def create(self, validated_data):
slug = validated_data['name'].lower().replace('-','_').strip()
slug = slug.replace(' ','_')
new_permission = Permission(name=validated_data['name'],slug = slug)
new_permission.save()
# add permission
return new_permission
def register():
data = valid_register(request.get_json())
if data['status']:
data = data['data']
if data['password'] != data['repassword']:
return jsonify({'status': 400, 'msg': 'Password Not Match'}), 400
if User.query.filter(User.email == data['email']).first():
return jsonify({'status': 403, 'msg': 'Email Already Used'}), 403
otp_list = OtpList.query.filter(OtpList.authid == data['authid']).all()
if not otp_list:
return jsonify({'status': 403, 'msg': 'Invalid AuthID'}), 403
user = User()
user.name = data['name']
user.email = data['email']
user.password = crypt.generate_password_hash(data['password'])
db.session.add(user)
db.session.commit()
for each_otp in otp_list:
permission = Permission()
permission.user_id = user.id
permission.otp_id = each_otp.id
db.session.add(permission)
db.session.commit()
return jsonify({'status': 'ok'}), 200
else:
return jsonify({'status': 400, 'msg': data['msg']}), 400
def create_permission(name, desc):
permission = Permission.from_name(db.session, name)
if not permission:
permission = Permission(name=name, description=desc)
else:
permission.description = desc
db.session.add(permission)
return permission
def _add_permission(self, name):
"""
Adds a permission to the backend
param name:
name of the permission to add: 'can_add','can_edit' etc...
"""
perm = self.session.query(Permission).filter_by(name = name).first()
if perm == None:
perm = Permission()
perm.name = name
self.session.add(perm)
self.session.commit()
return perm
return perm
def set_session_user(self, dj):
"""Takes a Dj model, and stores values into the session"""
djkey = dj.key
permissions = {
'djs': Permission.DJ_EDIT,
'programs': Permission.PROGRAM_EDIT,
'albums': Permission.ALBUM_EDIT,
'permissions': Permission.PERMISSION_EDIT,
'genres': Permission.GENRE_EDIT,
'blogs': Permission.BLOG_EDIT,
'events': Permission.EVENT_EDIT,}
permissions = dict((key,
Permission.get_by_title(perm).has_dj(djkey)) for
(key, perm) in permissions.iteritems())
if not reduce(lambda x,y: x or y, permissions.values()):
permissions = None
self.session['dj'] = {
'key' : dj.key.urlsafe(),
'fullname' : dj.fullname,
'lowername' : dj.lowername,
'username': dj.username,
'email' : dj.email,
'permissions' : permissions,
}
def add_device():
try:
token = request.headers["token"] # TODO: Wrapper bat?
user = db.get_user_by_token(token)
if user == None:
return jsonify({"error": "Gakoa ez da zuzena"}), 200
data = request.get_json(silent=True) # device auth
device = db.get_device_by_code(data["code"])
if device == None:
return jsonify({"error": "Kodea ez da baliozkoa"}), 400
if db.device_has_owner(device.id):
return jsonify({"error": "Kodea ez da baliozkoa"}), 400
if db.add(Permission(user.id, device.id, Permission.OWNER)) == False:
return jsonify({"error": "Errorea datubasean"}), 500
logger.info("Device bati jabea jarri zaio. Auth:" + device.auth +
" UserId:" + str(user.id) + " addr:" +
str(request.remote_addr))
return jsonify({"success": "true"}), 200
except Exception as e:
