def member_new(self, id): context = {'model': model, 'session': model.Session, 'user': c.user or c.author} #self._check_access('group_delete', context, {'id': id}) try: if request.method == 'POST': data_dict = clean_dict(dict_fns.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, {'id': user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member' else: c.user_role = 'member' c.group_dict = self._action('group_show')(context, {'id': id}) c.roles = self._action('member_roles_list')(context, {}) except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) return self._render_template('group/member_new.html')
def member_new(self, id): context = {'model': model, 'session': model.Session, 'user': c.user or c.author} #self._check_access('group_delete', context, {'id': id}) try: if request.method == 'POST': data_dict = clean_dict(dict_fns.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, {'id': user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member' else: c.user_role = 'member' c.group_dict = self._action('group_show')(context, {'id': id}) c.roles = self._action('member_roles_list')(context, {}) except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError, e: h.flash_error(e.error_summary)
def check_journal_role(pkg, role): user = tk.c.user if not user: return False group = pkg.get('owner_org', pkg.get('group_id', False)) if group: return users_role_for_group_or_org(group, user) == role return False
def owner_org_validator(key, data, errors, context): owner_org = data.get(key) user = context['auth_user_obj'] if owner_org is not missing and owner_org is not None and owner_org != '': role = users_role_for_group_or_org(owner_org, user.name) if role == 'member': return default_oov(key, data, errors, context)
def member_new(self, id): context = { 'model': model, 'session': model.Session, 'user': c.user or c.author } #self._check_access('group_delete', context, {'id': id}) try: c.group_dict = self._action('group_show')(context, {'id': id}) group_type = 'organization' if c.group_dict[ 'is_organization'] else 'group' c.roles = self._action('member_roles_list')( context, { 'group_type': group_type }) if request.method == 'POST': data_dict = clean_dict( dict_fns.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id email = data_dict.get('email') if email: user_data_dict = { 'email': email, 'group_id': data_dict['id'], 'role': data_dict['role'] } del data_dict['email'] user_dict = self._action('user_invite')(context, user_data_dict) data_dict['username'] = user_dict['name'] c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, { 'id': user }) c.user_role = new_authz.users_role_for_group_or_org( id, user) or 'member' else: c.user_role = 'member' except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError, e: h.flash_error(e.error_summary)
def member_new(self, id): context = {'model': model, 'session': model.Session, 'user': c.user or c.author} #self._check_access('group_delete', context, {'id': id}) try: data_dict = {'id': id} data_dict['include_datasets'] = False c.group_dict = self._action('group_show')(context, data_dict) group_type = 'organization' if c.group_dict['is_organization'] else 'group' c.roles = self._action('member_roles_list')( context, {'group_type': group_type} ) if request.method == 'POST': data_dict = clean_dict(df.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id data_dict['role'] = 'editor' # fixed email = data_dict.get('email') if email: # check if user exists user = context['session'].query(model.User).filter_by(email=email, state='active').first() if user: data_dict['username'] = user.name else: user_data_dict = { 'email': email, 'group_id': data_dict['id'], 'role': data_dict['role'] } del data_dict['email'] user_dict = self._action('user_invite')(context, user_data_dict) data_dict['username'] = user_dict['name'] c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, {'id': user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member' else: c.user_role = 'member' except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError, e: h.flash_error(e.error_summary)
def user_is_member_of_package_org(user, package): """Return True if the package is in an organization and the user has the member role in that organization @param user: A user object @param package: A package object @return: True if the user has the 'member' role in the organization that owns the package, False otherwise """ if package.owner_org: role_in_org = users_role_for_group_or_org(package.owner_org, user.name) if role_in_org == 'member': return True return False
def package_create(fb, context, data_dict): user = context['auth_user_obj'] if data_dict and 'owner_org' in data_dict: role = users_role_for_group_or_org(data_dict['owner_org'], user.name) if role == 'member': return {'success': True} else: # If there is no organization, then this should return success if the user can create datasets for *some* # organisation (see the ckan implementation), so either if anonymous packages are allowed or if we have # member status in any organization. if has_user_permission_for_some_org(user.name, 'read'): return {'success': True} return fb(context, data_dict)
