def collections(self, action): if action in self._collections: return self._collections.get(action) prefix_key = cache.key(self.PREFIX) key = cache.key(self.PREFIX, action, self.id) collections = cache.get_list(key) if len(collections): collections = [int(c) for c in collections] self._collections[action] = collections log.debug("[C] Authz: %s (%s): %s", self, action, collections) return collections if self.is_admin: q = Collection.all_ids() else: q = db.session.query(Permission.collection_id) q = q.filter(Permission.deleted_at == None) # noqa q = q.filter(Permission.role_id.in_(self.roles)) if action == self.READ: q = q.filter(Permission.read == True) # noqa if action == self.WRITE: q = q.filter(Permission.write == True) # noqa q = q.distinct() # log.info("Query: %s", q) collections = [c for (c, ) in q.all()] log.debug("Authz: %s (%s): %s", self, action, collections) cache.kv.sadd(prefix_key, key) cache.set_list(key, collections) self._collections[action] = collections return collections
def collections(self, action): if action in self._collections: return self._collections.get(action) prefix_key = cache.key(self.PREFIX) key = cache.key(self.PREFIX, action, self.id) collections = cache.get_list(key) if len(collections): collections = [int(c) for c in collections] self._collections[action] = collections log.debug("[C] Authz: %s (%s): %s", self, action, collections) return collections if self.is_admin: q = Collection.all_ids() else: q = db.session.query(Permission.collection_id) q = q.filter(Permission.deleted_at == None) # noqa q = q.filter(Permission.role_id.in_(self.roles)) if action == self.READ: q = q.filter(Permission.read == True) # noqa if action == self.WRITE: q = q.filter(Permission.write == True) # noqa q = q.distinct() # log.info("Query: %s", q) collections = [c for (c,) in q.all()] log.debug("Authz: %s (%s): %s", self, action, collections) cache.kv.sadd(prefix_key, key) cache.set_list(key, collections) self._collections[action] = collections return collections
def ancestors(self): if self.parent_id is None: return [] key = cache.key('ancestors', self.id) ancestors = cache.get_list(key) if ancestors is not None: return ancestors ancestors = self.parent.ancestors ancestors.append(self.parent_id) cache.set_list(key, ancestors) return ancestors
def get_role_channels(role): """Generate the set of notification channels that the current user should listen to.""" key = cache.object_key(Role, role.id, 'channels') channels = cache.get_list(key) if len(channels): return channels channels = [Notification.GLOBAL] if role.deleted_at is None and role.type == Role.USER: channels.append(channel(role)) for group in role.roles: channels.append(channel(group)) cache.set_list(key, channels) return channels
def get_role_channels(role): """Generate the set of notification channels that the current user should listen to.""" key = cache.object_key(Role, role.id, 'channels') channels = cache.get_list(key) if len(channels): return channels channels = [Notification.GLOBAL] if role.deleted_at is None and role.type == Role.USER: authz = Authz.from_role(role) for role_id in authz.roles: channels.append(channel(role_id, Role)) for coll_id in authz.collections(authz.READ): channels.append(channel(coll_id, Collection)) cache.set_list(key, channels, expire=cache.EXPIRE) return channels
def ancestors(self): if self.parent_id is None: return [] key = cache.key('ancestors', self.id) ancestors = cache.get_list(key) if len(ancestors): return ancestors parent_key = cache.key('ancestors', self.parent_id) ancestors = cache.get_list(parent_key) if not len(ancestors): ancestors = [] parent = Document.by_id(self.parent_id) if parent is not None: ancestors = parent.ancestors ancestors.append(self.parent_id) if self.model.is_a(model.get(self.SCHEMA_FOLDER)): cache.set_list(key, ancestors, expire=cache.EXPIRE) return ancestors