def harvest_source_update(context, data_dict):
model = context['model']
user = context.get('user', '')
source = get_source_object(context, data_dict)
# Non-logged users can not update this source
if not user:
return {
'success':
False,
'msg':
_('Non-logged in users are not authorized to update harvest sources'
)
}
# Sysadmins can update the source
if Authorizer().is_sysadmin(user):
return {'success': True}
# Check if the source publisher id exists on the user's groups
user_obj = User.get(user)
if not user_obj or not source.publisher_id in [
g.id for g in user_obj.get_groups(u'publisher')
]:
return {
'success':
False,
'msg':
_('User %s not authorized to update harvest source %s') %
(str(user), source.id)
}
else:
return {'success': True}
def harvest_source_update(context, data_dict):
#model = context['model']
user = context.get('user', '')
source = get_source_object(context, data_dict)
# Check the user is admin/editor for the publisher - i.e. has
# update_dataset permission
check1 = ckan.new_authz.has_user_permission_for_group_or_org(
source.publisher_id, user, 'update_dataset'
)
if not check1:
return {'success': False,
'msg': _('User %s not authorized to update harvest source %s')
% (str(user), source.id)}
return {'success': True}
def harvest_source_delete(context,data_dict):
model = context['model']
user = context.get('user','')
source = get_source_object(context,data_dict)
# Non-logged users cannot delete this source
if not user:
return {'success': False, 'msg': _('Non-logged in users are not authorized to delete harvest sources')}
# Sysadmins can delete the source
if ckan.new_authz.is_sysadmin(user):
return {'success': True}
# Check if the source publisher id exists on the user's groups
user_obj = User.get(user)
if not user_obj or not source.publisher_id in [g.id for g in user_obj.get_groups(u'organization')]:
return {'success': False, 'msg': _('User %s not authorized to delete harvest source %s') % (str(user),source.id)}
else:
return {'success': True}
def harvest_source_show(context,data_dict):
model = context['model']
user = context.get('user','')
source = get_source_object(context,data_dict)
# Non-logged users can not read the source
if not user:
return {'success': False, 'msg': _('Non-logged in users are not authorized to see harvest sources')}
# Sysadmins can read the source
if Authorizer().is_sysadmin(user):
return {'success': True}
# Check if the source publisher id exists on the user's groups
user_obj = User.get(user)
if not user_obj or not source.publisher_id in [g.id for g in user_obj.get_groups(u'publisher')]:
return {'success': False, 'msg': _('User %s not authorized to read harvest source %s') % (str(user),source.id)}
else:
return {'success': True}