Exemple #1
0
def package_create(context, data_dict=None):
    user = context['user']

    if authz.auth_is_anon_user(context):
        check1 = all(authz.check_config_permission(p) for p in (
            'anon_create_dataset',
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
            ))
    else:
        check1 = all(authz.check_config_permission(p) for p in (
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
            )) or authz.has_user_permission_for_some_org(
            user, 'create_dataset')

    if not check1:
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}

    check2 = _check_group_auth(context,data_dict)
    if not check2:
        return {'success': False, 'msg': _('User %s not authorized to edit these groups') % user}

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {'success': False, 'msg': _('User %s not authorized to add dataset to this organization') % user}
    return {'success': True}
Exemple #2
0
def package_create(context, data_dict=None):
    user = context['user']

    user_object = context.get('auth_user_obj')

    #Sysadmin user has all the previliges 
    if user_object and user_object.sysadmin :
        {'success': True}

    #Do not authorize anonymous users
    if authz.auth_is_anon_user(context):
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}
    
    #Check if the user has the editor or admin role in some org/suborg
    check1 = all(authz.check_config_permission(p) for p in (
        'create_dataset_if_not_in_organization',
        'create_unowned_dataset',
        )) or authz.has_user_permission_for_some_org(
        user, 'create_dataset')

    if not check1:
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}

    check2 = _check_group_auth(context,data_dict)
    if not check2:
        return {'success': False, 'msg': _('User %s not authorized to edit these groups') % user}

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {'success': False, 'msg': _('User %s not authorized to add dataset to this organization') % user}

    return {'success': True}
Exemple #3
0
def package_create(context, data_dict=None):
    user = context['user']

    if authz.auth_is_anon_user(context):
        check1 = all(authz.check_config_permission(p) for p in (
            'anon_create_dataset',
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
            ))
    else:
        check1 = all(authz.check_config_permission(p) for p in (
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
            )) or authz.has_user_permission_for_some_org(
            user, 'create_dataset')

    if not check1:
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}

    check2 = _check_group_auth(context,data_dict)
    if not check2:
        return {'success': False, 'msg': _('User %s not authorized to edit these groups') % user}

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {'success': False, 'msg': _('User %s not authorized to add dataset to this organization') % user}
    return {'success': True}
Exemple #4
0
def file_upload(context: Context,
                data_dict: Optional[DataDict] = None) -> AuthResult:
    user = context['user']
    if authz.auth_is_anon_user(context):
        return {'success': False, 'msg': _(
            'User %s not authorized to create packages') % user}
    return {'success': True}
Exemple #5
0
    def dashboard(self, id=None, offset=0):
        context = {
            'model': model,
            'session': model.Session,
            'user': c.user,
            'auth_user_obj': c.userobj,
            'for_view': True
        }

        if authz.auth_is_anon_user(context):
            h.flash_error(_('Not authorized to see this page'))
            return h.redirect_to(controller='user', action='login')

        data_dict = {'id': id, 'user_obj': c.userobj, 'offset': offset}
        self._setup_template_variables(context, data_dict)

        q = request.params.get('q', u'')
        filter_type = request.params.get('type', u'')
        filter_id = request.params.get('name', u'')

        c.followee_list = get_action('followee_list')(context, {
            'id': c.userobj.id,
            'q': q
        })
        c.dashboard_activity_stream_context = self._get_dashboard_context(
            filter_type, filter_id, q)
        c.dashboard_activity_stream = h.dashboard_activity_stream(
            c.userobj.id, filter_type, filter_id, offset)

        # Mark the user's new activities as old whenever they view their
        # dashboard page.
        get_action('dashboard_mark_activities_old')(context, {})
        return render('user/dashboard.html')
Exemple #6
0
def file_upload(context, data_dict=None):
    user = context['user']
    if authz.auth_is_anon_user(context):
        return {
            'success': False,
            'msg': _('User %s not authorized to create packages') % user
        }
    return {'success': True}
def managing_users_package_update(context, data_dict):
    user = context.get('user')
    package = logic_auth.get_package_object(context, data_dict)
    extras = dict([(key, value) for key, value in package.extras.items()])

