def view(request):
if request.unauthenticated_userid is not None:
request.session.flash("Already logged in, log out first", 'warning')
return HTTPFound(location=request.route_url('home'))
if "ok" in request.params:
session = DBSession()
view_params = {}
for field_name in ("user_id", "user_name", "user_email"):
if field_name in request.params:
view_params[field_name] = request.params[field_name]
# check all fields are correct
uid = request.params["user_id"]
if len(uid) == 0 or not is_good_id(uid):
request.session.flash("User id is not a valid id", 'warning')
return view_params
name = request.params["user_name"]
if len(name) == 0 or not is_good_name(name):
request.session.flash("Name given is not valid", 'warning')
return view_params
email = request.params["user_email"]
if len(email) == 0 or not is_good_email(email):
request.session.flash("Email given is not valid", 'warning')
return view_params
# check user does not exist already
# as a user
user = User.get(session, uid)
if user is not None:
request.session.flash("User %s already exists" % uid, 'warning')
return view_params
# as a team
team = Team.get(session, uid)
if team is not None:
msg = "User %s already exists as a team name" % uid
request.session.flash(msg, 'warning')
return view_params
# register new user
User.create(session, uid, name, email)
return log_user_in(request, uid, True)
else:
return {}
def view_init(request, session, tab):
"""Common init for all 'view'.
Args:
request: (Request)
session: (DBSession)
tab: (str) current tab in view
Returns:
(User, dict of (str: any)): user, view_params
"""
uid = request.matchdict['uid']
user = User.get(session, uid)
if user is None:
request.session.flash("User %s does not exists" % uid, 'warning')
raise HTTPFound(location=request.route_url('home'))
current_uid = request.unauthenticated_userid
view_params = {"user": user,
"tabs": tabs,
"tab": tab,
"allow_edit": (uid == current_uid),
"sections": []}
return user, view_params
def edit_init(request, session, tab):
"""Common init for all 'edit' views.
Args:
request: (Request)
session: (DBSession)
tab: (str) current tab in view
Returns:
(ResearchObject, dict of (str: any)): ro, view_params
"""
ro, view_params = view_init(request, session, tab)
warn_links = [link for link in ro.out_links if link.type == 'produce']
error_links = [link for link in ro.in_links if link.type != 'contains']
view_params["warn_links"] = warn_links
view_params["error_links"] = error_links
if not view_params["allow_edit"]:
msg = "Access to %s edition not granted for you" % ro.id
request.session.flash(msg, 'warning')
raise HTTPFound(location=request.route_url('home'))
if 'back' in request.params:
# request.session.flash("Edition stopped", 'success')
loc = request.route_url('ro_view_%s' % tab, uid=ro.id)
raise HTTPFound(location=loc)
if 'update' in request.params:
# edit project visibility
public = 'visibility' in request.params
ro.public = public
if 'confirm_transfer' in request.params:
if request.unauthenticated_userid != ro.owner:
request.session.flash("Action non authorized for you", 'warning')
raise HTTPFound(location=request.route_url('home'))
user = User.get(session, request.params["new_owner"])
if user is None:
msg = "User '%s' is unknown" % request.params["new_owner"]
request.session.flash(msg, 'warning')
raise HTTPFound(location=request.current_route_url())
ro.change_owner(session, user)
loc = request.route_url("ro_view_home", uid=ro.id)
transaction.commit()
raise HTTPFound(location=loc)
delete_recursive = "confirm_delete_recursive" in request.params
if "confirm_delete" in request.params or delete_recursive:
if ResearchObject.remove(session, ro, delete_recursive):
transaction.commit()
request.session.flash("RO '%s' deleted" % ro.id, 'success')
else:
request.session.flash("Failed to delete '%s'" % ro.id, 'warning')
raise HTTPFound(location=request.route_url('home'))
return ro, view_params
def register_new_user(request, session, team, new_uid):
"""Register a new user according to info in form
Args:
request: (Request)
session: (DBSession)
team: (Team)
new_uid: (str) id of user to add to team auth
Returns:
(bool): whether team has changed and need to be reloaded
"""
if new_uid == team.id:
msg = "Cannot be a member of itself"
request.session.flash(msg, 'warning')
return False
role = Role.from_str(request.params.get("role_new", "denied"))
member = User.get(session, new_uid)
if member is not None:
if new_uid in (pol.actor for pol in team.auth):
msg = "%s already a direct member" % member.id
request.session.flash(msg, 'warning')
return False
team.add_policy(session, member, role)
request.session.flash("New member %s added" % member.id, 'success')
return True
member = Team.get(session, new_uid)
if member is not None:
if team.has_member(session, new_uid):
request.session.flash("%s already a member" % member.id, 'warning')
return False
if member.has_member(session, team.id):
msg = "Circular reference %s is a member of %s" % (team.id,
member.id)
request.session.flash(msg, 'warning')
return False
team.add_policy(session, member, role)
request.session.flash("New member %s added" % member.id, 'success')
return True
request.session.flash("User %s does not exists" % new_uid, 'warning')
return False
def view(request):
if request.unauthenticated_userid is not None:
request.session.flash("Already logged in, log out first", 'warning')
return HTTPFound(location=request.route_url('home'))
if "ok" in request.params:
session = DBSession()
uid = request.params["user_id"]
user = User.get(session, uid)
if user is None:
msg = "No such user! <a href='%s'>Register?</a>" % request.route_url('user_register')
request.session.flash(Markup(msg), 'warning')
return HTTPFound(location=request.current_route_url())
pwd = request.params["password"]
# check password
if check_password(session, user, pwd):
return log_user_in(request, uid)
else:
request.session.flash("Invalid password", 'warning')
return HTTPFound(location=request.current_route_url())
else:
return {}
def main(session, user, container):
"""Create ROs to test auth policies.