logger.error("Errorea 'add_device' : " + str(e) + " " +
str(request.remote_addr))
abort(500)
def _save_policy_line(self, ptype, rule):
with self.app.app_context():
line = Permission(ptype=ptype)
for i, v in enumerate(rule):
setattr(line, 'v{}'.format(i), v)
db.session.add(line)
db.session.commit()
def api_key_create():
content = request.get_json(force=True)
if content is None:
return bad_request(web_utils.INVALID_JSON)
params, err_response = get_json_params(
content, ["email", "password", "device_name"])
if err_response:
return err_response
email, password, device_name = params
if not email:
return bad_request(web_utils.INVALID_EMAIL)
email = email.lower()
user = User.from_email(db.session, email)
if not user:
time.sleep(5)
return bad_request(web_utils.AUTH_FAILED)
if not flask_security.verify_password(password, user.password):
time.sleep(5)
return bad_request(web_utils.AUTH_FAILED)
api_key = ApiKey(user, device_name)
for name in Permission.PERMS_ALL:
perm = Permission.from_name(db.session, name)
api_key.permissions.append(perm)
db.session.add(api_key)
db.session.commit()
return jsonify(
dict(token=api_key.token,
secret=api_key.secret,
device_name=api_key.device_name,
expiry=api_key.expiry))
def api_key_confirm(token=None, secret=None):
req = ApiKeyRequest.from_token(db.session, token)
if not req:
time.sleep(5)
flash('Email login request not found.', 'danger')
return redirect('/')
if req.secret != secret:
flash('Email login code invalid.', 'danger')
return redirect('/')
now = datetime.datetime.now()
if now > req.expiry:
time.sleep(5)
flash('Email login request expired.', 'danger')
return redirect('/')
if request.method == 'POST':
confirm = request.form.get('confirm') == 'true'
if not confirm:
db.session.delete(req)
db.session.commit()
flash('Email login cancelled.', 'success')
return redirect('/')
perms = request.form.getlist('perms')
api_key = ApiKey(req.user, req.device_name)
for name in perms:
perm = Permission.from_name(db.session, name)
api_key.permissions.append(perm)
req.created_api_key = api_key
db.session.add(req)
db.session.add(api_key)
db.session.commit()
flash('Email login confirmed.', 'success')
return redirect('/')
return render_template('paydb/api_key_confirm.html',
req=req,
perms=Permission.PERMS_ALL)
def regist():
if request.method == 'GET':
return render_template('regist.html')
else:
telephone = request.form.get('telephone')
username = request.form.get('username')
password1 = request.form.get('password1')
password2 = request.form.get('password2')
# 手机号码验证,如果被注册了,就不能再注册了
user = User.query.filter(User.telephone == telephone).first()
if user:
return u'该手机号码已被注册,请更换手机号码!'
else:
# password1要和password2相等才可以
if password1 != password2:
return u'两次密码不相等,请核对后再填写!'
else:
user = User(telephone=telephone, username=username, password=password1)
db.session.add(user)
db.session.commit()
user = User.query.filter(User.telephone == telephone).first()
user_id = user.id
permission = Permission(author_id=user_id, permission='common')
db.session.add(permission)
db.session.commit()
# 如果注册成功,就让页面跳转到登录的页面
return redirect(url_for('login'))
def _add_permission(self, name):
"""
Adds a permission to the backend, model permission
:param name:
name of the permission to add: 'can_add','can_edit' etc...