    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset')
        #Managing users have to be specified for datasets within an organization
        managing_users = extras.get('managing_users', '')
        managing_users = managing_users.split(',')
        check1 = check1 and context['auth_user_obj'].name in managing_users
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'anon_create_dataset',
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                ))
        else:
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                    user, 'create_dataset')
            #Managing users have to be specified for datasets without owner
            #Else only creator can edit the dataset
            managing_users = extras.get('managing_users', '')
            managing_users = managing_users.split(',')
            check1 = check1 and context['auth_user_obj'].name in managing_users

    if context['auth_user_obj'].id == package.creator_user_id:
        #If user is the creator of the package, he can edit it regardless
        check1 = True
    if not check1:
        return {
            'success':
            False,
            'msg':
            _('User %s not authorized to edit package %s') %
            (str(user), package.id)
        }
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {
                'success':
                False,
                'msg':
                _('User %s not authorized to edit these groups') % (str(user))
            }

    return {'success': True}
Exemple #8
0
def package_update(context, data_dict):
    model = context['model']
    user = context.get('user')

    package = logic_auth.get_package_object(context, data_dict)
    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset')
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'anon_create_dataset',
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                ))
        else:
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                    user, 'create_dataset')

    if not check1:
        success = False
        if authz.check_config_permission('allow_dataset_collaborators'):
            # if org-level auth failed, check dataset-level auth
            # (ie if user is a collaborator)
            user_obj = model.User.get(user)
            if user_obj:
                success = authz.user_is_collaborator_on_dataset(
                    user_obj.id, package.id, ['admin', 'editor'])
        if not success:
            return {
                'success':
                False,
                'msg':
                _('User %s not authorized to edit package %s') %
                (str(user), package.id)
            }
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {
                'success':
                False,
                'msg':
                _('User %s not authorized to edit these groups') % (str(user))
            }

    return {'success': True}
def package_create(context, data_dict=None):
    '''
    Modified from CKAN's original check. Any logged in user can add
    a dataset to any organisation.
    Packages owner check is done when adding a resource.

    :param context: context
    :param data_dict: data_dict
    :return: dictionary with 'success': True|False
    '''

    user = context['user']

    # Needed in metadata supplements
    if context.get('package', False):
        return is_owner(context, context.get('package').get('id'))

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org', False)
    if org_id and not kata_has_user_permission_for_org(
            org_id, user, 'create_dataset'):
        return {'success': False, 'msg': _('User %s not authorized to add a dataset') % user}
    elif org_id and kata_has_user_permission_for_org(org_id, user, 'create_dataset'):
        return {'success': True}

    # Below is copy-pasted from CKAN auth.create.package_create
    # to allow dataset creation without explicit organization permissions.

    if authz.auth_is_anon_user(context):
        check1 = all(authz.check_config_permission(p) for p in (
            'anon_create_dataset',
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
        ))
    else:
        check1 = True  # Registered users may create datasets

    if not check1:
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}

    check2 = _check_group_auth(context, data_dict)
    if not check2:
        return {'success': False, 'msg': _('User %s not authorized to edit these groups') % user}

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {'success': False, 'msg': _('User %s not authorized to add dataset to this organization') % user}
    return {'success': True}
Exemple #10
0
def api_token_revoke(context: Context, data_dict: DataDict) -> AuthResult:
    """Delete token.
    """
    if authz.auth_is_anon_user(context):
        return {u'success': False}

    model = context[u'model']
    token = model.ApiToken.get(data_dict[u'jti'])
    # Do not make distinction between absent keys and keys not owned
    # by user in order to prevent accidential key discovery.
    if token is None or token.owner and token.owner.name != context[u'user']:
        return {u'success': False}
    return {u'success': True}
def managing_users_package_update(context, data_dict):
    user = context.get('user')
    package = logic_auth.get_package_object(context, data_dict)
    extras = dict([(key, value) for key, value in package.extras.items()])

