def __addNewUsersCheckInput(self, _count, credit, owner_name, creator_name, group_name, remote_address, credit_change_comment, user_ids): if not isInt(_count) or _count <= 0: raise GeneralException( errorText("USER_ACTIONS", "INVALID_USER_COUNT") % _count) if not isFloat(credit): raise GeneralException( errorText("USER_ACTIONS", "CREDIT_NOT_FLOAT")) if credit < 0: raise GeneralException( errorText("USER_ACTIONS", "CREDIT_MUST_BE_POSITIVE")) admin_main.getLoader().checkAdminName(owner_name) admin_main.getLoader().checkAdminName(creator_name) group_main.getLoader().checkGroupName(group_name) if user_ids: if len(user_ids) != _count: raise GeneralException( errorText("USER_ACTIONS", "USER_IDS_COUNT_NOT_MATCH")) for user_id in user_ids: if not isInt(user_id): raise GeneralException( errorText("USER", "INVALID_USER_ID") % user_id)
def delGroup(self, group_name): """ delete group with name "group_name" """ self.__delGroupCheckInput(group_name) group_obj = group_main.getLoader().getGroupByName(group_name) self.__checkGroupUsageInUsers(group_obj) self.__deleteGroupDB(group_obj.getGroupID()) group_main.getLoader().unloadGroup(group_obj.getGroupID())
def delGroup(self,group_name): """ delete group with name "group_name" """ self.__delGroupCheckInput(group_name) group_obj=group_main.getLoader().getGroupByName(group_name) self.__checkGroupUsageInUsers(group_obj) self.__deleteGroupDB(group_obj.getGroupID()) group_main.getLoader().unloadGroup(group_obj.getGroupID())
def __updateGroupCheckInput(self,group_id,group_name,comment,owner_name): group_obj=group_main.getLoader().getGroupByID(group_id) if group_obj.getGroupName()!=group_name: if group_main.getLoader().groupNameExists(group_name): raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name) if not isValidName(group_name): raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name) admin_main.getLoader().checkAdminName(owner_name)
def updateGroup(self,group_id,group_name,comment,owner_name): """ update group information with id "group_id" notice that group_name is changable """ self.__updateGroupCheckInput(group_id,group_name,comment,owner_name) admin_obj=admin_main.getLoader().getAdminByName(owner_name) self.__updateGroupDB(group_id,group_name,comment,admin_obj.getAdminID()) group_main.getLoader().unloadGroup(group_id) group_main.getLoader().loadGroup(group_id)
def updateGroup(self, group_id, group_name, comment, owner_name): """ update group information with id "group_id" notice that group_name is changable """ self.__updateGroupCheckInput(group_id, group_name, comment, owner_name) admin_obj = admin_main.getLoader().getAdminByName(owner_name) self.__updateGroupDB(group_id, group_name, comment, admin_obj.getAdminID()) group_main.getLoader().unloadGroup(group_id) group_main.getLoader().loadGroup(group_id)
def addGroup(self,group_name,comment,owner_id): """ add a new group with name "group_name" group_name(string): name of a new group owner_id(integer): id of owner admin id comment(string): """ self.__addGroupCheckInput(group_name,comment,owner_id) group_id=self.__getNewGroupSeq() self.__addGroupDB(group_id,group_name,comment,owner_id) group_main.getLoader().loadGroup(group_id)
def addGroup(self, group_name, comment, owner_id): """ add a new group with name "group_name" group_name(string): name of a new group owner_id(integer): id of owner admin id comment(string): """ self.__addGroupCheckInput(group_name, comment, owner_id) group_id = self.__getNewGroupSeq() self.__addGroupDB(group_id, group_name, comment, owner_id) group_main.getLoader().loadGroup(group_id)
def __addNewUsersCheckInput(self,_count,credit,owner_name,creator_name,group_name,remote_address,credit_change_comment): if not isInt(_count) or _count<=0: raise GeneralException(errorText("USER_ACTIONS","INVALID_USER_COUNT")%_count) if not isFloat(credit): raise GeneralException(errorText("USER_ACTIONS","CREDIT_NOT_FLOAT")) if credit<0: raise GeneralException(errorText("USER_ACTIONS","CREDIT_MUST_BE_POSITIVE")) admin_main.getLoader().checkAdminName(owner_name) admin_main.getLoader().checkAdminName(creator_name) group_main.getLoader().checkGroupName(group_name)
def __updateGroupCheckInput(self, group_id, group_name, comment, owner_name): group_obj = group_main.getLoader().getGroupByID(group_id) if group_obj.getGroupName() != group_name: if group_main.getLoader().groupNameExists(group_name): raise GeneralException( errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name) if not isValidName(group_name): raise GeneralException( errorText("GROUPS", "GROUP_NAME_INVALID") % group_name) admin_main.getLoader().checkAdminName(owner_name)