"""
perm = self.session.query(Permission).filter_by(name=name).first()
if perm is None:
try:
perm = Permission()
perm.name = name
self.session.add(perm)
self.session.commit()
return perm
except Exception as e:
log.error("Add Permission: {0}".format(str(e)))
self.session.rollback()
return perm
def add_row_perm(self, instance, perm):
if self.has_row_perm(instance, perm):
return False
permission = Permission()
permission.content_object = instance
permission.group = self
permission.name = perm
permission.save()
return True
def post(self, *args, **kwargs):
''' Approves users '''
try:
user_name = self.get_argument("username")
except:
self.render("admin/error.html", errors=["User does not exist"])
user = User.by_user_name(user_name)
permission = Permission(permission_name='admin', user_id=user.id)
self.dbsession.add(permission)
self.dbsession.add(user)
self.dbsession.flush()
self.render("admin/approved_user.html", user=user)
def commit_permission(id, idea_session_id):
"""Save newly created permission to db
:param int id: id for user who receives permission
:param int idea_session_id: id for associated session
"""
new_permission = Permission(
granted_id = id,
idea_session_id = idea_session_id
)
db.session.add(new_permission)
db.session.commit()
return new_permission
def add_row_perm(self, instance, perm):
from models import Permission
if self.has_row_perm(instance, perm, True):
return False
permission = Permission()
permission.content_object = instance
permission.user = self
permission.name = perm
permission.save()
return True
def to_internal_value(self, data):
name = data.get('name')
if not name or '':
raise exceptions.ValidationError({"name_errors": [
"name is a required field and cannot be empty"]})
# validation for slug
slug = name.lower().replace('-','_')
slug = slug.replace(' ','_')
exists, obj = Permission.slug_exists(slug)
if exists:
raise exceptions.ValidationError({"slug_errors": [
' %s Already exists'%slug]})
return {
'name': data['name']
}
def add_row_perm(self, instance, perm):
from models import Permission
if self.has_row_perm(instance, perm, True):
return False
permission = Permission()
permission.content_object = instance
permission.user = self
permission.name = perm
permission.save()
return True
def generate_admins(admin_names):
""" Creates admin users with the syntax '<handle> <email> <password>' """
from models import User, Permission, dbsession
from models.User import ADMIN_PERMISSION
for i in range(0, len(admin_names)):
admin_detail = admin_names[i].split()
user = User(handle=admin_detail[0],
name=admin_detail[0],
email=admin_detail[1],
password=admin_detail[2])
dbsession.add(user)
dbsession.flush()
admin_permission = Permission(name=ADMIN_PERMISSION, user_id=user.id)
dbsession.add(admin_permission)
dbsession.flush()
dbsession.commit()
def add_note(session, user_id, note_title):
print('new note: ', user_id, note_title)
if not session.query(
Note.title).filter(Note.title == note_title).first():
new_note = Note(
title=note_title,
last_edit_user=user_id,
)
session.add(new_note)
session.flush()
new_permission = Permission(user=user_id,
note=new_note.id,
permission_type=Permission.PT.owner)
session.add(new_permission)
session.commit()
return True
else:
return False
def do_strip(self, username):
"""
Strip a user of all permissions
Usage: strip <handle>
"""
user = User.by_handle(username)
if user is None:
print (WARN + "'%s' user not found in database." % username)
else:
username = user.handle
permissions = Permission.by_user_id(user.id)
if len(permissions) == 0:
print (WARN + "%s has no permissions." % user.handle)
else:
for perm in permissions:
print (INFO + "Removing permission: " + perm.permission_name)
dbsession.delete(perm)
dbsession.flush()
print (INFO + "Successfully removed %s's permissions." % user.handle)
def do_grant(self, username):
'''
Add user permissions
Usage: grant <handle>
'''
user = User.by_handle(username)
if user is None:
print(WARN + str("%s user not found in database." % username))
else:
name = raw_input(PROMPT + "Add permission: ")
permission = Permission(
permission_name=unicode(name),
user_id=user.id
)
dbsession.add(permission)
dbsession.add(user)
dbsession.flush()
print(INFO + str("Successfully granted %s permissions to %s." %
(name, user.name,)))
def do_delete(self, username):
"""
Delete a user from the database
Usage: delete <handle>
"""
user = User.by_handle(username)
