def get_access(my, type, key, default=None): # if a list of keys is provided, then go through each key if isinstance(key, list): for item in key: user_access = my.get_access(type, item) if user_access != None: return user_access return None # qualify the key with a project_code project_code = "*" if isinstance(key, dict): # this avoids get_access() behavior changes on calling it twice key2 = key.copy() rule_project = key.get('project') if rule_project: project_code = rule_project key2.pop('project') key = Common.get_dict_list(key2) # special case for projects elif type == "project": project_code = key key = [('code','plugins')] key = "%s?project=%s" % (key, project_code) #print "key: ", key # Fix added below to remove any unicode string markers from 'key' string ... sometimes the values # of the 'key' dictionary that is passed in contains values that are unicode strings, and sometimes # values that are ascii. # # FIXME: however might not necessarily be the best fix here, so this should be re-assessed at # some point to see if a better fix can be put in place # boris: Since we took out str() in Common.get_dict_list(), we have to re-introduce this back, but with , instead of : since it's a tuple key = key.replace("', u'", "', '") # if there are no rules, just return the default rules = my.groups.get(type) if not rules: return default result = None value = rules.get(key) if value: result, dct = value # DEPRECATED if not result: result = rules.get('__DEFAULT__') if not result: result = default return result
def get_access(my, type, key, default=None): # if a list of keys is provided, then go through each key if isinstance(key, list): for item in key: user_access = my.get_access(type, item) if user_access != None: return user_access return None # qualify the key with a project_code project_code = "*" if isinstance(key, dict): # this avoids get_access() behavior changes on calling it twice key2 = key.copy() rule_project = key.get('project') if rule_project: project_code = rule_project key2.pop('project') key = Common.get_dict_list(key2) # special case for projects elif type == "project": project_code = key key = [('code', 'plugins')] key = "%s?project=%s" % (key, project_code) #print "key: ", key # Fix added below to remove any unicode string markers from 'key' string ... sometimes the values # of the 'key' dictionary that is passed in contains values that are unicode strings, and sometimes # values that are ascii. # # FIXME: however might not necessarily be the best fix here, so this should be re-assessed at # some point to see if a better fix can be put in place # boris: Since we took out str() in Common.get_dict_list(), we have to re-introduce this back, but with , instead of : since it's a tuple key = key.replace("', u'", "', '") # if there are no rules, just return the default rules = my.groups.get(type) if not rules: return default result = None value = rules.get(key) if value: result, dct = value # DEPRECATED if not result: result = rules.get('__DEFAULT__') if not result: result = default return result
def add_xml_rules(my, xml): '''xml should be an XML object with the data in the form of <rules> <group type='sobject' default='<default>'> <rule key='<key>' access='<access>'/> </group> </rules> ''' if isinstance(xml, basestring): xmlx = Xml() xmlx.read_string(xml) xml = xmlx my.xml = xml # parse shorthand rules rule_nodes = xml.get_nodes("rules/rule") if not rule_nodes: return if my.project_codes == None: search = Search('sthpw/project') projects = search.get_sobjects() my.project_codes = [x.get_code() for x in projects] my.project_codes.append('*') for rule_node in rule_nodes: # initiate the project_code here for each loop project_code = '*' group_type = Xml.get_attribute( rule_node, "group" ) if not group_type: # category is the preferred name over group now # TODO: phase out the use of group completely group_type = Xml.get_attribute( rule_node, "category" ) # get an existing rule set or create a new one if my.groups.has_key(group_type): rules = my.groups[group_type] else: rules = {} my.groups[group_type] = rules # set the default, if specified group_default = xml.get_attribute( rule_node, "default" ) if group_default: rules['__DEFAULT__'] = group_default continue # generate the rule key #rule_key = xml.get_attribute(rule_node, 'key') attrs = xml.get_attributes(rule_node) attrs2 = {} count = 0 for name, value in attrs.items(): if name in ['access', 'group', 'category', 'project']: continue # have to turn everything into strings attrs2[str(name)] = str(value) count += 1 if count == 1 and attrs2.has_key('key'): # backwards compatibility rule_key = attrs2['key'] else: #rule_key = str(attrs2) rule_key = str(Common.get_dict_list(attrs2)) rule_project = xml.get_attribute(rule_node, 'project') if rule_project: project_code = rule_project # special treatment for search_filter to enable # project-specific search if group_type=='search_filter': attrs2['project'] = rule_project # if there is a value, then combine it with the key rule_value = xml.get_attribute(rule_node, 'value') if rule_value: rule_key = "%s||%s" % (rule_key, rule_value) # add a project code qualifier rule_keys = [] if project_code == '*' and group_type != 'search_filter': for code in my.project_codes: key = "%s?project=%s" % (rule_key, code) rule_keys.append(key) else: key= "%s?project=%s" % (rule_key, project_code) #key = str(key) # may need to stringify unicode string rule_keys.append(key) rule_access = xml.get_attribute(rule_node, 'access') #if rule_access == "": # raise AccessException("Cannot have empty 'access':\n%s" \ # % xml.to_string(rule_node) ) # if no key is specified, it is considered a DEFAULT if not rule_keys and not rule_value: rule_keys = ['__DEFAULT__'] for rule_key in rule_keys: # check if rule_access exists first, which doesn't for search_filter, # but it has to go into the rules regardless # if the rule already exists, take the highest one if rule_access and rules.has_key(rule_key): curr_access, cur_attrs = rules[rule_key] try: access_enum = my._get_access_enum(rule_access) if my._get_access_enum(curr_access) > access_enum: continue except: if group_type == "builtin": continue else: raise rules[rule_key] = rule_access, attrs2 #for rule, values in rules.items(): # print "rule: ", rule, values[0] # FIXME: this one doesn't support the multi-attr structure # convert this to a python data structure group_nodes = xml.get_nodes("rules/group") for group_node in group_nodes: group_type = Xml.get_attribute( group_node, "type" ) # get an existing rule set or create a new one if my.groups.has_key(group_type): rules = my.groups[group_type] else: rules = {} my.groups[group_type] = rules # set the default, if specified group_default = xml.get_attribute( group_node, "default" ) if group_default != "": rules['__DEFAULT__'] = group_default # get all of the rule nodes rule_nodes = Xml.get_children(group_node) for rule_node in rule_nodes: project_code='*' if Xml.get_node_name(rule_node) != 'rule': continue rule_key = xml.get_attribute(rule_node, 'key') rule_access = xml.get_attribute(rule_node, 'access') rule_project = xml.get_attribute(rule_node, 'project') if rule_project: project_code = rule_project if rule_access == "": raise AccessException("Cannot have empty 'access':\n%s" \ % xml.to_string(rule_node) ) rule_keys = [] attrs2 = {'key': rule_key} # add a project code qualifier if project_code == '*' and group_type != 'search_filter': for code in my.project_codes: key = "%s?project=%s" % (rule_key, code) rule_keys.append(key) else: key= "%s?project=%s" % (rule_key, project_code) rule_keys.append(key) for rule_key in rule_keys: rules[rule_key] = rule_access, attrs2
def get_access(my, group, key, default=None): # if a list of keys is provided, then go through each key if isinstance(key, list): for item in key: user_access = my.get_access(group, item) if user_access != None: return user_access return None # qualify the key with a project_code project_code = "*" rule_project = None if isinstance(key, dict): # this avoids get_access() behavior changes on calling it twice key2 = key.copy() rule_project = key.get('project') if rule_project: project_code = rule_project key2.pop('project') # backward compatibility with the key attribute if len(key2) == 1 and key2.keys() == ['key']: key = key2['key'] else: key = Common.get_dict_list(key2) if group == 'project': key = str(key) else: key = "%s?project=%s" % (key, project_code) # Fix added below to remove any unicode string markers from 'key' string ... sometimes the values # of the 'key' dictionary that is passed in contains values that are unicode strings, and sometimes # values that are ascii. # # FIXME: however might not necessarily be the best fix here, so this should be re-assessed at # some point to see if a better fix can be put in place # boris: Since we took out str() in Common.get_dict_list(), we have to re-introduce this back, but with , instead of : since it's a tuple key = key.replace("', u'", "', '") # if there are no rules, just return the default rules = my.groups.get(group) if not rules: return default result = None value = rules.get(key) if value: result, dct = value # if default is explicitly turned off by caller, don't use __DEFAULT__ if not result and default != None: result = rules.get('__DEFAULT__') if not result: result = default return result
def get_access(self, group, key, default=None): # if a list of keys is provided, then go through each key if isinstance(key, list): for item in key: user_access = self.get_access(group, item) if user_access != None: return user_access return None # qualify the key with a project_code project_code = "*" rule_project = None if isinstance(key, dict): # this avoids get_access() behavior changes on calling it twice key2 = key.copy() rule_project = key.get('project') if rule_project: project_code = rule_project key2.pop('project') # backward compatibility with the key attribute if len(key2) == 1 and key2.keys() == ['key']: key = key2['key'] else: key = Common.get_dict_list(key2) if group == 'project': key = str(key) else: key = "%s?project=%s" % (key, project_code) # Fix added below to remove any unicode string markers from 'key' string ... sometimes the values # of the 'key' dictionary that is passed in contains values that are unicode strings, and sometimes # values that are ascii. # # FIXME: however might not necessarily be the best fix here, so this should be re-assessed at # some point to see if a better fix can be put in place # boris: Since we took out str() in Common.get_dict_list(), we have to re-introduce this back, but with , instead of : since it's a tuple key = key.replace("', u'", "', '") # if there are no rules, just return the default rules = self.groups.get(group) if not rules: return default result = None value = rules.get(key) if value: result, dct = value # if default is explicitly turned off by caller, don't use __DEFAULT__ if not result and default != None: result = rules.get('__DEFAULT__') if not result: result = default return result