def __reloadGroups(self, admin_id): """ reload groups with owner of deleted admin """ all_groups = group_main.getLoader().getAllGroupNames() for group_name in all_groups: try: group_obj = group_main.getLoader().getGroupByName(group_name) except GeneralException: pass if group_obj.getOwnerID() == admin_id: group_main.getLoader().loadGroupByName(group_name)
def run(self): users_table=self.getSearchHelper().getTable("users") users_table.exactSearch(self.getSearchHelper(), "group_name", "group_id", lambda x:group_main.getLoader().getGroupByName(x).getGroupID() )
def addNewUsersQuery(self, _count, credit, owner_name, group_name, ibs_query, user_ids=None): """ _count(integer): count of users owner_name(string): name of owner admin credit(float): amount of credit users will have, group_name(string): name of group string ibs_query(IBSQuery instance): IBSQuery instance we'll add query to user_ids(None or list of int): user_ids to use for created users. if set to None generate new ids XXX: add this: if credit is an empty string, group initial_credit is used, or an exception is raised if there's no initial_credit for user return a list of user ids of newly added users """ owner_admin_obj = admin_main.getLoader().getAdminByName(owner_name) group_obj = group_main.getLoader().getGroupByName(group_name) if not user_ids: user_ids = self.__generateUserIDs(_count) self.__insertBasicUsersQueries(_count, user_ids, credit, owner_admin_obj.getAdminID(), group_obj.getGroupID(), ibs_query) return user_ids
def listGroups(self,request): """ return a list of group names, that requester admin has access to """ request.needAuthType(request.ADMIN) requester=request.getAuthNameObj() group_names=group_main.getLoader().getAllGroupNames() return filter(requester.canUseGroup,group_names)
def __addGroupCheckInput(self,group_name,comment,owner_id): if not isValidName(group_name): raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name) if group_main.getLoader().groupNameExists(group_name): raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name) admin_main.getLoader().checkAdminID(owner_id)
def __fixGroupNames(self, db_usages): group_usages = [] for row in db_usages: group_name = group_main.getLoader().getGroupByID( row["group_id"]).getGroupName() group_usages.append((group_name, row["duration"])) return group_usages
def check(self, admin_obj, admin_perm_obj, group_name): if admin_perm_obj.getValue( ) == "All" and not admin_obj.canUseGroup(group_name): raise GeneralException( errorText("GROUPS", "GROUP_CHANGE_DENIED") % group_name) elif group_main.getLoader().getGroupByName( group_name).getOwnerID() != admin_obj.getAdminID(): raise GeneralException( errorText("GROUPS", "GROUP_CHANGE_DENIED") % group_name)
def updateGroupAttrs(self,group_name,attrs,to_del_attrs,admin_obj): """ update group attributes attrs(dic): a dic of attributes in format attr_name=>attr_value that tell "I want these attributes have these values", so attrs may contain only a portion of attributes and not all of them to_del_attrs(list): list of attributes that should be deleted from group admin_obj(Admin instance): admin that request this update """ group_obj=group_main.getLoader().getGroupByName(group_name) changed_attr_updaters=user_main.getAttributeManager().getAttrUpdaters(attrs,"change") deleted_attr_updaters=user_main.getAttributeManager().getAttrUpdaters(to_del_attrs,"delete") ibs_query=IBSQuery() self.__getChangedQuery(ibs_query,group_obj,changed_attr_updaters,admin_obj) self.__getDeletedQuery(ibs_query,group_obj,deleted_attr_updaters,admin_obj) ibs_query.runQuery() group_main.getLoader().loadGroupByName(group_name) self.__broadcastChange() self.__callPostUpdates(changed_attr_updaters,deleted_attr_updaters)
def __addGroupCheckInput(self, group_name, comment, owner_id): if not isValidName(group_name): raise GeneralException( errorText("GROUPS", "GROUP_NAME_INVALID") % group_name) if group_main.getLoader().groupNameExists(group_name): raise GeneralException( errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name) admin_main.getLoader().checkAdminID(owner_id)