if user is None:
print (WARN + "'%s' user not found in database." % username)
else:
username = user.handle
print (WARN + str("Are you sure you want to delete %s?" % username))
if raw_input(PROMPT + "Delete [y/n]: ").lower() == "y":
permissions = Permission.by_user_id(user.id)
for perm in permissions:
print (INFO + "Removing permission: " + perm.permission_name)
dbsession.delete(perm)
dbsession.flush()
dbsession.delete(user)
dbsession.flush()
print (INFO + "Successfully deleted %s from database." % username)
def do_strip(self, username):
'''
Strip a user of all permissions
Usage: strip <handle>
'''
user = User.by_handle(username)
if user is None:
print(WARN + str("%s user not found in database." % username))
else:
username = user.handle
permissions = Permission.by_user_id(user.id)
if len(permissions) == 0:
print(WARN + str("%s has no permissions." % user.handle))
else:
for perm in permissions:
print(INFO + "Removing permission: " +
perm.permission_name)
dbsession.delete(perm)
dbsession.flush()
print(INFO +
"Successfully removed %s's permissions." % user.handle)
def do_strip(self, username):
'''
Strip a user of all permissions
Usage: strip <user name>
'''
user = User.by_user_name(username)
if user == None:
print(WARN + str("%s user not found in database." % username))
else:
username = user.user_name
permissions = Permission.by_user_id(user.id)
if len(permissions) == 0:
print(WARN + str("%s has no permissions." % user.user_name))
else:
for perm in permissions:
print(
INFO + "Removing permission: " + perm.permission_name)
dbsession.delete(perm)
dbsession.flush()
print(INFO +
"Successfully removed %s's permissions." % user.user_name)
def do_delete(self, username):
'''
Delete a user from the database
Usage: delete <handle>
'''
user = User.by_handle(username)
if user is None:
print(WARN + str("%s user not found in database." % username))
else:
username = user.handle
print(WARN + str("Are you sure you want to delete %s?" % username))
if raw_input(PROMPT + "Delete [y/n]: ").lower() == 'y':
permissions = Permission.by_user_id(user.id)
for perm in permissions:
print(INFO + "Removing permission: " +
perm.permission_name)
dbsession.delete(perm)
dbsession.flush()
dbsession.delete(user)
dbsession.flush()
print(INFO +
str("Successfully deleted %s from database." % username))
def add_row_perm(self, instance, perm):
# 20100118 RL
# Bug in this app's code - one can fail to have perms both because you don't nhave them, and
# because your account isn't active. If the latter, we definitely shouldn't be putting duplicate rows in.
# Short of copying/pasting code, the easiest thing to do is to skip the active test - implemented by
# modifying has_row_perm to take another param.
if self.has_row_perm(instance, perm, True, False):
return False
permission = Permission()
permission.content_object = instance
permission.user = self
permission.name = perm
permission.save()
return True
)
dbsession.add(item)
dbsession.flush()
# Game Levels
game_level = GameLevel(
number=0,
buyout=0,
)
dbsession.add(game_level)
dbsession.flush()
# Admin User Account
admin_user = User(handle=u'admin')
admin_user.password = password
dbsession.add(admin_user)
dbsession.flush()
admin_permission = Permission(name=ADMIN_PERMISSION, user_id=admin_user.id)
dbsession.add(admin_permission)
dbsession.flush()
# Display Details
if config.debug:
environ = bold + R + "Developement boot strap" + W
details = ", default admin password is '%s'." % password
else:
environ = bold + "Production boot strap" + W
details = '.'
print INFO + '%s completed successfully%s' % (environ, details)
password1 = getpass.getpass()
sys.stdout.write(PROMPT + "Confirm New Admin ")
sys.stdout.flush()
password2 = getpass.getpass()
if password1 == password2 and 12 <= len(password1):
password = password1
else:
print(WARN +
'Error: Passwords did not match, or were less than 12 chars')
os._exit(1)
### Create admin account
user = User(user_name=unicode(username), approved=True)
dbsession.add(user)
dbsession.flush()
user.password = password
dbsession.add(user)
dbsession.flush()
permission = Permission(permission_name=user.user_name, user_id=user.id)
dbsession.add(permission)
dbsession.flush()
### Print details for user'
if config.debug:
environ = bold + R + "Developement boot strap" + W
details = ", default admin password is '%s'." % password
else:
environ = bold + "Production boot strap" + W
details = '.'
