def on_update(self, updates, original):
        user = get_user()

        if 'unique_name' in updates and not is_admin(user) \
                and (user['active_privileges'].get('metadata_uniquename', 0) == 0):
            raise SuperdeskApiError.forbiddenError("Unauthorized to modify Unique Name")

        remove_unwanted(updates)

        if self.__is_req_for_save(updates):
            update_state(original, updates)

        lock_user = original.get('lock_user', None)
        force_unlock = updates.get('force_unlock', False)

        original_creator = updates.get('original_creator', None)
        if not original_creator:
            updates['original_creator'] = original['original_creator']

        str_user_id = str(user.get('_id'))
        if lock_user and str(lock_user) != str_user_id and not force_unlock:
            raise SuperdeskApiError.forbiddenError('The item was locked by another user')

        updates['versioncreated'] = utcnow()
        set_item_expiry(updates, original)
        updates['version_creator'] = str_user_id
        update_word_count(updates)

        if force_unlock:
            del updates['force_unlock']
    def on_update(self, updates, original):
        user = get_user()

        if 'unique_name' in updates and not is_admin(user) \
                and (user['active_privileges'].get('metadata_uniquename', 0) == 0):
            raise SuperdeskApiError.forbiddenError(
                "Unauthorized to modify Unique Name")

        remove_unwanted(updates)

        if self.__is_req_for_save(updates):
            update_state(original, updates)

        lock_user = original.get('lock_user', None)
        force_unlock = updates.get('force_unlock', False)

        original_creator = updates.get('original_creator', None)
        if not original_creator:
            updates['original_creator'] = original['original_creator']

        str_user_id = str(user.get('_id'))
        if lock_user and str(lock_user) != str_user_id and not force_unlock:
            raise SuperdeskApiError.forbiddenError(
                'The item was locked by another user')

        updates['versioncreated'] = utcnow()
        set_item_expiry(updates, original)
        updates['version_creator'] = str_user_id
        update_word_count(updates)

        if force_unlock:
            del updates['force_unlock']
Exemple #3
0
    def on_update(self, updates, original):
        is_update_allowed(original)
        user = get_user()

        if "publish_schedule" in updates and original["state"] == "scheduled":
            # this is an descheduling action
            self.deschedule_item(updates, original)
            return

        if updates.get("publish_schedule"):
            if datetime.datetime.fromtimestamp(False).date() == updates.get("publish_schedule").date():
                # publish_schedule field will be cleared
                updates["publish_schedule"] = None
            else:
                # validate the schedule
                self.validate_schedule(updates.get("publish_schedule"))

        if (
            "unique_name" in updates
            and not is_admin(user)
            and (user["active_privileges"].get("metadata_uniquename", 0) == 0)
        ):
            raise SuperdeskApiError.forbiddenError("Unauthorized to modify Unique Name")

        remove_unwanted(updates)

        if self.__is_req_for_save(updates):
            update_state(original, updates)

        lock_user = original.get("lock_user", None)
        force_unlock = updates.get("force_unlock", False)

        updates.setdefault("original_creator", original.get("original_creator"))

        str_user_id = str(user.get("_id")) if user else None
        if lock_user and str(lock_user) != str_user_id and not force_unlock:
            raise SuperdeskApiError.forbiddenError("The item was locked by another user")

        updates["versioncreated"] = utcnow()
        set_item_expiry(updates, original)
        updates["version_creator"] = str_user_id
        set_sign_off(updates, original)
        update_word_count(updates)

        if force_unlock:
            del updates["force_unlock"]

        if original["type"] == "composite":
            self.packageService.on_update(updates, original)

        update_version(updates, original)
Exemple #4
0
    def on_update(self, updates, original):
        updates[ITEM_OPERATION] = ITEM_UPDATE
        is_update_allowed(original)
        user = get_user()

        if 'publish_schedule' in updates and original['state'] == 'scheduled':
            # this is an descheduling action
            self.deschedule_item(updates, original)
            return

        if updates.get('publish_schedule'):
            if datetime.datetime.fromtimestamp(False).date() == updates.get('publish_schedule').date():
                # publish_schedule field will be cleared
                updates['publish_schedule'] = None
            else:
                # validate the schedule
                self.validate_schedule(updates.get('publish_schedule'))

        if 'unique_name' in updates and not is_admin(user) \
                and (user['active_privileges'].get('metadata_uniquename', 0) == 0):
            raise SuperdeskApiError.forbiddenError("Unauthorized to modify Unique Name")

        remove_unwanted(updates)

        if self.__is_req_for_save(updates):
            update_state(original, updates)

        lock_user = original.get('lock_user', None)
        force_unlock = updates.get('force_unlock', False)

        updates.setdefault('original_creator', original.get('original_creator'))

        str_user_id = str(user.get('_id')) if user else None
        if lock_user and str(lock_user) != str_user_id and not force_unlock:
            raise SuperdeskApiError.forbiddenError('The item was locked by another user')

        updates['versioncreated'] = utcnow()
        set_item_expiry(updates, original)
        updates['version_creator'] = str_user_id
        set_sign_off(updates, original)
        update_word_count(updates)

        if force_unlock:
            del updates['force_unlock']

        if original['type'] == 'composite':
            self.packageService.on_update(updates, original)

        update_version(updates, original)
Exemple #5
0
    def on_update(self, updates, original):
        # check permission (see https://github.com/superdesk/liveblog/pull/167)
        # only the owner can change blog's settings
        if not is_admin(get_user()) and str(flask.g.user['_id']) != str(original['original_creator']):
            raise SuperdeskApiError.forbiddenError(message='You need to be the blog owner to perform updates on it')
        # if the theme changed, we republish the blog with the new one
        if 'blog_preferences' in updates and 'theme' in updates['blog_preferences']:
            if updates['blog_preferences']['theme'] != original['blog_preferences'].get('theme'):
                new_theme = self.get_theme_snapshot(updates['blog_preferences']['theme'])
                if new_theme:
                    if 'theme' in original:
                        updates['theme'] = original.get('theme')
                        for key in original['theme'].keys():
                            if key not in new_theme:
                                # remove fields that are not in new_theme
                                updates['theme'][key] = None
                        for key, value in new_theme.items():
                            # add or update fields that are new
                            updates['theme'][key] = value
                    else:
                        updates['theme'] = new_theme

        updates['versioncreated'] = utcnow()
        updates['version_creator'] = str(get_user().get('_id'))