def delete_roleoperations(role_id=None, operation_key=None, modifier_id=None):
query = RoleOperation.all()
if role_id is not None:
query.filter("role_id =", role_id)
if operation_key is not None:
query.filter("operation_key =", operation_key)
query.delete(modifier_id)
def has_permission(user_id, operation_key, oqlparams=None):
b = False
cachekey = '%d:%s:%r' % (user_id, operation_key, oqlparams)
perm = cache.get(CACHESPACE_PERMISSION, cachekey)
if perm != None:
return perm
query = stdModel.all()
query.model(UserRole.get_modelname(), "a")
query.model(Role.get_modelname(), "b", join="inner", on="a.role_id=b.uid")
query.model(RoleOperation.get_modelname(), "c", join="inner", on="c.role_id=b.uid")
query.model(Operation.get_modelname(), "d", join="inner", on="c.operation_key=d.operation_key")
query.what("a.user_id", alias="user_id")
query.what("b.uid", alias="role_id")
query.what("d.operation_key", alias="operation_key")
query.what("d.handler_classes", alias="handler_classes")
query.what("d.resource_oql", alias="resource_oql")
query.what("a.user_id", alias="user_id")
query.filter("a.user_id =", user_id)
if operation_key is not None:
query.filter("d.operation_key =", operation_key)
std = query.get()
if std != None:
if std.resource_oql != None:
operation = get_operation(operation_key=operation_key)
params = operation.get_resource_oql_paramnames()
if len(params) != len(oqlparams):
raise UnauthorizedError()
query = stdModel.all()
if oqlparams != None and len(oqlparams) > 0 :
query = query.sql(std.resource_oql, sql_vars=oqlparams)
else:
query = query.sql(std.resource_oql)
if query.count() > 0:
b = True
else:
b = True
cache.put(CACHESPACE_PERMISSION, cachekey, b)
return b
def copy_roleoperations(role_id_from, role_id_to, modifier_id):
query = RoleOperation.all()
query.filter("role_id =", int(role_id_from))
roleoperations = query.fetch()
for ro in roleoperations:
create_roleoperation(ro.role_id, ro.operation_key, modifier_id)
def create_roleoperation(role_id, operation_key, modifier_id):
roleoperation = RoleOperation(role_id=role_id, operation_key=operation_key)
roleoperation.create(modifier_id)
return roleoperation
def fetch_roles(operation_key):
query = Role.all("a")
query.model(RoleOperation.get_modelname(), "b", join="inner", on="a.role_id = b.role_id")
query.filter("b.operation_key =", operation_key)
return query.fetch()
def fetch_operations(role_id):
query = Operation.all("a")
query.model(RoleOperation.get_modelname(), "b", join="inner", on="a.operation_key = b.operation_key")
query.filter("b.role_id =", role_id)
return query.fetch()