def create_system_roles(): log.info("Creating system roles...") # emails are needed only to enforce the email requirement on all other users Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, 'All visitors', email="*****@*****.**") Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, 'Logged-in users', email="*****@*****.**") db.session.commit()
def update(self, data, authz): self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.summary = data.get('summary', self.summary) self.publisher = data.get('publisher', self.publisher) self.publisher_url = data.get('publisher_url', self.publisher_url) self.info_url = data.get('info_url', self.info_url) self.data_url = data.get('data_url', self.data_url) self.countries = ensure_list(data.get('countries', self.countries)) self.languages = ensure_list(data.get('languages', self.languages)) # Some fields are editable only by admins in order to have # a strict separation between source evidence and case # material. if authz.is_admin: self.category = data.get('category', self.category) self.casefile = as_bool(data.get('casefile'), default=self.casefile) creator = Role.by_id(data.get('creator_id')) if creator is not None: self.creator = creator self.touch() db.session.flush() if self.creator is not None: Permission.grant(self, self.creator, True, True)
def update(self, data, authz): self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.publisher = data.get('publisher', self.publisher) self.publisher_url = data.get('publisher_url', self.publisher_url) if self.publisher_url is not None: self.publisher_url = stringify(self.publisher_url) self.info_url = data.get('info_url', self.info_url) if self.info_url is not None: self.info_url = stringify(self.info_url) self.data_url = data.get('data_url', self.data_url) if self.data_url is not None: self.data_url = stringify(self.data_url) self.countries = ensure_list(data.get('countries', self.countries)) self.countries = [registry.country.clean(val) for val in self.countries] # noqa self.languages = ensure_list(data.get('languages', self.languages)) self.languages = [registry.language.clean(val) for val in self.languages] # noqa self.frequency = data.get('frequency', self.frequency) self.restricted = data.get('restricted', self.restricted) self.xref = data.get('xref', self.xref) # Some fields are editable only by admins in order to have # a strict separation between source evidence and case # material. if authz.is_admin: self.category = data.get('category', self.category) creator = ensure_dict(data.get('creator')) creator_id = data.get('creator_id', creator.get('id')) creator = Role.by_id(creator_id) if creator is not None: self.creator = creator self.touch() db.session.flush()
def update(self, data, authz): self.label = data.get("label", self.label) self.summary = data.get("summary", self.summary) self.publisher = data.get("publisher", self.publisher) self.publisher_url = data.get("publisher_url", self.publisher_url) if self.publisher_url is not None: self.publisher_url = stringify(self.publisher_url) self.info_url = data.get("info_url", self.info_url) if self.info_url is not None: self.info_url = stringify(self.info_url) self.data_url = data.get("data_url", self.data_url) if self.data_url is not None: self.data_url = stringify(self.data_url) countries = ensure_list(data.get("countries", self.countries)) self.countries = [registry.country.clean(val) for val in countries] languages = ensure_list(data.get("languages", self.languages)) self.languages = [registry.language.clean(val) for val in languages] self.frequency = data.get("frequency", self.frequency) self.restricted = data.get("restricted", self.restricted) self.xref = data.get("xref", self.xref) # Some fields are editable only by admins in order to have # a strict separation between source evidence and case # material. if authz.is_admin: self.category = data.get("category", self.category) creator = ensure_dict(data.get("creator")) creator_id = data.get("creator_id", creator.get("id")) creator = Role.by_id(creator_id) if creator is not None: self.creator = creator self.touch() db.session.flush()
def secret(self): q = db.session.query(Permission.id) q = q.filter(Permission.role_id.in_(Role.public_roles())) q = q.filter(Permission.collection_id == self.id) q = q.filter(Permission.read == True) # noqa q = q.filter(Permission.deleted_at == None) # noqa return q.count() < 1
def update(self, data): creator_id = data.get('creator_id') if creator_id is not None and creator_id != self.creator_id: role = Role.by_id(creator_id) if role is not None and role.type == Role.USER: self.creator_id = role.id Permission.grant_collection(self.id, role, True, True) self.schema_update(data)
