def permissionsload(context, main=None, add=None, filterinfo=None, session=None, elementId=None, data=None): permissions = PermissionsCursor(context) roles = RolesCursor(context) rolesCustomPerms = rolesCustomPermsCursor(context) customPerms = customPermsCursor(context) customPermsTypes = customPermsTypesCursor(context) cursors = [ roles, permissions, customPermsTypes, customPerms, rolesCustomPerms ] files = [ 'roles', 'permissions', 'customPermsTypes', 'customPerms', 'rolesCustomPerms' ] for i in range(len(cursors)): filePath = os.path.join( os.path.dirname(os.path.dirname(os.path.abspath(__file__))), files[i] + '.xml') # raise Exception(filePath) if add == 'upload': dataStream = FileOutputStream(filePath) elif add == 'download': dataStream = FileInputStream(filePath) exchange = DataBaseXMLExchange(dataStream, cursors[i]) if add == 'upload': exchange.downloadXML() elif add == 'download': exchange.uploadXML() dataStream.close()
def cardDelete(context, main=None, add=None, filterinfo=None, session=None, elementId=None, xformsdata=None): currentRecordId = json.loads(session)['sessioncontext']['related']['gridContext']['currentRecordId'] userRoles=UserrolesCursor(context) userRoles.setRange("roleid", currentRecordId) userRoles.deleteAll() rolesCustomPermissions=rolesCustomPermsCursor(context) rolesCustomPermissions.setRange("roleid", currentRecordId) rolesCustomPermissions.deleteAll() permissions=PermissionsCursor(context) permissions.setRange("roleid", currentRecordId) permissions.deleteAll() role = RolesCursor(context) role.get(currentRecordId) role.delete()
def getPermissionsOfTypeAndUser(context, sid, permissionType=None): u""" Функция возвращает курсор с разрешениями данного типа, которые есть у данного пользователя. Работает для permissions (если permissionType - None или tables) и для customPermissions. Если разрешений нет, возвращает None """ # Насколько знаю, ни в одном решении функция не используется. Курсор с разрешениями пока никому не пригодился # Возможно, стоит выпилить. userRoles = UserrolesCursor(context) userRoles.setRange("userid", sid) filter_string = "" if userRoles.tryFindSet(): filter_string = "'" + userRoles.roleid + "'" while True: if userRoles.nextInSet(): filter_string += "|'" + userRoles.roleid + "'" else: break if permissionType is None or permissionType == 'tables': # получаем разрешения из таблицы permissions permissions = PermissionsCursor(context) if filter_string == "": return None permissions.setFilter("roleid", filter_string) else: # получаем разрешения из таблицы customPermissions permissions = customPermsCursor(context) rolePermissions = rolesCustomPermsCursor(context) rolePermissions.setFilter("roleid", filter_string) filter_string = "" if rolePermissions.tryFindSet(): filter_string = "'" + rolePermissions.permissionId + "'" while True: if rolePermissions.nextInSet(): filter_string += "|'" + rolePermissions.permissionId + "'" else: break if filter_string != "": permissions.setFilter("name", filter_string) else: return None return permissions
def cardDataSave(context, main=None, add=None, filterinfo=None, session=None, elementId=None, xformsdata=None): u'''Функция сохранения карточки редактирования содержимого справочника разрешений. ''' permissions = PermissionsCursor(context) content = json.loads(xformsdata)["schema"] # for field in permissions.meta().getColumns(): # permissions.__setattr__(field, content[field]) permissions.roleid = content["roleid"] permissions.grainid = content["grainid"] permissions.tablename = content["tablename"] permissions.r = content["r"] == "true" permissions.i = content["i"] == "true" permissions.m = content["m"] == "true" permissions.d = content["d"] == "true" if add == 'add' and permissions.canInsert() and permissions.canModify(): if not permissions.tryInsert(): permissionsOld = PermissionsCursor(context) permissionsOld.get(content["roleid"], content["grainid"], content["tablename"]) permissionsOld.r = content["r"] == "true" permissionsOld.i = content["i"] == "true" permissionsOld.m = content["m"] == "true" permissionsOld.d = content["d"] == "true" permissionsOld.update() elif add == 'add' and permissions.canInsert(): permissions.insert() elif add == 'edit' and permissions.canModify(): permissionsOld = PermissionsCursor(context) currIdEncoded = json.loads(session)['sessioncontext']['related'][ 'gridContext']['currentRecordId'] currId = json.loads(base64.b64decode(currIdEncoded)) permissionsOld.get(*currId) if permissionsOld.roleid==permissions.roleid and \ permissionsOld.grainid==permissions.grainid and \ permissionsOld.tablename==permissions.tablename: permissions.recversion = permissionsOld.recversion permissions.update() elif permissions.canInsert(): permissions.insert() permissionsOld.delete() else: raise CelestaException(u"Недостаточно прав для данной операции!") else: raise CelestaException(u"Недостаточно прав для данной операции!")