def __checkChargeUsageInGroups(self, charge_obj, attr_name): group_ids = group_main.getActionManager().getGroupIDsWithAttr( attr_name, charge_obj.getChargeID()) if len(group_ids) > 0: raise GeneralException( errorText("CHARGES", "CHARGE_USED_IN_GROUP") % (charge_obj.getChargeName(), ",".join( map( lambda _id: group_main.getLoader().getGroupByID(_id). getGroupName(), group_ids))))
def getGroupInfo(self,request): """ group_name(string): group name to return info for """ request.needAuthType(request.ADMIN) request.checkArgs("group_name") requester=request.getAuthNameObj() if not requester.canUseGroup(request["group_name"]): raise GeneralException(errorText("GROUPS","ACCESS_TO_GROUP_DENIED")%request["group_name"]) group_obj=group_main.getLoader().getGroupByName(request["group_name"]) return group_obj.getInfo(request.getDateType())
def listGroups(self,request): """ return a list of group names, that requester admin has access to """ request.needAuthType(request.ADMIN) requester=request.getAuthNameObj() group_names=group_main.getLoader().getAllGroupNames() group_names = filter(requester.canUseGroup,group_names) sorted_group_names = SortedList(group_names) sorted_group_names.sort(False) return sorted_group_names.getList()
def __createReportResult(self, result, date_type): for row in result: row["change_time_formatted"] = AbsDate( row["change_time"], "gregorian").getDate(date_type) row["admin_name"] = admin_main.getLoader().getAdminByID( row["admin_id"]).getUsername() if row["is_user"] == "t": row["username"] = user_main.getActionManager( ).getUsernameReprForUserID(row["object_id"]) else: row["group_name"] = group_main.getLoader().getGroupByID( row["object_id"]).getGroupName() return result
def updateGroupAttrs(self, group_name, attrs, to_del_attrs, admin_obj): """ update group attributes attrs(dic): a dic of attributes in format attr_name=>attr_value that tell "I want these attributes have these values", so attrs may contain only a portion of attributes and not all of them to_del_attrs(list): list of attributes that should be deleted from group admin_obj(Admin instance): admin that request this update """ group_obj = group_main.getLoader().getGroupByName(group_name) changed_attr_updaters = user_main.getAttributeManager( ).getAttrUpdaters(attrs, "change") deleted_attr_updaters = user_main.getAttributeManager( ).getAttrUpdaters(to_del_attrs, "delete") ibs_query = IBSQuery() self.__getChangedQuery(ibs_query, group_obj, changed_attr_updaters, admin_obj) self.__getDeletedQuery(ibs_query, group_obj, deleted_attr_updaters, admin_obj) ibs_query.runQuery() group_main.getLoader().loadGroupByName(group_name) self.__broadcastChange() self.__callPostUpdates(changed_attr_updaters, deleted_attr_updaters)
def updateQuery(self, ibs_query, src, action, **args): group_obj = group_main.getLoader().getGroupByName(self.group_name) for user_id in args["users"]: ibs_query += ibs_db.createUpdateQuery( "users", {"group_id": group_obj.getGroupID()}, "user_id=%s" % user_id) if defs.USER_AUDIT_LOG: ibs_query += user_main.getUserAuditLogManager( ).userAuditLogQuery( args["admin_obj"].getAdminID(), True, user_id, "group", args["users"] [user_id].getBasicUser().getGroupObj().getGroupName(), self.group_name) return ibs_query
def __addGroupAttrsForUser(self, user_info, date_type): """ add group attributes to attr dic, if user doesn't have the attr. Users don't have access to groups, and they doesn't know about user/group logic. """ group_obj = group_main.getLoader().getGroupByID( user_info["basic_info"]["group_id"]) group_attrs = group_obj.getParsedAttrs(date_type) for attr_name in group_attrs: #if it's not set in user if attr_name not in user_info["attrs"]: user_info["attrs"][attr_name] = group_attrs[attr_name] return user_info
def getGroupInfo(self,request): """ group_name(string): group name to return info for """ request.needAuthType(request.ADMIN) request.checkArgs("group_name") requester=request.getAuthNameObj() if not requester.canUseGroup(request["group_name"]): raise GeneralException(errorText("GROUPS","ACCESS_TO_GROUP_DENIED")) group_obj=group_main.getLoader().getGroupByName(request["group_name"]) return {"group_id":group_obj.getGroupID(), "group_name":group_obj.getGroupName(), "comment":group_obj.getComment(), "owner_id":group_obj.getOwnerID(), "owner_name":admin_main.getLoader().getAdminByID(group_obj.getOwnerID()).getUsername(), "raw_attrs":group_obj.getAttrs(), "attrs":user_main.getAttributeManager().parseAttrs(group_obj.getAttrs(),request.getDateType()) }