print(INFO + '%s complete successfully%s' % (environ, details))
from models.User import *
from models.Passport import *
from models.Permission import *
from models.Event import *
from models.Vendor import *
from controller.Event import createEvent
import datetime
from datetime import date
from sqlalchemy import event as sqlevent
from sqlalchemy import DDL
if __name__ == '__main__':
db.create_all()
staffPerms = list(
map(lambda n: Permission(name=n),
["canStamp", "canActivate", "canRecharge"]))
participantPerms = list(
map(lambda n: Permission(name=n), ["canSeePassport"]))
allPerms = staffPerms + participantPerms
for permission in allPerms:
db.session.add(permission)
groups = {
"Admin": allPerms,
"Participant": participantPerms,
"Staff": staffPerms,
"Vendor": staffPerms
}
def add_row_perm(self, instance, perm):
if type(instance).__name__ == 'QuerySet':
for object in instance:
if self.has_row_perm(object, perm):
pass
permission = Permission()
permission.content_object = object
permission.user = self
permission.name = perm
permission.save()
else:
if self.has_row_perm(instance, perm):
return False
permission = Permission()
permission.content_object = instance
permission.group = self
permission.name = perm
permission.save()
return True
limitations under the License.
'''
import os
import sys
import getpass
from libs.ConsoleColors import *
from libs.ConfigManager import ConfigManager
from models import dbsession, User, Permission
#Create Admin Account
user = User(user_name=unicode('admin'), approved=True)
dbsession.add(user)
dbsession.flush()
user.password = '******'
dbsession.add(user)
dbsession.flush()
#Create Admin Permission
permission = Permission(permission_name="admin", user_id=user.id)
dbsession.add(permission)
dbsession.flush()
#Create Default User Account
regular = User(user_name=unicode('user'), approved=True)
dbsession.add(regular)
dbsession.flush()
regular.password = '******'
dbsession.add(regular)
dbsession.flush()
def folders_set_permissions(user, folder_id):
if not user.admin:
return error_response("not_admin", "You must be an administrator to "
"edit the permissions on a folder")
schema = {
"type": "object",
"properties": {
"permissions": {
"type": "array",
"items": {
"type": "object",
"properties": {
"user_id": {"type": "integer"},
"read": {"type": "boolean"},
"write": {"type": "boolean"}
},
"required": ["user_id", "read", "write"]
}
}
},
"required": ["permissions"]
}
error = validate_schema(request.json, schema)
if error:
return error
if not Folder.query.filter(Folder.id==folder_id).count():
return error_response("item_not_found", "Folder not found")
for permission in request.json.get("permissions"):
user_id = permission.get("user_id")
u = User.query.get(user_id)
if not u:
return error_response("item_not_found", "User with ID {} not found"
"".format(user_id))
if u.admin:
return error_response("input_validation_fail", "Cannot set "
"permissions for an administrator, administrators already have "
"full access to all folders")
ps = Permission.query.filter(Permission.user_id==user_id).filter(
Permission.folder_id==folder_id).all()
p = ps[0] if ps else Permission()
# If no read or write, do not add permission and delete if exists
if not(permission.get("read") or permission.get("write")):
if ps:
db_session.delete(p)
continue
if permission.get("write") and not permission.get("read"):
return error_response("input_validation_fail", "Users must be able "
"to read a folder if they are to write to it")
p.user_id = user_id
p.folder_id = folder_id
p.read = permission.get("read")
p.write = permission.get("write")
if not ps:
db_session.add(p)
db_session.commit()
return jsonify(success=True)
# needs to be subscribed to be a user
return HttpResponse(str(0), content_type='text/plain')
if not bc.user.subscribed:
# needs to be subscribed to be a maintainer
return HttpResponse(str(0), content_type='text/plain')
try:
# does the permission already exist?
p = Permission.objects.get(user=tc.user, tool=t)
