Exemple #1
0
def create_system_roles():
    log.info("Creating system roles...")
    # emails are needed only to enforce the email requirement on all other users
    Role.load_or_create(Role.SYSTEM_GUEST,
                        Role.SYSTEM,
                        'All visitors',
                        email="*****@*****.**")
    Role.load_or_create(Role.SYSTEM_USER,
                        Role.SYSTEM,
                        'Logged-in users',
                        email="*****@*****.**")
    db.session.commit()
Exemple #2
0
    def update(self, data, authz):
        self.label = data.get('label', self.label)
        self.summary = data.get('summary', self.summary)
        self.summary = data.get('summary', self.summary)
        self.publisher = data.get('publisher', self.publisher)
        self.publisher_url = data.get('publisher_url', self.publisher_url)
        self.info_url = data.get('info_url', self.info_url)
        self.data_url = data.get('data_url', self.data_url)
        self.countries = ensure_list(data.get('countries', self.countries))
        self.languages = ensure_list(data.get('languages', self.languages))

        # Some fields are editable only by admins in order to have
        # a strict separation between source evidence and case
        # material.
        if authz.is_admin:
            self.category = data.get('category', self.category)
            self.casefile = as_bool(data.get('casefile'),
                                    default=self.casefile)
            creator = Role.by_id(data.get('creator_id'))
            if creator is not None:
                self.creator = creator

        self.touch()
        db.session.flush()
        if self.creator is not None:
            Permission.grant(self, self.creator, True, True)
Exemple #3
0
    def update(self, data, authz):
        self.label = data.get('label', self.label)
        self.summary = data.get('summary', self.summary)
        self.publisher = data.get('publisher', self.publisher)
        self.publisher_url = data.get('publisher_url', self.publisher_url)
        if self.publisher_url is not None:
            self.publisher_url = stringify(self.publisher_url)
        self.info_url = data.get('info_url', self.info_url)
        if self.info_url is not None:
            self.info_url = stringify(self.info_url)
        self.data_url = data.get('data_url', self.data_url)
        if self.data_url is not None:
            self.data_url = stringify(self.data_url)
        self.countries = ensure_list(data.get('countries', self.countries))
        self.countries = [registry.country.clean(val) for val in self.countries]  # noqa
        self.languages = ensure_list(data.get('languages', self.languages))
        self.languages = [registry.language.clean(val) for val in self.languages]  # noqa
        self.frequency = data.get('frequency', self.frequency)
        self.restricted = data.get('restricted', self.restricted)
        self.xref = data.get('xref', self.xref)

        # Some fields are editable only by admins in order to have
        # a strict separation between source evidence and case
        # material.
        if authz.is_admin:
            self.category = data.get('category', self.category)
            creator = ensure_dict(data.get('creator'))
            creator_id = data.get('creator_id', creator.get('id'))
            creator = Role.by_id(creator_id)
            if creator is not None:
                self.creator = creator

        self.touch()
        db.session.flush()
Exemple #4
0
    def update(self, data, authz):
        self.label = data.get("label", self.label)
        self.summary = data.get("summary", self.summary)
        self.publisher = data.get("publisher", self.publisher)
        self.publisher_url = data.get("publisher_url", self.publisher_url)
        if self.publisher_url is not None:
            self.publisher_url = stringify(self.publisher_url)
        self.info_url = data.get("info_url", self.info_url)
        if self.info_url is not None:
            self.info_url = stringify(self.info_url)
        self.data_url = data.get("data_url", self.data_url)
        if self.data_url is not None:
            self.data_url = stringify(self.data_url)
        countries = ensure_list(data.get("countries", self.countries))
        self.countries = [registry.country.clean(val) for val in countries]
        languages = ensure_list(data.get("languages", self.languages))
        self.languages = [registry.language.clean(val) for val in languages]
        self.frequency = data.get("frequency", self.frequency)
        self.restricted = data.get("restricted", self.restricted)
        self.xref = data.get("xref", self.xref)

        # Some fields are editable only by admins in order to have
        # a strict separation between source evidence and case
        # material.
        if authz.is_admin:
            self.category = data.get("category", self.category)
            creator = ensure_dict(data.get("creator"))
            creator_id = data.get("creator_id", creator.get("id"))
            creator = Role.by_id(creator_id)
            if creator is not None:
                self.creator = creator

