# Owner & Managers perms = [ "view_resourcebase", "change_dataset_data", "change_dataset_style", "change_resourcebase", "change_resourcebase_permissions", "download_resourcebase" ] sync_geofence_with_guardian(instance, perms, user=_owner) gf_services = _get_gf_services(instance, perms) _, _, _disable_dataset_cache, _, _, _ = get_user_geolimits( instance, _owner, None, gf_services) _disable_cache.append(_disable_dataset_cache) for _group_manager in get_obj_group_managers(_owner): sync_geofence_with_guardian(instance, perms, user=_group_manager) _, _, _disable_dataset_cache, _, _, _ = get_user_geolimits( instance, _group_manager, None, gf_services) _disable_cache.append(_disable_dataset_cache) for user_group in get_user_groups(_owner): if not skip_registered_members_common_group( user_group): sync_geofence_with_guardian(instance, perms, group=user_group) _, _, _disable_dataset_cache, _, _, _ = get_user_geolimits( instance, None, user_group, gf_services)
'AnonymousUser': ['view'], <username>: ['perm1','perm2','perm3'], <username2>: ['perm1','perm2','perm3'] ... } 'groups': [ <groupname>: ['perm1','perm2','perm3'], <groupname2>: ['perm1','perm2','perm3'], ... ] } """ # default permissions for resource owner set_owner_permissions( _resource, members=get_obj_group_managers(_owner)) # Anonymous User group if 'users' in permissions and "AnonymousUser" in permissions[ 'users']: anonymous_group = Group.objects.get( name='anonymous') for perm in permissions['users']['AnonymousUser']: if _resource.polymorphic_ctype.name == 'dataset' and perm in ( 'change_dataset_data', 'change_dataset_style', 'add_dataset', 'change_dataset', 'delete_dataset', ): assign_perm(perm, anonymous_group,
'add_dataset', 'change_dataset', 'delete_dataset',): assign_perm(perm, _user, _resource.dataset) else: assign_perm(perm, _user, _resource.get_self_resource()) else: # default permissions for anonymous users anonymous_group, created = Group.objects.get_or_create(name='anonymous') # default permissions for owner _owner = owner or _resource.owner if not anonymous_group: raise Exception("Could not acquire 'anonymous' Group.") # default permissions for resource owner set_owner_permissions(_resource, members=get_obj_group_managers(_owner)) # Anonymous anonymous_can_view = settings.DEFAULT_ANONYMOUS_VIEW_PERMISSION if anonymous_can_view: assign_perm('view_resourcebase', anonymous_group, _resource.get_self_resource()) else: for user_group in get_user_groups(_owner): if not skip_registered_members_common_group(user_group): assign_perm('view_resourcebase', user_group, _resource.get_self_resource()) anonymous_can_download = settings.DEFAULT_ANONYMOUS_DOWNLOAD_PERMISSION if anonymous_can_download: assign_perm('download_resourcebase',