コード例 #1
0
    def __init__( self ):
        self._db = self.env.get_db_cnx()

        # wiring factories ( dependency injection pattern )
        self._userFactory = UserFactory( self._db )

        self._componentFactory = ComponentFactory( self._db )
        self._projectFactory = ProjectFactory( self.config )
        self._milestoneFactory = MilestoneFactory( self._db,
                self._componentFactory, self._projectFactory )
        self._ticketFactory = TicketFactory ( self._db, 
                self._componentFactory, self._projectFactory )
コード例 #2
0
class CustomPolicies(Component):
    implements( IPermissionPolicy )

    def __init__( self ):
        self._db = self.env.get_db_cnx()

        # wiring factories ( dependency injection pattern )
        self._userFactory = UserFactory( self._db )

        self._componentFactory = ComponentFactory( self._db )
        self._projectFactory = ProjectFactory( self.config )
        self._milestoneFactory = MilestoneFactory( self._db,
                self._componentFactory, self._projectFactory )
        self._ticketFactory = TicketFactory ( self._db, 
                self._componentFactory, self._projectFactory )


    def check_permission( self, action, username, resource, perm ):
        self.log.info( 'check_permission: %s, %s, %s, %s, )' % ( action, username, resource, perm ))
        self._user = self._userFactory.getByUsername( username )
        #self.log.info( 'user: %s %s' % ( username, user._permissions ))
        args = [ action, username, resource, perm ]
        if action == 'TICKET_VIEW':
            return self._check_ticket_permission( *args )
        if action == 'MILESTONE_VIEW':
            return self._check_milestone_permission( *args )
        if action == 'COMPONENT_VIEW':
            return self._check_component_permission( *args )
        if action == 'PROJECT_VIEW':
            return self._check_project_permission( *args )
        return None
    
    def _check_ticket_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Ticket id: %s' % resource.id )
        ticket = self._ticketFactory.getById( resource.id )
        access = ticket.canBeAccessedBy( self._user )
        self.log.debug( 'component: %s, access: %s' % ( ticket._component, ticket._component and ticket._component.canBeAccessedBy( self._user )))
        self.log.debug( 'project: %s, access: %s' % ( ticket._project, ticket._project and ticket._project.canBeAccessedBy( self._user )))
        self.log.debug( 'Ticket can be accessed: %s' % access )
        return access

    def _check_milestone_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Milestone realm: %s' % resource.realm )
        self.log.debug( 'Milestone id: %s' % resource.id )
        milestone = self._milestoneFactory.getByName( resource.id )
        result = milestone.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result

    def _check_component_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Component realm: %s' % resource.realm )
        self.log.debug( 'Component id: %s' % resource.id )
        component = self._componentFactory.getByName( resource.realm )
        result = component.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result

    def _check_project_permission( self, action, username, resource, perm ):
        if not resource:
            return None
        self.log.debug( 'Project realm: %s' % resource.realm )
        self.log.debug( 'Project id: %s' % resource.id )
        project = self._projectFactory.getByName( resource.realm )
        result = project.canBeAccessedBy( self._user )
        self.log.debug( 'Access: %s' % result )
        return result