Esempio n. 1
0
 def invitedsForPostable(self, currentuser, useras, postable):
     "is user or memberable a member of the postable?"
     # i need to have access to this if i come in through being a member of a memberable which is a member
     # authorize_postable member takes care of this. That memberable is NOT the same memberable in the arguments here
     authorize_postable_owner(False, self, currentuser, useras, postable)
     inviteds = postable.get_invited_rws()
     return inviteds
Esempio n. 2
0
    def inviteUserToPostable(self, currentuser, useras, fqpn, user, changerw=False):
        "invite a user to a postable."
        ptype = gettype(fqpn)
        postable = self.getPostable(currentuser, fqpn)
        usertobeaddedfqin = user.basic.fqin
        if usertobeaddedfqin == useras.basic.fqin:
            doabort(
                "BAD_REQ", "Failed inviting user %s to postable %s as cant invite owner" % (usertobeaddedfqin, fqpn)
            )
        # userq= User.objects(basic__fqin=usertobeaddedfqin)
        # try:
        #     user=userq.get()
        # except:
        #     doabort('BAD_REQ', "No such user %s" % usertobeaddedfqin)
        authorize_postable_owner(False, self, currentuser, useras, postable)
        try:
            if not changerw:
                rw = RWDEFMAP[ptype]
            else:
                rw = not RWDEFMAP[ptype]

            pe = is_pe_in_mble(postable, user.postablesinvitedto)
            # memb = is_me_in_pble(memberable, postable.members)
            if pe == False:
                pe = PostableEmbedded(
                    ptype=ptype.classname,
                    fqpn=postable.basic.fqin,
                    owner=useras.adsid,
                    pname=postable.presentable_name(),
                    readwrite=rw,
                    description=postable.basic.description,
                )
                user.update(safe_update=True, push__postablesinvitedto=pe)

            memb = is_me_in_pble(user, postable.inviteds)
            if memb == False:
                memb = MembableEmbedded(
                    mtype=User.classname, fqmn=usertobeaddedfqin, readwrite=rw, pname=user.presentable_name()
                )
                # BUG: ok to use fqin here instead of getting from oblect?
                # print "LLL", pe.to_json(), memb.to_json(), "+++++++++++++"
                # print postable.to_json()
                postable.update(safe_update=True, push__inviteds=memb)
            ##print "userq", userq.to_json()
        except:
            doabort("BAD_REQ", "Failed inviting user %s to postable %s" % (usertobeaddedfqin, fqpn))
        ##print "IIIII", userq.get().groupsinvitedto
        postable.reload()
        user.reload()
        return user, postable
Esempio n. 3
0
    def changeDescriptionOfPostable(self, currentuser, owner, fqpn, description):
        "give ownership over to another user for g/a/l"
        ptype = gettype(fqpn)
        postableq = ptype.objects(basic__fqin=fqpn)
        try:
            postable = postableq.get()
        except:
            doabort("BAD_REQ", "No such postable %s %s" % (ptype.__name__, fqpn))
        # Before anything else, make sure I own the stuff so can transfer it.
        # Bug this dosent work if useras is a group

        # useras must be member of postable
        authorize_postable_owner(False, self, currentuser, owner, postable)

        try:
            pe = PostableEmbedded(
                ptype=ptype.classname,
                fqpn=postable.basic.fqin,
                owner=owner.adsid,
                pname=postable.presentable_name(),
                readwrite=True,
                description=description,
            )
            # find new owner as member, locate in postable his membership, update it with readwrite if needed, and make him owner
            # add embedded postable to his ownership and his membership
            postableq.update_one(safe_update=True, set__basic__description=description)
            owner.update(safe_update=True, pull__postablesowned__fqpn=fqpn)
            owner.update(safe_update=True, push__postablesowned=pe)

            # if newownertype != User:
            #
            # postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=memb)
            # else:
            # postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=newowner.basic.fqin, pull__members=oldownerfqpn)
        except:
            doabort("BAD_REQ", "Failed changing owner description for postable %s %s" % (ptype.__name__, fqpn))
        owner.reload()
        postable.reload()
        return owner, postable
Esempio n. 4
0
    def changeOwnershipOfPostable(self, currentuser, owner, fqpn, newowner):
        "give ownership over to another user for g/a/l"
        ptype = gettype(fqpn)
        postableq = ptype.objects(basic__fqin=fqpn)
        try:
            postable = postableq.get()
        except:
            doabort("BAD_REQ", "No such postable %s %s" % (ptype.__name__, fqpn))
        # Before anything else, make sure I own the stuff so can transfer it.
        # Bug this dosent work if useras is a group

        # useras must be member of postable
        authorize_postable_owner(False, self, currentuser, owner, postable)

        # try:
        #     newowner=self.getUserForFqin(currentuser, newownerfqin)
        # except:
        #     #make sure target exists.
        #     doabort('BAD_REQ', "No such newowner %s" % newownerfqin)
        newownerfqin = newowner.basic.fqin
        # Either as a user or a group, you must be member of group/app or app respectively to
        # transfer membership there. But what does it mean for a group to own a group.
        # it makes sense for library and app, but not for group. Though currently let us have it
        # there. Then if a group owns a group, the person doing the changing must be owner.