    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset'
        )
        #Managing users have to be specified for datasets within an organization
        managing_users = extras.get('managing_users', '')
        managing_users = managing_users.split(',')
        check1 = check1 and context['auth_user_obj'].name in managing_users
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(authz.check_config_permission(p) for p in (
                'anon_create_dataset',
                'create_dataset_if_not_in_organization',
                'create_unowned_dataset',
                ))
        else:
            check1 = all(authz.check_config_permission(p) for p in (
                'create_dataset_if_not_in_organization',
                'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                user, 'create_dataset')
            #Managing users have to be specified for datasets without owner
            #Else only creator can edit the dataset
            managing_users = extras.get('managing_users', '')
            managing_users = managing_users.split(',')
            check1 = check1 and context['auth_user_obj'].name in managing_users

    
    if context['auth_user_obj'].id == package.creator_user_id:
        #If user is the creator of the package, he can edit it regardless
        check1 = True
    if not check1:
        return {'success': False,
                'msg': _('User %s not authorized to edit package %s') %
                        (str(user), package.id)}
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {'success': False,
                    'msg': _('User %s not authorized to edit these groups') %
                            (str(user))}

    return {'success': True}
Exemple #12
0
def package_create(context, data_dict=None):
    user = context['user']

    user_object = context.get('auth_user_obj')

    #Sysadmin user has all the previliges
    if user_object and user_object.sysadmin:
        {'success': True}

    #Do not authorize anonymous users
    if authz.auth_is_anon_user(context):
        return {
            'success': False,
            'msg': _('User %s not authorized to create packages') % user
        }

    #Check if the user has the editor or admin role in some org/suborg
    check1 = all(
        authz.check_config_permission(p) for p in (
            'create_dataset_if_not_in_organization',
            'create_unowned_dataset',
        )) or authz.has_user_permission_for_some_org(user, 'create_dataset')

    if not check1:
        return {
            'success': False,
            'msg': _('User %s not authorized to create packages') % user
        }

    check2 = _check_group_auth(context, data_dict)
    if not check2:
        return {
            'success': False,
            'msg': _('User %s not authorized to edit these groups') % user
        }

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {
            'success':
            False,
            'msg':
            _('User %s not authorized to add dataset to this organization') %
            user
        }

    return {'success': True}
Exemple #13
0
def localimp_show_files(context, data_dict):
    """
    Creates a nested dictionary that represents the folder structure of rootdir
    """
    if authz.auth_is_anon_user(context):
        tk.abort(401, _('Unauthorized to list files'))
    else:
        user_name = context.get('user')
        rootdir = os.path.join(os.path.expanduser('~' + user_name))
        lst_paths = []
        for path, subdirs, files in os.walk(rootdir):
            for name in files:
                lst_paths.append(os.path.join(path, name).split(rootdir)[1])

        return lst_paths 
Exemple #14
0
def package_update(context, data_dict):
    user = context.get('user')
    package = logic_auth.get_package_object(context, data_dict)

    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset')
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'anon_create_dataset',
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                ))
        else:
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                    user, 'create_dataset')
    if not check1:
        return {
            'success':
            False,
            'msg':
            _('User %s not authorized to edit package %s') %
            (str(user), package.id)
        }
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {
                'success':
                False,
                'msg':
                _('User %s not authorized to edit these groups') % (str(user))
            }

    if authz.config.get('ckan.gov_theme.is_back'):
        return {'success': True}
    else:
        return {'success': False}
Exemple #15
0
def localimp_ls(context, data_dict):
    """
    Creates a nested dictionary that represents the folder structure of rootdir
    """
    if authz.auth_is_anon_user(context):
        tk.abort(401, _('Unauthorized to list files'))
    else:
        user_name = context.get('user')
        rootdir = os.path.join(os.path.expanduser('~' + user_name))
        dir = {}
        rootdir = rootdir.rstrip(os.sep)
        start = rootdir.rfind(os.sep) + 1
        for path, dirs, files in os.walk(rootdir):
            folders = path[start:].split(os.sep)
            subdir = dict.fromkeys(files)
            parent = reduce(dict.get, folders[:-1], dir)
            parent[folders[-1]] = subdir
        return dir
Exemple #16
0
    def tds_proxy(self, service, res_id_1, res_id_2, res_id_3, **kwargs):
        """
        Provides a wms Service for netcdf files by redirecting the user to the
        thredds server