Args:
session (DBSession):
user (User): default user
container (ROContainer): top level container
Returns:
None
"""
# create another user
other = User.create(session,
uid='other',
name="Other User",
email="*****@*****.**")
img = Image.open("seeweb/scripts/avatar/sartzet.png")
upload_user_avatar(img, other)
# user can view RO in container owner by other
roa = ROArticle()
roa.init(session, dict(owner=other.id, name="other article"))
roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum")
roa.add_policy(session, user, Role.view)
road = ROArticle()
road.init(session, dict(owner=other.id, name="other editable article"))
road.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum")
road.add_policy(session, user, Role.edit)
roc = ROContainer()
roc.init(session, dict(owner=other.id,
name="other project",
contents=[roa, road]))
ROLink.connect(session, container.id, roc.id, 'contains')
# access granted to ROs through their container policy
roa = ROArticle()
roa.init(session, dict(owner=other.id, name="other 'private' article"))
roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum")
roc = ROContainer()
roc.init(session, dict(owner=other.id,
name="other 'denied' project",
contents=[roa]))
roc.add_policy(session, user, Role.denied)
ROLink.connect(session, container.id, roc.id, 'contains')
roc = ROContainer()
roc.init(session, dict(owner=other.id,
name="other project",
contents=[roa]))
roc.add_policy(session, user, Role.edit)
ROLink.connect(session, container.id, roc.id, 'contains')
# public container
roa = ROArticle()
roa.init(session, dict(owner=other.id, name="other article"))
roa.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum")
road = ROArticle()
road.init(session, dict(owner=other.id, name="other denied article"))
road.store_description("Title\n=====\n\nLorem Ipsum\nlorem ipsum")
road.add_policy(session, user, Role.denied)
roc = ROContainer()
roc.init(session, dict(owner=other.id,
name="other 'public' project",
contents=[roa, road]))
roc.public = True
ROLink.connect(session, container.id, roc.id, 'contains')
def main(session):
# users
revesansparole = User.create(session,
uid='revesansparole',
name="Jerome Chopard",
email="*****@*****.**")
img = Image.open("seeweb/scripts/avatar/revesansparole.png")
upload_user_avatar(img, revesansparole)
users.append(revesansparole)
doofus0 = User.create(session,
uid='doofus%d' % 0,
name="Dummy Doofus",
email="*****@*****.**")
users.append(doofus0)
doofus1 = User.create(session,
uid='doofus%d' % 1,
name="Dummy Doofus",
email="*****@*****.**")
users.append(doofus1)
pradal = User.create(session,
uid='pradal',
name="Christophe Pradal",
email="*****@*****.**")
img = Image.open("seeweb/scripts/avatar/pradal.png")
upload_user_avatar(img, pradal)
users.append(pradal)
sartzet = User.create(session,
uid='sartzet',
name="Simon Artzet",
email="*****@*****.**")
img = Image.open("seeweb/scripts/avatar/sartzet.png")
upload_user_avatar(img, sartzet)
users.append(sartzet)
fboudon = User.create(session,
uid='fboudon',
name="Fred Boudon",
email="*****@*****.**")
img = Image.open("seeweb/scripts/avatar/fboudon.png")
upload_user_avatar(img, fboudon)
users.append(fboudon)
# teams
subsub_team = Team.create(session, uid="subsubteam")
subsub_team.description = """Test team only"""
subsub_team.add_policy(session, doofus0, Role.edit)
teams.append(subsub_team)
sub_team = Team.create(session, uid="subteam")
sub_team.description = """Test team only"""
sub_team.add_policy(session, doofus1, Role.edit)
sub_team.add_policy(session, subsub_team, Role.edit)
teams.append(sub_team)
vplants = Team.create(session, uid="vplants")
img = Image.open("seeweb/scripts/avatar/vplants.png")
upload_team_avatar(img, vplants)
descr = dedent("""
Team
----
INRIA team based in Montpellier
""")
vplants.store_description(descr)
vplants.add_policy(session, pradal, Role.edit)
vplants.add_policy(session, fboudon, Role.view)
teams.append(vplants)
oa = Team.create(session, uid="openalea")
img = Image.open("seeweb/scripts/avatar/openalea.png")
upload_team_avatar(img, oa)
descr = dedent("""
Community
---------
OpenAlea is an open source project primarily aimed at the plant research community.
It is a distributed collaborative effort to develop Python libraries and tools that address the needs of
current and future works in Plant Architecture modeling.
OpenAlea includes modules to analyse, visualize and model the functioning and growth of plant architecture.
""")
oa.store_description(descr)
oa.add_policy(session, revesansparole, Role.edit)
oa.add_policy(session, pradal, Role.view)
oa.add_policy(session, sartzet, Role.view)
oa.add_policy(session, vplants, Role.edit)
oa.add_policy(session, sub_team, Role.edit)
teams.append(oa)