def canUseGroup(self, group_name): """ return True if admin can use group with name "group_name" """ if self.isGod() or self.hasPerm("ACCESS ALL GROUPS"): return True if group_main.getLoader().getGroupByName( group_name).getOwnerID() == self.getAdminID(): return True if self.hasPerm("GROUP ACCESS"): try: self.checkPerm("GROUP ACCESS", group_name) return True except PermissionException: return False return False
def addNewUsersQuery(self,_count,credit,owner_name,group_name,ibs_query): """ _count(integer): count of users owner_name(string): name of owner admin credit(float): amount of credit users will have, group_name(string): name of group string ibs_query(IBSQuery instance): IBSQuery instance we'll add query to XXX: add this: if credit is an empty string, group initial_credit is used, or an exception is raised if there's no initial_credit for user return a list of user ids of newly added users """ owner_admin_obj=admin_main.getLoader().getAdminByName(owner_name) group_obj=group_main.getLoader().getGroupByName(group_name) user_ids=self.__generateUserIDs(_count) self.__insertBasicUsersQueries(_count,user_ids,credit,owner_admin_obj.getAdminID(),group_obj.getGroupID(),ibs_query) return user_ids
def applyConditions(self): """ Apply conditions on tables, should check conditions here """ user_audit_table = self.search_helper.getTable("user_audit_log") self.__addAdminCondition(user_audit_table) if self.search_helper.hasCondFor("user_ids"): if self.search_helper.getCondValue("user_ids") != "": user_audit_table.exactSearch(self.search_helper, "user_ids", "object_id", MultiStr) user_audit_table.getRootGroup().addGroup("is_user = '******'") if self.search_helper.hasCondFor("group_name"): if self.search_helper.getCondValue("group_name") != "": user_audit_table.exactSearch( self.search_helper, "group_name", "object_id", lambda group_name: group_main.getLoader().getGroupByName( group_name).getGroupID()) user_audit_table.getRootGroup().addGroup("is_user = '******'") user_audit_table.exactSearch(self.search_helper, "attr_names", "attr_name", MultiStr) self.search_helper.setCondValue("change_time_from_op", ">=") user_audit_table.dateSearch(self.search_helper, "change_time_from", "change_time_from_unit", "change_time_from_op", "change_time") self.search_helper.setCondValue("change_time_to_op", "<") user_audit_table.dateSearch(self.search_helper, "change_time_to", "change_time_to_unit", "change_time_to_op", "change_time")
def __getGroupObj(self): """ maybe group attributes changed during """ return group_main.getLoader().getGroupByID(self.group_id)
def getValueCandidates(self): return group_main.getLoader().getAllGroupNames()
def checkNewValue(self,new_val): group_main.getLoader().checkGroupName(new_val)
def __delGroupCheckInput(self, group_name): group_main.getLoader().checkGroupName(group_name)
def check(self,admin_obj,admin_perm_obj,group_name): if admin_perm_obj.getValue()=="All" and not admin_obj.canUseGroup(group_name): raise GeneralException(errorText("GROUPS","GROUP_CHANGE_DENIED")%group_name) elif group_main.getLoader().getGroupByName(group_name).getOwnerID()!=admin_obj.getAdminID(): raise GeneralException(errorText("GROUPS","GROUP_CHANGE_DENIED")%group_name)
def checkInput(self,src,action,arg_dic):#XXX check access of admin to this group group_main.getLoader().checkGroupName(self.group_name)
def getGroupObj(self): return group_main.getLoader().getGroupByID(self.group_id)
from core.group import group_main print str(group_main.getLoader().groups_name)
from core.group import group_main print str(group_main.getLoader().getGroupByName("test2").getAttrs())
def run(self): users_table = self.getSearchHelper().getTable("users") users_table.exactSearch( self.getSearchHelper(), "group_name", "group_id", lambda x: group_main.getLoader().getGroupByName(x).getGroupID())
def checkInput(self, src, action, arg_dic): #XXX check access of admin to this group group_main.getLoader().checkGroupName(self.group_name)
def __delGroupCheckInput(self,group_name): group_main.getLoader().checkGroupName(group_name)
def checkNewValue(self, new_val): group_main.getLoader().checkGroupName(new_val)
def updateQuery(self,ibs_query,src,action,**args): group_obj=group_main.getLoader().getGroupByName(self.group_name) for user_id in args["users"]: ibs_query+=ibs_db.createUpdateQuery("users",{"group_id":group_obj.getGroupID()},"user_id=%s"%user_id) return ibs_query