def cardData(context, main=None, add=None, filterinfo=None, session=None, elementId=None): u'''Функция данных для карточки редактирования содержимого таблицы разрешения. ''' permissions = PermissionsCursor(context) if add == 'add': formData = json.loads(session)['sessioncontext']['related'][ "xformsContext"]["formData"]["schema"] xformsdata = { "schema": { "roleid": formData["roleid"], "grainid": formData["grainid"], "tablename": formData["tablename"], "r": "", "i": "", "m": "", "d": "" } } elif add == 'edit': currIdEncoded = json.loads(session)['sessioncontext']['related'][ 'gridContext']['currentRecordId'] currId = json.loads(base64.b64decode(currIdEncoded)) permissions.get(*currId) xformsdata = { "schema": { "roleid": permissions.roleid, "grainid": permissions.grainid, "tablename": permissions.tablename, "r": unicode(permissions.r).lower(), "i": unicode(permissions.i).lower(), "m": unicode(permissions.m).lower(), "d": unicode(permissions.d).lower() } } # print xformsdata xformssettings = { "properties": { "event": { "@name": "single_click", "@linkId": "1", "action": { "#sorted": [{ "main_context": "current" }, { "datapanel": { "@type": "current", "@tab": "current", "element": { "@id": "permGrid", "add_context": "" } } }] } } } } return JythonDTO(XMLJSONConverter.jsonToXml(json.dumps(xformsdata)), XMLJSONConverter.jsonToXml(json.dumps(xformssettings)))
def gridSaveRecord(context=None, main=None, add=None, session=None, filterinfo=None, elementId=None, saveData=None): saveData = json.loads(saveData)["savedata"]["data"] permissions = PermissionsCursor(context) roleId = saveData["col1"] grainId = saveData["col2"] tableName = saveData["col3"] r = True if saveData["col4"] else False i = True if saveData["col5"] else False m = True if saveData["col6"] else False d = True if saveData["col7"] else False restrictError = u"Недостаточно прав для данной операции!" if permissions.tryGet(roleId, grainId, tableName): if r or i or m or d: permissions.r = r permissions.i = i permissions.m = m permissions.d = d if permissions.canModify(): permissions.update() else: context.error(restrictError) else: if permissions.canDelete(): permissions.delete() else: context.error(restrictError) else: if r or i or m or d: permissions.roleid = roleId permissions.grainid = grainId permissions.tablename = tableName permissions.r = r permissions.i = i permissions.m = m permissions.d = d if permissions.canInsert(): permissions.insert() else: context.error(restrictError) res = GridSaveResult() res.setRefreshAfterSave(0) return res
def permissionsUpload(context, main=None, add=None, filterinfo=None, session=None, elementId=None, data=None, fileName=None, file=None): perms = PermissionsCursor(context) tableUpload(perms, file) return context.message(u"Данные успешно загружены в таблицу")
def permissionsDownload(context, main=None, add=None, filterinfo=None, session=None, elementId=None, data=None): perms = PermissionsCursor(context) fileName = 'permissions' return tableDownload(perms, fileName)
def rolesReadPermission(rec): context = rec.callContext() permissions = PermissionsCursor(context) tables = { 'celesta': ['userroles', 'permissions', 'roles'], 'security': ['customPerms', 'rolesCustomPerms', 'customPermsTypes'] } for grain in tables.keys(): for table in tables[grain]: if permissions.tryGet(rec.id, grain, table): permissions.r = True permissions.update() else: permissions.roleid = rec.id permissions.grainid = grain permissions.tablename = table permissions.r = True permissions.i = False permissions.m = False permissions.d = False permissions.insert()