def __init__( self ):
        self._db = self.env.get_db_cnx()

        # wiring factories ( dependency injection pattern )
        self._userFactory = UserFactory( self._db )

        self._componentFactory = ComponentFactory( self._db )
        self._projectFactory = ProjectFactory( self.config )
        self._milestoneFactory = MilestoneFactory( self._db,
                self._componentFactory, self._projectFactory )
        self._ticketFactory = TicketFactory ( self._db, 
                self._componentFactory, self._projectFactory )
Exemple #2
0
    def _ajax_save_user( self, req ):
        userID, componentID, projectID, active = self._get_args(( 'user', 
            'component', 'project', 'active' ), req )
        active = 'true' == active
        if not userID or ( not projectID and not componentID ):
            return

        userFactory = UserFactory( self._db )
        user = userFactory.getByUsername( userID )
        if projectID:
            projectFactory = ProjectFactory( self.config )
            project = projectFactory.getByName( projectID )
            if active:
                project.grantAccessFor( user )
            else:
                project.forbidAccessFor( user )
        if componentID:
            componentFactory = ComponentFactory( self._db )
            component = componentFactory.getByName( componentID )
            if active:
                component.grantAccessFor( user )
            else:
                component.forbidAccessFor( user )
        self._terminate_ajax_request( True, req )
Exemple #3
0
 def _get_all_components( self ):
     componentFactory = ComponentFactory( self._db )
     components = componentFactory.getAll()
     return components
class CustomPolicies(Component):
    implements( IPermissionPolicy )

    def __init__( self ):
        self._db = self.env.get_db_cnx()

        # wiring factories ( dependency injection pattern )
        self._userFactory = UserFactory( self._db )

        self._componentFactory = ComponentFactory( self._db )
        self._projectFactory = ProjectFactory( self.config )
        self._milestoneFactory = MilestoneFactory( self._db,
                self._componentFactory, self._projectFactory )
        self._ticketFactory = TicketFactory ( self._db, 
                self._componentFactory, self._projectFactory )


    def check_permission( self, action, username, resource, perm ):
        self.log.info( 'check_permission: %s, %s, %s, %s, )' % ( action, username, resource, perm ))
        self._user = self._userFactory.getByUsername( username )
        #self.log.info( 'user: %s %s' % ( username, user._permissions ))
        args = [ action, username, resource, perm ]
        if action == 'TICKET_VIEW':
            return self._check_ticket_permission( *args )
        if action == 'MILESTONE_VIEW':
            return self._check_milestone_permission( *args )
        if action == 'COMPONENT_VIEW':
            return self._check_component_permission( *args )
        if action == 'PROJECT_VIEW':
            return self._check_project_permission( *args )
        return None
    
    def _check_ticket_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Ticket id: %s' % resource.id )
        ticket = self._ticketFactory.getById( resource.id )
        access = ticket.canBeAccessedBy( self._user )
        self.log.debug( 'component: %s, access: %s' % ( ticket._component, ticket._component and ticket._component.canBeAccessedBy( self._user )))
        self.log.debug( 'project: %s, access: %s' % ( ticket._project, ticket._project and ticket._project.canBeAccessedBy( self._user )))
        self.log.debug( 'Ticket can be accessed: %s' % access )
        return access

    def _check_milestone_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Milestone realm: %s' % resource.realm )
        self.log.debug( 'Milestone id: %s' % resource.id )
        milestone = self._milestoneFactory.getByName( resource.id )
        result = milestone.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result

    def _check_component_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Component realm: %s' % resource.realm )
        self.log.debug( 'Component id: %s' % resource.id )
        component = self._componentFactory.getByName( resource.realm )
        result = component.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result

    def _check_project_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Project realm: %s' % resource.realm )
        self.log.debug( 'Project id: %s' % resource.id )
        project = self._projectFactory.getByName( resource.realm )
        result = project.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result