# if so just report success.
return HttpResponse(str(1), content_type='text/plain')
except ObjectDoesNotExist, e:
pass
np = Permission(user=tc.user, permission=1, tool=t, addedby=bc.user)
np.save()
return HttpResponse(str(1), content_type='text/plain')
@check_secret
@check_ip
@csrf_exempt
@require_POST
def settoolstatus(request, tool_id, status, card_id):
try:
t = Tool.objects.get(pk=tool_id)
except ObjectDoesNotExist, e:
return HttpResponse('-1', content_type='text/plain')
try:
number=0,
buyout=0,
)
dbsession.add(game_level)
dbsession.flush()
# Admin User Account
user = User(
account=u'admin',
handle=u'God',
algorithm=u'scrypt',
)
dbsession.add(user)
dbsession.flush()
user.password = password
dbsession.add(user)
dbsession.flush()
permission = Permission(name=u'admin', user_id=user.id)
dbsession.add(permission)
dbsession.flush()
# Display Details
if config.debug:
environ = bold + R + "Developement boot strap" + W
details = ", default admin password is '%s'." % password
else:
environ = bold + "Production boot strap" + W
details = '.'
print INFO + '%s completed successfully%s' % (environ, details)
def public_save(request):
user_id = request.POST.get("user_id", "")
user_name = request.POST.get("user_name", "")
user_real_name = request.POST.get("user_real_name", "")
user_email = request.POST.get("user_email", "")
user_password = request.POST.get("user_password", "")
user_re_password = request.POST.get("user_re_password", "")
user_is_admin = request.POST.get("user_is_admin", 0)
permission_list = request.POST.get("permission_list", "")
if user_is_admin == 1 or user_is_admin == "1":
user_is_admin = True
else:
user_is_admin = False
result = {}
head = {}
if user_name == "":
error_code = 100015
elif user_password == "" or user_re_password == "":
error_code = 100021
elif user_password != user_re_password:
error_code = 100019
elif len(user_password) < 6:
error_code = 100020
else:
new_user_id = ""
if user_id == "":
if User.objects.filter(username=user_name, is_active=1):
error_code = 100017
else:
add_user = User(username=user_name, first_name=user_real_name, is_superuser=user_is_admin, email=user_email)
try:
add_user.set_password(user_password)
add_user.save()
new_user_id = add_user.id
error_code = 0
except Exception as ex:
head["exceptions"] = ex
error_code = 110000
else:
if User.objects.filter(username=user_name, is_active=1).exclude(id=user_id):
error_code = 100017
else:
edit_user = get_object_or_404(User, id=user_id)
try:
edit_user.username = user_name
edit_user.first_name = user_real_name
edit_user.email = user_email
if user_password != edit_user.password:
edit_user.set_password(user_password)
edit_user.is_superuser = user_is_admin
edit_user.save()
new_user_id = user_id
error_code = 0
except Exception as ex:
head["exceptions"] = ex
error_code = 110000
# 保存权限
if new_user_id != "":
permissions = Permission.objects.filter(user_id=new_user_id)
if permissions:
for pers in permissions:
pers.delete()
if permission_list != "":
permission_list = permission_list.encode("utf8")
permission_list = permission_list.split(",")
for permission_id in permission_list:
permission_info = Permission.objects.filter(user_id=new_user_id, project_id=permission_id)
if permission_info:
pass
else:
new_permission = Permission(user_id=new_user_id, project_id=permission_id)
new_permission.save()
head["code"] = error_code
head["message"] = errorinfo.change_to_message(error_code)
result["heads"] = head
return result
def add_row_perm(self, instance, perm):
if type(instance).__name__ == 'QuerySet':
for object in instance:
if self.has_row_perm(object, perm):
pass
permission = Permission()
permission.content_object = object
permission.user = self
permission.name = perm
permission.save()
else:
if self.has_row_perm(instance, perm):
return False
permission = Permission()
permission.content_object = instance
permission.group = self
permission.name = perm
permission.save()
return True
def add_row_perm(self, instance, perm):
"""
Add permission 'perm' to user 'self' for object(s) instance.
instance variable may be an object or a queryset.
