def get_allowable_parent_groups(group_id): deposit = get_data_deposit() if group_id: groups = hierarchy_helpers.get_allowable_parent_groups(group_id) else: groups = model.Group.all(group_type='data-container') org_list_func = toolkit.get_action('organization_list_for_user') user_admins = org_list_func({'ignore_auth': True}, { 'id': toolkit.c.userobj.id, 'permission': 'admin' }) user_admins_names = [org['name'] for org in user_admins] allowed_groups = [] for group in groups: if group.name == deposit.get('name'): continue if group.name not in user_admins_names: continue allowed_groups.append(group) return allowed_groups
def get_allowable_parent_groups(self, group_id): role_cascading_enabled = config.get( 'ckan.auth.roles_that_cascade_to_sub_groups', False) # Default behaviour allowable_parent_groups = helpers.get_allowable_parent_groups(group_id) user = p.toolkit.c.user # No restrictions for `sysadmin` users if authz.is_sysadmin(user) or role_cascading_enabled: return allowable_parent_groups # Get the users organisations organization_list_for_user = \ p.toolkit.get_action('organization_list_for_user')({'user': user}, {'permission': None}) # Get the org/group name for those user_allowed_orgs = [org['name'] for org in organization_list_for_user] if group_id: group = model.Group.get(group_id) # Get the org/name of the parent group for this group parent = group.get_parent_groups('organization') if parent: parent = parent.pop(0) if parent and parent.name not in user_allowed_orgs: user_allowed_orgs.append(parent.name) # Loop through the original allowed parent groups list, only picking those also in the users organization # list and the parent org (if managing an existing org) return [ org for org in allowable_parent_groups if org.name in user_allowed_orgs ]
def setup_template_variables(self, context, data_dict): from pylons import tmpl_context as c group_id = data_dict.get('id') c.allowable_parent_groups = helpers.get_allowable_parent_groups( group_id)
def setup_template_variables(self, context, data_dict): group_id = data_dict.get('id') c.allowable_parent_groups = \ helpers.get_allowable_parent_groups(group_id)
def get_allowable_parent_groups(group_id): deposit = get_data_deposit() groups = hierarchy_helpers.get_allowable_parent_groups(group_id) groups = filter(lambda group: group.name != deposit.get('name'), groups) return groups
def setup_template_variables(self, context, data_dict): from pylons import tmpl_context as c group_id = data_dict.get('id') c.allowable_parent_groups = helpers.get_allowable_parent_groups(group_id)