        """

        context = {'model': model, 'session': model.Session,
                   'user': c.user, 'auth_user_obj': c.userobj}

        res_id = res_id_1 + res_id_2 + res_id_3

        try:
           rsc = tk.get_action('resource_show')(context, {'id': res_id})
        except (tk.ObjectNotFound, tk.NotAuthorized):
           tk.abort(404, _('Resource not found'))

        if "wms" in service:
            p_query = request.query_string
            if 'extra' in kwargs:
                p_path = os.path.join('http://localhost:8080/thredds',service,'ckanserver','resources',res_id[0:3], res_id[3:6], res_id[6:], kwargs.get('extra'))
            else:
                p_path = os.path.join('http://localhost:8080/thredds',service,'ckanserver','resources',res_id[0:3], res_id[3:6], res_id[6:])

            r = requests.get(p_path, params=p_query)
            return r
        elif authz.auth_is_anon_user(context):
            tk.abort(401, _('Unauthorized to read resource %s') % res_id)
        else:
            p_query = request.query_string
            if 'extra' in kwargs:
                p_path = os.path.join('http://localhost:8080/thredds',service,'ckanserver','resources',res_id[0:3], res_id[3:6], res_id[6:], kwargs.get('extra'))
            else:
                p_path = os.path.join('http://localhost:8080/thredds',service,'ckanserver','resources',res_id[0:3], res_id[3:6], res_id[6:])

            r = requests.get(p_path, params=p_query)
            return r
Exemple #17
0
    def tds_proxy(self, service, catalog, res_id_1, res_id_2, res_id_3, **kwargs):
        """
        Provides a wms Service for netcdf files by redirecting the user to the
        thredds server

        """

        context = {'model': model, 'session': model.Session,
                   'user': c.user, 'auth_user_obj': c.userobj}

        res_id = res_id_1 + res_id_2 + res_id_3.split('.')[0]
        try:
           rsc = tk.get_action('resource_show')(context, {'id': res_id})
        except (tk.ObjectNotFound, tk.NotAuthorized):
           tk.abort(404, _('Resource not found'))

        if "wms" or "dodsC" in service:
            p_query = request.query_string
            if 'extra' in kwargs:
                p_path = os.path.join('/tds_internal', service, catalog, res_id_1, res_id_2, res_id_3, kwargs.get('extra'))
            else:
                p_path = os.path.join('/tds_internal', service, catalog, res_id_1, res_id_2, res_id_3)

            response.headers['X-Accel-Redirect'] = "{0}?{1}".format(p_path,p_query)
            return response
        elif authz.auth_is_anon_user(context):
            tk.abort(401, _('Unauthorized to read resource %s') % res_id)
        else:
            p_query = request.query_string
            if 'extra' in kwargs:
                p_path = os.path.join('/tds_internal', service, catalog, res_id_1, res_id_2, res_id_3, kwargs.get('extra'))
            else:
                p_path = os.path.join('/tds_internal', service, catalog,res_id_1, res_id_2, res_id_3)

            response.headers['X-Accel-Redirect'] = "{0}?{1}".format(p_path,p_query)
            return response
Exemple #18
0
def package_update(context, data_dict):
    user = context.get('user')
    package = logic_auth.get_package_object(context, data_dict)

    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset'
        )
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(authz.check_config_permission(p) for p in (
                'anon_create_dataset',
                'create_dataset_if_not_in_organization',
                'create_unowned_dataset',
                ))
        else:
            check1 = all(authz.check_config_permission(p) for p in (
                'create_dataset_if_not_in_organization',
                'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                user, 'create_dataset')
    if not check1:
        return {'success': False,
                'msg': _('User %s not authorized to edit package %s') %
                        (str(user), package.id)}
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {'success': False,
                    'msg': _('User %s not authorized to edit these groups') %
                            (str(user))}