        self.touch()
        db.session.flush()
Exemple #5
0
 def secret(self):
     q = db.session.query(Permission.id)
     q = q.filter(Permission.role_id.in_(Role.public_roles()))
     q = q.filter(Permission.collection_id == self.id)
     q = q.filter(Permission.read == True)  # noqa
     q = q.filter(Permission.deleted_at == None)  # noqa
     return q.count() < 1
Exemple #6
0
 def secret(self):
     q = db.session.query(Permission.id)
     q = q.filter(Permission.role_id.in_(Role.public_roles()))
     q = q.filter(Permission.collection_id == self.id)
     q = q.filter(Permission.read == True)  # noqa
     q = q.filter(Permission.deleted_at == None)  # noqa
     return q.count() < 1
Exemple #7
0
 def update(self, data):
     creator_id = data.get('creator_id')
     if creator_id is not None and creator_id != self.creator_id:
         role = Role.by_id(creator_id)
         if role is not None and role.type == Role.USER:
             self.creator_id = role.id
             Permission.grant_collection(self.id, role, True, True)
     self.schema_update(data)
Exemple #8
0
 def update(self, data):
     creator_id = data.get('creator_id')
     if creator_id is not None and creator_id != self.creator_id:
         role = Role.by_id(creator_id)
         if role is not None and role.type == Role.USER:
             self.creator_id = role.id
             Permission.grant_collection(self.id, role, True, True)
     self.schema_update(data)
Exemple #9
0
 def update_creator(self, role):
     """Set the creator (and admin) of a collection."""
     if not isinstance(role, Role):
         role = Role.by_id(role)
     if role is None or role.type != Role.USER:
         return
     self.creator = role
     db.session.add(self)
     db.session.flush()
     Permission.grant(self, role, True, True)
Exemple #10
0
 def update(self, data, creator=None):
     self.label = data.get('label', self.label)
     self.summary = data.get('summary', self.summary)
     self.category = data.get('category', self.category)
     self.managed = data.get('managed', False)
     self.countries = data.get('countries', [])
     if creator is None:
         creator = Role.by_id(data.get('creator_id'))
     self.creator = creator
     self.updated_at = datetime.utcnow()
     db.session.add(self)
     db.session.flush()
     if creator is not None:
         Permission.grant(self, creator, True, True)
Exemple #11
0
 def update(self, data):
     validate(data, self._schema)
     creator_id = data.get('creator_id')
     if creator_id is not None and creator_id != self.creator_id:
         role = Role.by_id(creator_id)
         if role is not None and role.type == Role.USER:
             self.creator_id = role.id
             Permission.grant_collection(self.id, role, True, True)
     self.label = data.get('label')
     self.summary = data.get('summary', self.summary)
     self.category = data.get('category', self.category)
     self.managed = data.get('managed')
     self.private = data.get('private')
     self.countries = data.pop('countries', [])
Exemple #12
0
 def update(self, data, creator=None):
     self.label = data.get('label', self.label)
     self.summary = data.get('summary', self.summary)
     self.summary = data.get('summary', self.summary)
     self.publisher = data.get('publisher', self.publisher)
     self.publisher_url = data.get('publisher_url', self.publisher_url)
     self.info_url = data.get('info_url', self.info_url)
     self.data_url = data.get('data_url', self.data_url)
     self.category = data.get('category') or self.DEFAULT
     self.casefile = as_bool(data.get('casefile'), default=False)
     self.countries = data.get('countries', [])
     self.languages = data.get('languages', [])
     if creator is None:
         creator = Role.by_id(data.get('creator_id'))
     self.creator = creator
     self.updated_at = datetime.utcnow()
     db.session.add(self)
     db.session.flush()
     if creator is not None:
         Permission.grant(self, creator, True, True)
Exemple #13
0
 def update(self, data, creator=None):
     self.label = data.get('label', self.label)
     self.summary = data.get('summary', self.summary)
     self.summary = data.get('summary', self.summary)
     self.publisher = data.get('publisher', self.publisher)
     self.publisher_url = data.get('publisher_url', self.publisher_url)
     self.info_url = data.get('info_url', self.info_url)
     self.data_url = data.get('data_url', self.data_url)
     self.category = data.get('category', self.category)
     self.casefile = as_bool(data.get('casefile'), default=self.casefile)
     self.countries = ensure_list(data.get('countries', self.countries))
     self.languages = ensure_list(data.get('languages', self.languages))
     if creator is None:
         creator = Role.by_id(data.get('creator_id'))
     if creator is not None:
         self.creator = creator
     self.touch()
     db.session.flush()
     if self.creator is not None:
         Permission.grant(self, self.creator, True, True)
Exemple #14
0
 def update(self, data, creator=None):
     self.updated_at = datetime.utcnow()
     self.label = data.get('label', self.label)
     self.summary = data.get('summary', self.summary)
     self.summary = data.get('summary', self.summary)
     self.publisher = data.get('publisher', self.publisher)
     self.publisher_url = data.get('publisher_url', self.publisher_url)
     self.info_url = data.get('info_url', self.info_url)
     self.data_url = data.get('data_url', self.data_url)
     self.category = data.get('category', self.category)
     self.casefile = as_bool(data.get('casefile'), default=self.casefile)
     self.countries = ensure_list(data.get('countries', self.countries))
     self.languages = ensure_list(data.get('languages', self.languages))
     if creator is None:
         creator = Role.by_id(data.get('creator_id'))
     if creator is not None:
         self.creator = creator
     db.session.add(self)
     db.session.flush()
     if self.creator is not None:
         Permission.grant(self, self.creator, True, True)
Exemple #15
0
def create_system_roles():
    log.info("Creating system roles...")
    Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, 'All visitors')
    Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, 'Logged-in users')
    db.session.commit()
Exemple #16
0
def create_system_roles():
    log.info("Creating system roles...")
    Role.load_or_create(Role.SYSTEM_GUEST, Role.SYSTEM, 'All visitors')
    Role.load_or_create(Role.SYSTEM_USER, Role.SYSTEM, 'Logged-in users')
    db.session.commit()
Exemple #17
0
 def grant_foreign(cls, collection, foreign_id, read, write):
     role = Role.by_foreign_id(foreign_id)
     if role is None:
         return
     cls.grant_collection(collection.id, role, read, write)
Exemple #18
0
 def grant_foreign(cls, collection, foreign_id, read, write):
     role = Role.by_foreign_id(foreign_id)
     if role is None:
         return
     cls.grant_collection(collection.id, role, read, write)
Exemple #19
0
 def team(self):
     q = Role.all()
     q = q.filter(Role.type != Role.SYSTEM)
     q = q.filter(Role.id == Permission.role_id)
     q = q.filter(Permission.collection_id == self.id)
     return q