        # newowner must be member of the postable (group cant own itself)
        permit(
            self.isMemberOfPostable(currentuser, newowner, postable),
            " Possible new owner %s must be member of postable %s %s" % (newownerfqin, ptype.__name__, fqpn),
        )
        # BUG new orners rwmode must be  true!
        # we have removed the possibility of group ownership of postables. CHECK. I've removed the push right now as i assume new owner
        # must be a member of postable. How does this affect tag ownership if at all?
        try:
            # we dont need to be that protective here as we have checked for ownership
            # and only owners can do this
            oldownerfqpn = postable.owner
            members = postable.members
            # get new user me
            # memb=MembableEmbedded(mtype=User.classname, fqmn=newowner.basic.fqin, readwrite=True, pname = newowner.presentable_name())
            memb = is_me_in_pble(newowner, postable.members)
            # get postable pe
            # If owner the pe must already be there.
            pe = is_pe_in_mble(postable, owner.postablesowned)
            # pe=PostableEmbedded(ptype=ptype.classname,fqpn=postable.basic.fqin, owner=newowner.adsid, pname = postable.presentable_name(), readwrite=True, description=postable.basic.description)
            # find new owner as member, locate in postable his membership, update it with readwrite if needed, and make him owner
            # add embedded postable to his ownership and his membership
            postable.update(safe_update=True, set__owner=newowner.basic.fqin)
            newowner.update(safe_update=True, push__postablesowned=pe)
            # for old owner we have removed ownership by changing owner, now remove ownership from him
            owner.update(safe_update=True, pull__postablesowned__fqpn=fqpn)
            # if newownertype != User:
            #
            # postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=memb)
            # else:
            # postable.update(safe_update=True, set__owner = newowner.basic.fqin, push__members=newowner.basic.fqin, pull__members=oldownerfqpn)
        except:
            doabort(
                "BAD_REQ",
                "Failed changing owner from %s to %s for postable %s %s"
                % (oldownerfqpn, newowner.basic.fqin, ptype.__name__, fqpn),
            )
        newowner.reload()
        postable.reload()
        owner.reload()
        return newowner, postable
Esempio n. 5
0
    def addMemberableToPostable(self, currentuser, useras, fqpn, memberablefqin, changerw=False, ownermode=False):
        "add a user, group, or app to a postable=group, app, or library"
        ptype = gettype(fqpn)
        mtype = gettype(memberablefqin)
        # print "types in AMTP", fqpn, ptype, memberablefqin,mtype
        postableq = ptype.objects(basic__fqin=fqpn)
        memberableq = mtype.objects(basic__fqin=memberablefqin)
        # BUG currently restricted admission. Later we will want groups and apps proxying for users.
        authorize(LOGGEDIN_A_SUPERUSER_O_USERAS, self, currentuser, useras)
        try:
            postable = postableq.get()
        except:
            doabort("BAD_REQ", "No such postable %s %s" % (ptype.__name__, fqpn))
        try:
            memberable = memberableq.get()
        except:
            doabort("BAD_REQ", "No such memberable %s %s" % (mtype.__name__, memberablefqin))

        if fqpn != "adsgut/group:public":
            # print "Adding to POSTABLE ", memberable.basic.fqin, postable.basic.fqin, currentuser.basic.fqin, useras.basic.fqin
            # special case so any user can add themselves to public group
            # permit(self.isOwnerOfGroup(currentuser, grp) or self.isSystemUser(currentuser), "User %s must be owner of group %s or systemuser" % (currentuser.nick, grp.fqin))
            authorize_postable_owner(False, self, currentuser, useras, postable)
        try:
            if ownermode:
                rw = True
            else:
                if not changerw:
                    rw = RWDEFMAP[ptype]
                else:
                    rw = not RWDEFMAP[ptype]

            # BUG: weneed to check here that this is unique

            pe = is_pe_in_mble(postable, memberable.postablesin)
            # memb = is_me_in_pble(memberable, postable.members)
            # this would be added a second time but we are protected by this line above!
            if pe == False:
                pe = PostableEmbedded(
                    ptype=ptype.classname,
                    fqpn=postable.basic.fqin,
                    owner=useras.adsid,
                    pname=postable.presentable_name(),
                    readwrite=rw,
                    description=postable.basic.description,
                )
            memberableq.update(safe_update=True, push__postablesin=pe)
            memb = is_me_in_pble(memberable, postable.members)
            if memb == False:
                memb = MembableEmbedded(
                    mtype=mtype.classname, fqmn=memberablefqin, readwrite=rw, pname=memberable.presentable_name()
                )
                # if we are already there this happened and do nothing.clearly we need to be careful
                postableq.update(safe_update=True, push__members=memb)
        except:
            doabort(
                "BAD_REQ",
                "Failed adding memberable %s %s to postable %s %s"
                % (mtype.__name__, memberablefqin, ptype.__name__, fqpn),
            )
        memberable.reload()
        return memberable, postableq.get()