"""
if type(instance).__name__ == 'QuerySet':
for object in instance:
if self.has_row_perm(object, perm, True):
pass
permission = Permission()
permission.content_object = object
permission.user = self
permission.name = perm
permission.save()
else:
if self.has_row_perm(instance, perm, True):
return False
permission = Permission()
permission.content_object = instance
permission.user = self
permission.name = perm
permission.save()
return True
def public_save(request):
user_id = request.POST.get("user_id", "")
user_name = request.POST.get("user_name", "")
user_real_name = request.POST.get("user_real_name", "")
user_email = request.POST.get("user_email", "")
user_password = request.POST.get("user_password", "")
user_re_password = request.POST.get("user_re_password", "")
user_is_admin = request.POST.get("user_is_admin", 0)
permission_list = request.POST.get("permission_list", "")
if user_is_admin == 1 or user_is_admin == "1":
user_is_admin = True
else:
user_is_admin = False
result = {}
head = {}
if user_name == "":
error_code = 100015
elif user_password == "" or user_re_password == "":
error_code = 100021
elif user_password != user_re_password:
error_code = 100019
elif len(user_password) < 6:
error_code = 100020
else:
new_user_id = ""
if user_id == "":
if User.objects.filter(username=user_name, is_active=1):
error_code = 100017
else:
add_user = User(username=user_name,
first_name=user_real_name,
is_superuser=user_is_admin,
email=user_email)
try:
add_user.set_password(user_password)
add_user.save()
new_user_id = add_user.id
error_code = 0
except Exception as ex:
head["exceptions"] = ex
error_code = 110000
else:
if User.objects.filter(username=user_name,
is_active=1).exclude(id=user_id):
error_code = 100017
else:
edit_user = get_object_or_404(User, id=user_id)
try:
edit_user.username = user_name
edit_user.first_name = user_real_name
edit_user.email = user_email
if user_password != edit_user.password:
edit_user.set_password(user_password)
edit_user.is_superuser = user_is_admin
edit_user.save()
new_user_id = user_id
error_code = 0
except Exception as ex:
head["exceptions"] = ex
error_code = 110000
# 保存权限
if new_user_id != "":
permissions = Permission.objects.filter(user_id=new_user_id)
if permissions:
for pers in permissions:
pers.delete()
if permission_list != "":
permission_list = permission_list.encode("utf8")
permission_list = permission_list.split(",")
for permission_id in permission_list:
permission_info = Permission.objects.filter(
user_id=new_user_id, project_id=permission_id)
if permission_info:
pass
else:
new_permission = Permission(user_id=new_user_id,
project_id=permission_id)
new_permission.save()
head["code"] = error_code
head["message"] = errorinfo.change_to_message(error_code)
result["heads"] = head
return result
def can(self, ask):
if self.permissions is None:
self.permissions = Permission.User
return Permission(self.permissions).can(ask)
sys.stdout.write(PROMPT + "Confirm New Admin ")
sys.stdout.flush()
password2 = getpass.getpass()
if password1 == password2 and 12 <= len(password1):
password = password1
else:
print WARN + \
'Error: Passwords did not match, or were less than 12 chars'
os._exit(1)
# Admin User Account
user = User(name='admin', )
dbsession.add(user)
dbsession.flush()
user.password = password
dbsession.add(user)
dbsession.flush()
permission = Permission(name=ADMIN_PERMISSION, user_id=user.id)
dbsession.add(permission)
dbsession.flush()
# Display Details
if config.debug:
environ = bold + R + "Developement boot strap" + W
details = ", default admin password is '%s'." % password
else:
environ = bold + "Production boot strap" + W
details = '.'
print INFO + '%s completed successfully%s' % (environ, details)
def add_row_perm(self, instance, perm):
"""
Add permission 'perm' to user 'self' for object(s) instance.
instance variable may be an object or a queryset.
"""
if type(instance).__name__ == 'QuerySet':
for object in instance:
if self.has_row_perm(object, perm, True):
pass
permission = Permission()
permission.content_object = object
permission.user = self
permission.name = perm
permission.save()
else:
if self.has_row_perm(instance, perm, True):
return False
permission = Permission()
permission.content_object = instance
permission.user = self
permission.name = perm
permission.save()
return True