def add_xml_rules(self, xml, project_code=None): '''xml should be an XML object with the data in the form of <rules> <group type='sobject' default='<default>'> <rule key='<key>' access='<access>'/> </group> </rules> ''' from pyasm.search import SObject if isinstance(xml, SObject): sobject = xml xml = sobject.get_xml_value("access_rules") if not project_code: project_code = sobject.get_value("project_code") project_override = project_code if isinstance(xml, basestring): xmlx = Xml() xmlx.read_string(xml) xml = xmlx # parse shorthand rules rule_nodes = xml.get_nodes("rules/rule") if not rule_nodes: return # store all of the project codes (this will only run once) if self.project_codes == None: search = Search('sthpw/project') projects = search.get_sobjects() self.project_codes = [x.get_code() for x in projects] self.project_codes.append('*') for rule_node in rule_nodes: # initiate the project_code here for each loop project_code = '*' group_type = Xml.get_attribute( rule_node, "group" ) if not group_type: # category is the preferred name over group now # TODO: phase out the use of group completely group_type = Xml.get_attribute( rule_node, "category" ) # get an existing rule set or create a new one if self.groups.has_key(group_type): rules = self.groups[group_type] else: rules = {} self.groups[group_type] = rules # set the default, if specified group_default = xml.get_attribute( rule_node, "default" ) if group_default: rules['__DEFAULT__'] = group_default continue # generate the rule key #rule_key = xml.get_attribute(rule_node, 'key') attrs = xml.get_attributes(rule_node) attrs2 = {} count = 0 for name, value in attrs.items(): if name in ['access', 'group', 'category', 'project']: continue # have to turn everything into strings attrs2[str(name)] = str(value) count += 1 if count == 1 and attrs2.has_key('key'): # backwards compatibility rule_key = attrs2['key'] else: #rule_key = str(attrs2) rule_key = str(Common.get_dict_list(attrs2)) if project_override: rule_project = project_override else: rule_project = xml.get_attribute(rule_node, 'project') if rule_project: project_code = rule_project # special treatment for search_filter to enable # project-specific search if group_type=='search_filter': attrs2['project'] = rule_project # if there is a value, then combine it with the key rule_value = xml.get_attribute(rule_node, 'value') if rule_value: rule_key = "%s||%s" % (rule_key, rule_value) # add a project code qualifier rule_keys = [] # project rule is special if group_type == 'project': key = str(rule_key) rule_keys.append(key) elif project_code == '*' and group_type != 'search_filter': for code in self.project_codes: key = "%s?project=%s" % (rule_key, code) rule_keys.append(key) else: key= "%s?project=%s" % (rule_key, project_code) #key = str(key) # may need to stringify unicode string rule_keys.append(key) #key= "%s?project=*" % (rule_key) #rule_keys.append(key) rule_access = xml.get_attribute(rule_node, 'access') #if rule_access == "": # raise AccessException("Cannot have empty 'access':\n%s" \ # % xml.to_string(rule_node) ) # if no key is specified, it is considered a DEFAULT if not rule_keys and not rule_value: rule_keys = ['__DEFAULT__'] for rule_key in rule_keys: # check if rule_access exists first, which doesn't for search_filter, # but it has to go into the rules regardless # if the rule already exists, take the highest one if rule_access and rules.has_key(rule_key): curr_access, cur_attrs = rules[rule_key] try: access_enum = self._get_access_enum(rule_access) if self._get_access_enum(curr_access) > access_enum: continue except: if group_type == "builtin": continue else: raise rules[rule_key] = rule_access, attrs2 # FIXME: this one doesn't support the multi-attr structure # convert this to a python data structure group_nodes = xml.get_nodes("rules/group") for group_node in group_nodes: group_type = Xml.get_attribute( group_node, "type" ) # get an existing rule set or create a new one if self.groups.has_key(group_type): rules = self.groups[group_type] else: rules = {} self.groups[group_type] = rules # set the default, if specified group_default = xml.get_attribute( group_node, "default" ) if group_default != "": rules['__DEFAULT__'] = group_default # get all of the rule nodes rule_nodes = Xml.get_children(group_node) for rule_node in rule_nodes: project_code='*' if Xml.get_node_name(rule_node) != 'rule': continue rule_key = xml.get_attribute(rule_node, 'key') rule_access = xml.get_attribute(rule_node, 'access') if project_override: rule_project = project_override else: rule_project = xml.get_attribute(rule_node, 'project') if rule_project: project_code = rule_project if rule_access == "": raise AccessException("Cannot have empty 'access':\n%s" \ % xml.to_string(rule_node) ) rule_keys = [] attrs2 = {'key': rule_key} # add a project code qualifier if project_code == '*' and group_type != 'search_filter': for code in self.project_codes: key = "%s?project=%s" % (rule_key, code) rule_keys.append(key) else: key= "%s?project=%s" % (rule_key, project_code) rule_keys.append(key) for rule_key in rule_keys: rules[rule_key] = rule_access, attrs2