예제 #1
0
def _handle_propagation_rel(relationship_ids, new_acl_ids):
    """Handle propagation for relationship object."""
    src_select = _rel_parent(parent_acl_ids=new_acl_ids,
                             relationship_ids=relationship_ids,
                             source=True)
    dst_select = _rel_parent(parent_acl_ids=new_acl_ids,
                             relationship_ids=relationship_ids,
                             source=False)
    select_statement = sa.union(src_select, dst_select)
    acl_utils.insert_select_acls(select_statement)
예제 #2
0
def _propagate_to_wf_children(new_wf_acls, child_class):
  """Propagate newly added roles to workflow objects.

  Args:
    wf_new_acl: list of all newly created acl entries for workflows

  Returns:
    list of newly created acl entries for task groups.
  """

  child_table = child_class.__table__
  acl_table = all_models.AccessControlList.__table__
  acr_table = all_models.AccessControlRole.__table__.alias("parent_acr")
  acr_mapped_table = all_models.AccessControlRole.__table__.alias("mapped")

  current_user_id = login.get_current_user_id()

  select_statement = sa.select([
      acl_table.c.person_id,
      acr_mapped_table.c.id,
      child_table.c.id,
      sa.literal(child_class.__name__),
      sa.func.now(),
      sa.literal(current_user_id),
      sa.func.now(),
      acl_table.c.id.label("parent_id"),
      acl_table.c.id.label("parent_id_nn"),
  ]).select_from(
      sa.join(
          sa.join(
              sa.join(
                  child_table,
                  acl_table,
                  sa.and_(
                      acl_table.c.object_id == child_table.c.workflow_id,
                      acl_table.c.object_type == all_models.Workflow.__name__,
                  )
              ),
              acr_table,
          ),
          acr_mapped_table,
          acr_mapped_table.c.name == sa.func.concat(
              acr_table.c.name, " Mapped")
      )
  ).where(
      acl_table.c.id.in_(new_wf_acls)
  )

  acl_utils.insert_select_acls(select_statement)

  return _get_child_ids(new_wf_acls, child_class)
예제 #3
0
def _handle_propagation_rel(relationship_ids, new_acl_ids):
  """Handle propagation for relationship object."""
  src_select = _rel_parent(
      parent_acl_ids=new_acl_ids,
      relationship_ids=relationship_ids,
      source=True
  )
  dst_select = _rel_parent(
      parent_acl_ids=new_acl_ids,
      relationship_ids=relationship_ids,
      source=False
  )
  select_statement = sa.union(src_select, dst_select)
  acl_utils.insert_select_acls(select_statement)
예제 #4
0
def _propagate_to_children(new_tg_acls, child_class, id_name, parent_class):
  """Propagate new acls to objects related to task groups

  Args:
    new_tg_acls: list of ids of newly created acl entries for task groups

  Returns:
    list of ids for newy created task group task or task group object entries.
  """

  child_table = child_class.__table__
  acl_table = all_models.AccessControlList.__table__

  current_user_id = login.get_current_user_id()

  parent_id_filed = getattr(child_table.c, id_name)

  select_statement = sa.select([
      acl_table.c.person_id,
      acl_table.c.ac_role_id,
      child_table.c.id,
      sa.literal(child_class.__name__),
      sa.func.now(),
      sa.literal(current_user_id),
      sa.func.now(),
      acl_table.c.id.label("parent_id"),
      acl_table.c.id.label("parent_id_nn"),
  ]).select_from(
      sa.join(
          child_table,
          acl_table,
          sa.and_(
              acl_table.c.object_id == parent_id_filed,
              acl_table.c.object_type == parent_class.__name__,
          )
      )
  ).where(
      acl_table.c.id.in_(new_tg_acls),
  )

  acl_utils.insert_select_acls(select_statement)

  return _get_child_ids(new_tg_acls, child_class)
예제 #5
0
def _handle_propagation_children(new_parent_ids, user_id):
    """Propagate ACL records from relationships to child objects."""
    src_select = _rel_child(new_parent_ids, source=True, user_id=user_id)
    dst_select = _rel_child(new_parent_ids, source=False, user_id=user_id)
    select_statement = sa.union(src_select, dst_select)
    acl_utils.insert_select_acls(select_statement)
예제 #6
0
def _handle_propagation_parents(parent_acl_ids, user_id):
    """Propagate ACL records from parent objects to relationships."""
    src_select = _rel_parent(parent_acl_ids, source=True, user_id=user_id)
    dst_select = _rel_parent(parent_acl_ids, source=False, user_id=user_id)
    select_statement = sa.union(src_select, dst_select)
    acl_utils.insert_select_acls(select_statement)
예제 #7
0
def _handle_propagation_children(new_parent_ids):
  """Propagate ACL records from relationships to child objects."""
  src_select = _rel_child(new_parent_ids, source=True)
  dst_select = _rel_child(new_parent_ids, source=False)
  select_statement = sa.union(src_select, dst_select)
  acl_utils.insert_select_acls(select_statement)
예제 #8
0
def _handle_propagation_parents(parent_acl_ids):
  """Propagate ACL records from parent objects to relationships."""
  src_select = _rel_parent(parent_acl_ids, source=True)
  dst_select = _rel_parent(parent_acl_ids, source=False)
  select_statement = sa.union(src_select, dst_select)
  acl_utils.insert_select_acls(select_statement)
예제 #9
0
def _insert_select_acls(select_statement):
    """Run insert from select with default acl inserter."""
    inserter = all_models.AccessControlList.__table__.insert()
    acl_utils.insert_select_acls(inserter, select_statement)
예제 #10
0
def _insert_select_acls(select_statement):
    """Run insert from select with ignore acl inserter."""
    acl_table = all_models.AccessControlList.__table__
    inserter = acl_table.insert().prefix_with("IGNORE")
    acl_utils.insert_select_acls(inserter, select_statement)