def CheckAccess(self, contentCode): ''' Assert whether the given user has permissions to access a content item with the gien code. ''' hasPermission = False #Get roles with permission try: cnt = Content() qo = cnt.queryObject() cntRef = qo.filter(Content.code == contentCode).first() if cntRef != None: cntRoles = cntRef.roles for rl in cntRoles: if getIndex(self.userRoles,rl.name) != -1: hasPermission = True break except Exception: ''' Current user does not have permission to access the content tables. Catches all errors ''' #pass raise return hasPermission
def register(self): """ Registers the content items into the database. Registration only works for a postgres user account. """ pg_account = "docker" if self._username == pg_account: for c in self.contentItems(): if isinstance(c,Content): cnt = Content() qo = cnt.queryObject() cn = qo.filter(Content.code == c.code).first() #If content not found then add if cn == None: #Check if the 'postgres' role is defined, if not then create one rl = Role() rolequery = rl.queryObject() role = rolequery.filter(Role.name == pg_account).first() if role == None: rl.name = pg_account rl.contents = [c] rl.save() else: existingContents = role.contents #Append new content to existing existingContents.append(c) role.contents = existingContents role.update() #Initialize lookup values initLookups()
def register(self): """ Registers the content items into the database. Registration only works for a postgres user account. """ pg_account = "postgres" if self._username == pg_account: for c in self.contentItems(): if isinstance(c,Content): cnt = Content() #self.content=Table('content_base',Base.metadata,autoload=True,autoload_with=STDMDb.instance().engine) qo = cnt.queryObject() cn = qo.filter(Content.code == c.code).first() #If content not found then add if cn == None: #Check if the 'postgres' role is defined, if not then create one rl = Role() rolequery = rl.queryObject() role = rolequery.filter(Role.name == pg_account).first() if role == None: rl.name = pg_account rl.contents = [c] rl.save() else: existingContents = role.contents #Append new content to existing existingContents.append(c) role.contents = existingContents role.update()
def register(self): """ Registers the content items into the database. Registration only works for a postgres user account. """ pg_account = "postgres" if self._username == pg_account: for c in self.contentItems(): if isinstance(c, Content): cnt = Content() qo = cnt.queryObject() cn = qo.filter(Content.code == c.code).first() #If content not found then add if cn == None: #Check if the 'postgres' role is defined, if not then create one rl = Role() rolequery = rl.queryObject() role = rolequery.filter( Role.name == pg_account).first() if role == None: rl.name = pg_account rl.contents = [c] rl.save() else: existingContents = role.contents #Append new content to existing existingContents.append(c) role.contents = existingContents role.update() #Initialize lookup values initLookups()
def _getEditPermissions(self): ''' Returns True/False whether the current logged in user has permissions to create new social tenure relationships. If true, then the system assumes that they can also edit STR records. ''' canEdit = False userName = stdm.data.app_dbconn.User.UserName authorizer = Authorizer(userName) newSTRCode = "9576A88D-C434-40A6-A318-F830216CA15A" #Get the name of the content from the code cnt = Content() createSTRCnt = cnt.queryObject().filter(Content.code == newSTRCode).first() if createSTRCnt: name = createSTRCnt.name canEdit = authorizer.CheckAccess(name) return canEdit
def _getEditPermissions(self): ''' Returns True/False whether the current logged in user has permissions to create new social tenure relationships. If true, then the system assumes that they can also edit STR records. ''' canEdit = False userName = stdm.data.app_dbconn.User.UserName authorizer = Authorizer(userName) newSTRCode = "9576A88D-C434-40A6-A318-F830216CA15A" #Get the name of the content from the code cnt = Content() createSTRCnt = cnt.queryObject().filter( Content.code == newSTRCode).first() if createSTRCnt: name = createSTRCnt.name canEdit = authorizer.CheckAccess(name) return canEdit
class contentAuthDlg(QDialog, Ui_frmContentAuth): ''' Content authorization dialog ''' def __init__(self,plugin): QDialog.__init__(self,plugin.iface.mainWindow()) self.setupUi(self) #Initialize the dialog self.initGui() #Load users self.loadContent() #Load Roles self.loadRoles() #Reference to the currently selected STDM content item self.currentContent = None def initGui(self): ''' Initialize GUI properties ''' #Disable any action by the user in the roles view self.lstRoles.setEnabled(False) #Connect signals QObject.connect(self.lstContent, SIGNAL("activated(const QModelIndex&)"),self.onContentClicked) QObject.connect(self.lstContent, SIGNAL("clicked(const QModelIndex&)"),self.onContentClicked) QObject.connect(self.lstRoles, SIGNAL("activated(const QModelIndex&)"),self.onRoleSelected) QObject.connect(self.lstRoles, SIGNAL("clicked(const QModelIndex&)"),self.onRoleSelected) def loadContent(self): ''' Loads STDM content items ''' self.content = Content() cntItems = self.content.queryObject().all() cnts = [cntItem.name for cntItem in cntItems] self.contentModel = UsersRolesModel(cnts) self.lstContent.setModel(self.contentModel) def loadRoles(self,contentname = ""): ''' Loads the roles in the database cluster ''' self.roleProvider = RoleProvider() sysRoles = self.roleProvider.GetAllRoles() roles = [] #Load the corresponding roles for the specified content item if contentname != "": self.currentContent = self.content.queryObject().filter(Content.name == contentname).first() if self.currentContent: roles = [rl.name for rl in self.currentContent.roles] #Initialize model self.roleMappingsModel = QStandardItemModel(self) self.roleMappingsModel.setColumnCount(1) #Add role items into the standard item model for r in range(len(sysRoles)): role = sysRoles[r] if role.name != "postgres": roleItem = self._createNewRoleItem(role.name) #Check if the db role is in the approved for the current content item roleIndex = getIndex(roles,role.name) if roleIndex != -1: roleItem.setCheckState(Qt.Checked) self.roleMappingsModel.appendRow(roleItem) self.lstRoles.setModel(self.roleMappingsModel) def _createNewRoleItem(self,rolename): ''' Creates a custom role item for use in a QStandardItemModel ''' #Set icon icon = QIcon() icon.addPixmap(QPixmap(":/plugins/stdm/images/icons/roles.png"), QIcon.Normal, QIcon.Off) roleItem = QStandardItem(icon,rolename) roleItem.setCheckable(True) roleItem.setCheckState(Qt.Unchecked) return roleItem def onContentClicked(self,index): ''' Slot activated when a content item is selected to load the roles for the specified content items ''' self.lstRoles.setEnabled(True) contentName = index.data() self.loadRoles(contentName) def onRoleSelected(self,index): ''' Slot which is called when a user checks/unchecks to add/remove a role for the specified content item. ''' if self.currentContent != None: item = self.roleMappingsModel.itemFromIndex(index) rolename = item.text() #Get role object from role name role = Role() rl = role.queryObject().filter(Role.name == rolename).first() self.blockSignals(True) #Add role to the content item if the item is selected or remove if it was previosuly checked if item.checkState() == Qt.Checked: self.currentContent.roles.append(rl) elif item.checkState() == Qt.Unchecked: self.currentContent.roles.remove(rl) self.currentContent.update() self.blockSignals(False)