def update_creator(self, role): """Set the creator (and admin) of a collection.""" if not isinstance(role, Role): role = Role.by_id(role) if role is None or role.type != Role.USER: return self.creator = role db.session.add(self) db.session.flush() Permission.grant(self, role, True, True)
def update(self, data, creator=None): self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.category = data.get('category', self.category) self.managed = data.get('managed', False) self.countries = data.get('countries', []) if creator is None: creator = Role.by_id(data.get('creator_id')) self.creator = creator self.updated_at = datetime.utcnow() db.session.add(self) db.session.flush() if creator is not None: Permission.grant(self, creator, True, True)
def update(self, data): validate(data, self._schema) creator_id = data.get('creator_id') if creator_id is not None and creator_id != self.creator_id: role = Role.by_id(creator_id) if role is not None and role.type == Role.USER: self.creator_id = role.id Permission.grant_collection(self.id, role, True, True) self.label = data.get('label') self.summary = data.get('summary', self.summary) self.category = data.get('category', self.category) self.managed = data.get('managed') self.private = data.get('private') self.countries = data.pop('countries', [])
def update(self, data, creator=None): self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.summary = data.get('summary', self.summary) self.publisher = data.get('publisher', self.publisher) self.publisher_url = data.get('publisher_url', self.publisher_url) self.info_url = data.get('info_url', self.info_url) self.data_url = data.get('data_url', self.data_url) self.category = data.get('category') or self.DEFAULT self.casefile = as_bool(data.get('casefile'), default=False) self.countries = data.get('countries', []) self.languages = data.get('languages', []) if creator is None: creator = Role.by_id(data.get('creator_id')) self.creator = creator self.updated_at = datetime.utcnow() db.session.add(self) db.session.flush() if creator is not None: Permission.grant(self, creator, True, True)
def update(self, data, creator=None): self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.summary = data.get('summary', self.summary) self.publisher = data.get('publisher', self.publisher) self.publisher_url = data.get('publisher_url', self.publisher_url) self.info_url = data.get('info_url', self.info_url) self.data_url = data.get('data_url', self.data_url) self.category = data.get('category', self.category) self.casefile = as_bool(data.get('casefile'), default=self.casefile) self.countries = ensure_list(data.get('countries', self.countries)) self.languages = ensure_list(data.get('languages', self.languages)) if creator is None: creator = Role.by_id(data.get('creator_id')) if creator is not None: self.creator = creator self.touch() db.session.flush() if self.creator is not None: Permission.grant(self, self.creator, True, True)
def update(self, data, creator=None): self.updated_at = datetime.utcnow() self.label = data.get('label', self.label) self.summary = data.get('summary', self.summary) self.summary = data.get('summary', self.summary) self.publisher = data.get('publisher', self.publisher) self.publisher_url = data.get('publisher_url', self.publisher_url) self.info_url = data.get('info_url', self.info_url) self.data_url = data.get('data_url', self.data_url) self.category = data.get('category', self.category) self.casefile = as_bool(data.get('casefile'), default=self.casefile) self.countries = ensure_list(data.get('countries', self.countries)) self.languages = ensure_list(data.get('languages', self.languages)) if creator is None: creator = Role.by_id(data.get('creator_id')) if creator is not None: self.creator = creator db.session.add(self) db.session.flush() if self.creator is not None: Permission.grant(self, self.creator, True, True)
def create_system_roles(): log.info("Creating system roles...") Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, 'All visitors') Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, 'Logged-in users') db.session.commit()
def grant_foreign(cls, collection, foreign_id, read, write): role = Role.by_foreign_id(foreign_id) if role is None: return cls.grant_collection(collection.id, role, read, write)
def team(self): q = Role.all() q = q.filter(Role.type != Role.SYSTEM) q = q.filter(Role.id == Permission.role_id) q = q.filter(Permission.collection_id == self.id) return q