    return {'success': True}
def restrict_anon(context):
    if authz.auth_is_anon_user(context):
        return {'success': False}
    else:
        return {'success': True}
Exemple #20
0
def package_update(context, data_dict):
    user = context.get('user')
    package = logic_auth.get_package_object(context, data_dict)

    if package.owner_org:
        # if there is an owner org then we must have update_dataset
        # permission for that organization
        check1 = authz.has_user_permission_for_group_or_org(
            package.owner_org, user, 'update_dataset')
    else:
        # If dataset is not owned then we can edit if config permissions allow
        if authz.auth_is_anon_user(context):
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'anon_create_dataset',
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                ))
        else:
            check1 = all(
                authz.check_config_permission(p) for p in (
                    'create_dataset_if_not_in_organization',
                    'create_unowned_dataset',
                )) or authz.has_user_permission_for_some_org(
                    user, 'create_dataset')
    if not check1:
        return {
            'success':
            False,
            'msg':
            _('User %s not authorized to edit package %s') %
            (str(user), package.id)
        }
    else:
        check2 = _check_group_auth(context, data_dict)
        if not check2:
            return {
                'success':
                False,
                'msg':
                _('User %s not authorized to edit these groups') % (str(user))
            }

    if package.private is not None and package.private is False and data_dict is not None and data_dict.get(
            'private', '') == 'True':
        return {
            'success': False,
            'msg': 'Public datasets cannot be set private again'
        }
    elif package.private is not None and package.private is True and data_dict is not None and data_dict.get(
            'private', '') == 'False':
        subset_uniqueness = helpers.check_subset_uniqueness(package.id)

        if len(subset_uniqueness) > 0:
            return {
                'success':
                False,
                'msg':
                'Dataset cannot be set public as it contains a subset, which was already published'
            }

    return {'success': True}
Exemple #21
0
def restrict_anon(context):
    if authz.auth_is_anon_user(context):
        return {'success': False}
    else:
        return {'success': True}
Exemple #22
0
def create_access_request(context, data_dict):
    # any logged in user could make an access request
    return {'success': not auth_is_anon_user(context)}
Exemple #23
0
def file_upload(context, data_dict=None):
    user = context['user']
    if authz.auth_is_anon_user(context):
        return {'success': False, 'msg': _('User %s not authorized to create packages') % user}
    return {'success': True}
Exemple #24
0
def package_create(context, data_dict=None):
    '''
    Modified from CKAN's original check. Any logged in user can add
    a dataset to any organisation.
    Packages owner check is done when adding a resource.

    :param context: context
    :param data_dict: data_dict
    :return: dictionary with 'success': True|False
    '''

    user = context['user']

    # Needed in metadata supplements
    if context.get('package', False):
        return is_owner(context, context.get('package').get('id'))

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org', False)
    if org_id and not kata_has_user_permission_for_org(org_id, user,
                                                       'create_dataset'):
        return {
            'success': False,
            'msg': _('User %s not authorized to add a dataset') % user
        }
    elif org_id and kata_has_user_permission_for_org(org_id, user,
                                                     'create_dataset'):
        return {'success': True}

    # Below is copy-pasted from CKAN auth.create.package_create
    # to allow dataset creation without explicit organization permissions.

    if authz.auth_is_anon_user(context):
        check1 = all(
            authz.check_config_permission(p) for p in (
                'anon_create_dataset',
                'create_dataset_if_not_in_organization',
                'create_unowned_dataset',
            ))
    else:
        check1 = True  # Registered users may create datasets

    if not check1:
        return {
            'success': False,
            'msg': _('User %s not authorized to create packages') % user
        }

    check2 = _check_group_auth(context, data_dict)
    if not check2:
        return {
            'success': False,
            'msg': _('User %s not authorized to edit these groups') % user
        }

    # If an organization is given are we able to add a dataset to it?
    data_dict = data_dict or {}
    org_id = data_dict.get('owner_org')
    if org_id and not authz.has_user_permission_for_group_or_org(
            org_id, user, 'create_dataset'):
        return {
            'success':
            False,
            'msg':
            _('User %s not authorized to add dataset to this organization') %
            user
        }
    return {'success': True}