예제 #1
0
def to_profile_active(ob, extra_acl=None, override_default_acl=False):
    from opencore.utils import find_users
    from opencore.views.communities import get_community_groups
    acl  = []
    if not override_default_acl:
        acl.append((Allow, ob.creator,
                    MEMBER_PERMS + ('view_only',)))
        acl.append((Allow, 'group.KarlUserAdmin',
                    ADMINISTRATOR_PERMS + ('view_only',)))
        acl.append((Allow, 'group.KarlAdmin',
                    ADMINISTRATOR_PERMS + ('view_only',)))
        acl.append((Allow, 'group.KarlStaff',
                    GUEST_PERMS + ('view_only',)))
        acl.append((Allow, 'group.API',
                    API_PERMS))

    if extra_acl:
        acl = acl + extra_acl

    # not auth'd users can view all content
    acl.append((Allow, Everyone, ('view_only',)))

    users = find_users(ob)
    user = users.get_by_id(ob.creator)
    if user is not None:
        groups = user['groups']
        for group, role in get_community_groups(groups):
            c_group = 'group.community:%s:%s' % (group, role)
            acl.append((Allow, c_group, GUEST_PERMS + ('view_only',)))
    acl.append((Allow, 'system.Authenticated', GUEST_PERMS + ('view_only',)))
    acl.append(NO_INHERIT)
    added, removed = acl_diff(ob, acl)
    if added or removed:
        ob.__acl__ = acl
        log.info('profile (%s) to-active, added: %s, removed: %s' % (model_path(ob), added, removed))
    if ob.security_state == 'inactive':
        ob.security_state = 'active'
        log.info('profile (%s) security_state changed to %s' % (model_path(ob), ob.security_state))
예제 #2
0
 def _callFUT(self, principals):
     from opencore.views.communities import get_community_groups
     return get_community_groups(principals)