예제 #1
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def delete_roleoperations(role_id=None, operation_key=None, modifier_id=None):
    query = RoleOperation.all()
    if role_id is not None:
        query.filter("role_id =", role_id)
    if operation_key is not None:
        query.filter("operation_key =", operation_key)
    query.delete(modifier_id)
예제 #2
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def has_permission(user_id, operation_key, oqlparams=None):
    b = False
    cachekey = '%d:%s:%r' % (user_id, operation_key, oqlparams)
    perm = cache.get(CACHESPACE_PERMISSION, cachekey)
    if perm != None:
        return perm
    
    query = stdModel.all()
    query.model(UserRole.get_modelname(), "a")
    query.model(Role.get_modelname(), "b", join="inner", on="a.role_id=b.uid")
    query.model(RoleOperation.get_modelname(), "c", join="inner", on="c.role_id=b.uid")
    query.model(Operation.get_modelname(), "d", join="inner", on="c.operation_key=d.operation_key")
    query.what("a.user_id", alias="user_id")
    query.what("b.uid", alias="role_id")
    query.what("d.operation_key", alias="operation_key")
    query.what("d.handler_classes", alias="handler_classes")
    query.what("d.resource_oql", alias="resource_oql")
    query.what("a.user_id", alias="user_id")
    
    query.filter("a.user_id =", user_id)
    if operation_key is not None:
        query.filter("d.operation_key =", operation_key)
    std = query.get()
    
    if std != None:
        if std.resource_oql != None:
            operation = get_operation(operation_key=operation_key)
            params = operation.get_resource_oql_paramnames()
            if len(params) != len(oqlparams):
                raise UnauthorizedError()
            query = stdModel.all()
            if oqlparams != None and len(oqlparams) > 0 :
                query = query.sql(std.resource_oql, sql_vars=oqlparams)
            else:
                query = query.sql(std.resource_oql)
            if query.count() > 0:
                b = True
        else:
            b = True
    cache.put(CACHESPACE_PERMISSION, cachekey, b)
    return b
예제 #3
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def copy_roleoperations(role_id_from, role_id_to, modifier_id):
    query = RoleOperation.all()
    query.filter("role_id =", int(role_id_from))
    roleoperations = query.fetch()
    for ro in roleoperations:
        create_roleoperation(ro.role_id, ro.operation_key, modifier_id)
예제 #4
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def create_roleoperation(role_id, operation_key, modifier_id):
    roleoperation = RoleOperation(role_id=role_id, operation_key=operation_key)
    roleoperation.create(modifier_id)
    return roleoperation
예제 #5
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def fetch_roles(operation_key):
    query = Role.all("a")
    query.model(RoleOperation.get_modelname(), "b", join="inner", on="a.role_id = b.role_id")
    query.filter("b.operation_key =", operation_key)
    return query.fetch()
예제 #6
0
파일: user.py 프로젝트: samuelbaizg/ssguan
def fetch_operations(role_id):
    query = Operation.all("a")
    query.model(RoleOperation.get_modelname(), "b", join="inner", on="a.operation_key = b.operation_key")
    query.filter("b.role_id =", role_id)
    return query.fetch()