def package_create(context, data_dict): user = context['auth_user_obj'] if data_dict and 'owner_org' in data_dict: role = users_role_for_group_or_org(data_dict['owner_org'], user.name) if role == 'member': return {'success': True} else: # If there is no organization, then this should return success if the user can create datasets for *some* # organisation (see the ckan implementation), so either if anonymous packages are allowed or if we have # member status in any organization. if has_user_permission_for_some_org(user.name, 'read'): return {'success': True} fallback = get_default_auth('create', 'package_create') return fallback(context, data_dict)
def member_new(self, id): context = {"model": model, "session": model.Session, "user": c.user or c.author} # self._check_access('group_delete', context, {'id': id}) try: c.group_dict = self._action("group_show")(context, {"id": id}) group_type = "organization" if c.group_dict["is_organization"] else "group" c.roles = self._action("member_roles_list")(context, {"group_type": group_type}) if request.method == "POST": data_dict = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(request.params)))) data_dict["id"] = id email = data_dict.get("email") if email: user_data_dict = {"email": email, "group_id": data_dict["id"], "role": data_dict["role"]} del data_dict["email"] user_dict = self._action("user_invite")(context, user_data_dict) data_dict["username"] = user_dict["name"] c.group_dict = self._action("group_member_create")(context, data_dict) self._redirect_to(controller="group", action="members", id=id) else: user = request.params.get("user") if user: c.user_dict = get_action("user_show")(context, {"id": user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or "member" else: c.user_role = "member" except NotAuthorized: abort(401, _("Unauthorized to add member to group %s") % "") except NotFound: abort(404, _("Group not found")) except ValidationError, e: h.flash_error(e.error_summary)
def member_new(self, id): context = {"model": model, "session": model.Session, "user": c.user or c.author} # self._check_access('group_delete', context, {'id': id}) try: if request.method == "POST": data_dict = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(request.params)))) data_dict["id"] = id c.group_dict = self._action("group_member_create")(context, data_dict) self._redirect_to(controller="group", action="members", id=id) else: user = request.params.get("user") if user: c.user_dict = get_action("user_show")(context, {"id": user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or "member" else: c.user_role = "member" c.group_dict = self._action("group_show")(context, {"id": id}) c.roles = self._action("member_roles_list")(context, {}) except NotAuthorized: abort(401, _("Unauthorized to add member to group %s") % "") except NotFound: abort(404, _("Group not found")) return self._render_template("group/member_new.html")
def member_new(self, id): # FIXME: heavily customized version of GroupController.member_new # that is tied to our particular auth mechanism and permissions # This would be better in the idir extension import ckan.lib.navl.dictization_functions as dict_fns import ckan.new_authz as new_authz context = {'model': model, 'session': model.Session, 'user': c.user or c.author} errors = {} try: group_type = 'organization' c.roles = self._action('member_roles_list')(context, {'group_type': group_type}) if request.method == 'POST': data_dict = clean_dict(dict_fns.unflatten( tuplize_dict(parse_params(request.params)))) data_dict['id'] = id idir_account = data_dict.get('idir') if idir_account: ''' Check if the account has only alphanumeric characters ''' import re name_match = re.compile('[a-z0-9_\-]*$') if not name_match.match(idir_account) : c.group_dict = self._action('organization_show')(context, {'id' : data_dict['id']}) errors['idir'] = _('must be purely lower case alphanumeric (ascii) characters and these symbols: -_') vars = {'data': data_dict, 'errors': errors} return render('organization/member_new.html', extra_vars=vars) try: user_dict = get_action('user_show')(context, {'id': idir_account.lower(), 'include_datasets': False}) except NotFound: user_dict = {} if not user_dict : user_data_dict = { 'name': idir_account.lower(), 'email': '*****@*****.**', 'password' : 't35tu53r' } del data_dict['idir'] user_dict = self._action('user_create')(context, user_data_dict) data_dict['username'] = user_dict['name'] data_dict['role'] = data_dict.get('role', 'editor') c.group_dict = self._action('group_member_create')(context, data_dict) self._redirect_to(controller='group', action='members', id=id) else: user = request.params.get('user') if user: c.user_dict = get_action('user_show')(context, {'id': user}) c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member' else: c.user_role = 'member' c.group_dict = self._action('group_show')(context, {'id': id}) except NotAuthorized: abort(401, _('Unauthorized to add member to group %s') % '') except NotFound: abort(404, _('Group not found')) except ValidationError, e: h.flash_error(e.error_summary)