Example #1
0
 def class_based_access(cls, account):
     """ Based on the AUTH class we are creating, we might offer some default access
     to certain groups from the account. By default, permissions should only be given to
     admin type users. This can be overwritten in specific classes as needed. E.G. messages -> agents ?
     """
     if account is None:
         return []
     return default_admin_group(account)
Example #2
0
 def create_by_user(self, user, **kw):
     if user.current_account:
         # Force class based access
         account = user.current_account
         kw['acl'] = [
             default_admin_group(account),
             default_analyst_group(account),
             default_reviewer_group(account)
         ]
     return AuthManager.create_by_user(self, user, **kw)
Example #3
0
def default_access_groups(user, ignore_admins=False):
    """ Return the default groups we use in case a object is not restricted
     to some specific groups. These groups are inferred based on the user role
     of the creation: AGENT, ANALYST or REVIEWER.
    """
    groups = []
    if user.is_admin and not ignore_admins:
        groups.append(default_admin_group(user.current_account))
    if user.is_reviewer:
        groups.append(default_reviewer_group(user.current_account))
    if user.is_agent:
        groups.append(default_agent_group(user.current_account))
    if user.is_analyst:
        groups.append(default_analyst_group(user.current_account))
    return groups
Example #4
0
    def populate_acl(self, user, kw):
        if user.is_superuser:
            # In case a superuser will create some objects, we can't default to their groups
            # Just use default groups based on the created class. E.G. Messages -> Agents + Admins
            if 'acl' not in kw or not kw['acl']:
                kw['acl'] = self.doc_class.class_based_access(
                    user.current_account)
                return

        groups = kw.get('acl', [])
        account = kw.get('account', None) or user.current_account

        admin_perms = default_admin_group(account)
        if not groups:
            groups = default_access_groups(user)
        # No matter what was the case, admins of the account should have access
        if admin_perms not in groups:
            groups.append(admin_perms)
        if str(user.id) not in groups:
            groups.append(str(user.id))
        kw['acl'] = groups
Example #5
0
                'error':
                'Saved changes. But could not synchronize for matching. Error: %s. Try manual activation, or contact support.'
                % str(e)
            }

    else:
        from solariat_bottle.db.group import default_admin_group, default_agent_group
        # As a default, try to share with groups that I'm part of. If I'm not part of any specific
        # groups, just share with the default admin and agent groups
        if user.is_agent and user.groups:
            # If an agent creates a new message, share with all his groups
            acl = [str(g) for g in user.groups]
        else:
            # If admin/staff creates message, share with all agents and all admins
            acl = [
                default_admin_group(user.current_account),
                default_agent_group(user.current_account)
            ]
        print acl
        matchable = Matchable.objects.create_by_user(
            user,
            channels=channels,
            creative=creative,
            intention_types=intention_types,
            intention_topics=topics,
            acl=acl,
            _lang_code=language)

    #print "Refreshing"
    try:
        MatchableCollection().index.refresh()