(bvr.src_el.getParent('.spt_popup'))"
save_button = ActionButtonWdg(title="Save", tip="Save Security Settings")
save_button.add_behavior( {
"type": "click_up",
"cbjs_action": "el=bvr.src_el.getParent('.spt_security');spt.panel.refresh(el);" } )
save_button.add_style("margin-left: auto")
save_button.add_style("margin-right: auto")
project_div.add(save_button)
div.add(project_div)
if self.update == "true":
div.add(HtmlElement.br())
div.add(HtmlElement.b(self.description))
return div
