def is_owned_by(self, user): """Checks if the user is managing the room (owner or manager)""" if self.owner == user: return True manager_group = self.get_attribute_value('manager-group') if not manager_group: return False return user in GroupProxy.get_named_default_group(manager_group)
def _process_args(self): try: group = GroupProxy(request.view_args['group_id'], request.view_args['provider']) except ValueError: group = None if group is None or group.group is None: raise NotFound self.group = group
def test_iter_acl(): user = User() user_p = MagicMock(principal=user, spec=['principal']) ipn = IPNetworkGroup() ipn_p = MagicMock(principal=ipn, spec=['principal']) local_group = GroupProxy(123, _group=MagicMock()) local_group_p = MagicMock(principal=local_group, spec=['principal']) remote_group = GroupProxy('foo', 'bar') remote_group_p = MagicMock(principal=remote_group, spec=['principal']) acl = [ ipn, user_p, remote_group, local_group_p, user, local_group, remote_group_p, ipn_p ] assert list(iter_acl(iter(acl))) == [ user_p, user, ipn, ipn_p, local_group_p, local_group, remote_group, remote_group_p ]
def principal(self): from fossir.modules.groups import GroupProxy if self.type == PrincipalType.user: return self.user elif self.type == PrincipalType.local_group: return self.local_group.proxy elif self.type == PrincipalType.multipass_group: return GroupProxy(self.multipass_group_name, self.multipass_group_provider) elif self.type == PrincipalType.email: return EmailPrincipal(self.email) elif self.type == PrincipalType.network: return self.ip_network_group
def _can_be_booked(self, user, prebook=False, ignore_admin=False): if not user or not rb_check_user_access(user): return False if (not ignore_admin and rb_is_admin(user)) or (self.is_owned_by(user) and self.is_active): return True if self.is_active and self.is_reservable and ( prebook or not self.reservations_need_confirmation): group_name = self.get_attribute_value('allowed-booking-group') if not group_name or user in GroupProxy.get_named_default_group( group_name): return True return False
def _process(self): query = LocalGroup.query.options(joinedload(LocalGroup.members)).order_by(db.func.lower(LocalGroup.name)) groups = [g.proxy for g in query] providers = [p for p in multipass.identity_providers.itervalues() if p.supports_groups] form = SearchForm(obj=FormDefaults(exact=True)) if not providers: del form.provider else: form.provider.choices = ([('', _('All')), ('fossir', _('Local Groups'))] + [(p.name, p.title) for p in sorted(providers, key=attrgetter('title'))]) search_results = None if form.validate_on_submit(): search_providers = None if not providers or not form.provider.data else {form.provider.data} search_results = GroupProxy.search(form.name.data, exact=form.exact.data, providers=search_providers) search_results.sort(key=attrgetter('provider', 'name')) provider_titles = {p.name: p.title for p in multipass.identity_providers.itervalues()} provider_titles[None] = _('Local') return WPGroupsAdmin.render_template('groups.html', groups=groups, providers=providers, form=form, search_results=search_results, provider_titles=provider_titles)
def principal_from_fossil(fossil, allow_pending=False, allow_groups=True, allow_missing_groups=False, allow_emails=False, allow_networks=False, existing_data=None): from fossir.modules.networks.models.networks import IPNetworkGroup from fossir.modules.groups import GroupProxy from fossir.modules.users import User if existing_data is None: existing_data = set() type_ = fossil['_type'] id_ = fossil['id'] if type_ == 'Avatar': if isinstance(id_, int) or id_.isdigit(): # regular user user = User.get(int(id_)) elif allow_pending: data = GenericCache('pending_identities').get(id_) if not data: raise ValueError("Cannot find user '{}' in cache".format(id_)) data = {k: '' if v is None else v for k, v in data.items()} email = data['email'].lower() # check if there is not already a (pending) user with that e-mail # we need to check for non-pending users too since the search may # show a user from external results even though the email belongs # to an fossir account in case some of the search criteria did not # match the fossir account user = User.find_first(User.all_emails.contains(email), ~User.is_deleted) if not user: user = User(first_name=data.get('first_name') or '', last_name=data.get('last_name') or '', email=email, address=data.get('address', ''), phone=data.get('phone', ''), affiliation=data.get('affiliation', ''), is_pending=True) db.session.add(user) db.session.flush() else: raise ValueError( "Id '{}' is not a number and allow_pending=False".format(id_)) if user is None: raise ValueError('User does not exist: {}'.format(id_)) return user elif allow_emails and type_ == 'Email': return EmailPrincipal(id_) elif allow_networks and type_ == 'IPNetworkGroup': group = IPNetworkGroup.get(int(id_)) if group is None or (group.hidden and group not in existing_data): raise ValueError('IP network group does not exist: {}'.format(id_)) return group elif allow_groups and type_ in {'LocalGroupWrapper', 'LocalGroup'}: group = GroupProxy(int(id_)) if group.group is None: raise ValueError('Local group does not exist: {}'.format(id_)) return group elif allow_groups and type_ in {'LDAPGroupWrapper', 'MultipassGroup'}: provider = fossil['provider'] group = GroupProxy(id_, provider) if group.group is None and not allow_missing_groups: raise ValueError('Multipass group does not exist: {}:{}'.format( provider, id_)) return group else: raise ValueError('Unexpected fossil type: {}'.format(type_))
def proxy(self): """Returns a GroupProxy wrapping this group""" from fossir.modules.groups import GroupProxy return GroupProxy(self.id, _group=self)
def group(self): return GroupProxy(self.id, self.provider)
def group(self): return GroupProxy(self.id)
def manager_emails(self): manager_group = self.get_attribute_value('manager-group') if not manager_group: return set() group = GroupProxy.get_named_default_group(manager_group) return {u.email for u in group.get_members()}
def _getAnswer(self): results = [g.as_legacy_group for g in GroupProxy.search(self._group, exact=self._exactMatch)] fossilized_results = fossilize(results, IGroupFossil) for fossilizedGroup in fossilized_results: fossilizedGroup["isGroup"] = True return fossilized_results