def move_to(self, target_id, trans):
"""
Moves the item to the designated target.
@param target_id: The ID of the destination container
@type target_id: str
@param trans: A valid transaction handle
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
user = currentThread().context.user
user_role = permsresolver.get_access(self, user)
can_move = (user_role > permsresolver.AUTHOR)
## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id)
parent_id = self._parentid
target = _db.get_item(target_id, trans)
if target == None or target._isDeleted:
raise exceptions.ObjectNotFound, (
'The target container "%s" does not exist.' %
target_id , False)
if isinstance(self, Shortcut):
contentclass = self.get_target_contentclass(trans)
else:
contentclass = self.get_contentclass()
user_role2 = permsresolver.get_access(target, user)
if self.isCollection and target.is_contained_in(self._id, trans):
raise exceptions.ContainmentError, \
'Cannot move item to destination.\n' + \
'The destination is contained in the source.'
if (not(self._isSystem) and can_move and
user_role2 > permsresolver.READER):
if not(contentclass in target.containment):
raise exceptions.ContainmentError, \
'The target container does not accept ' + \
'objects of type\n"%s".' % contentclass
self._parentid = target._id
self.inheritRoles = False
self.modified = time.time()
_db.check_unique(self, None, trans)
_db.put_item(self, trans)
# update target
target.modified = time.time()
_db.put_item(target, trans)
# update parent
parent = _db.get_item(parent_id, trans)
parent.modified = time.time()
_db.put_item(parent, trans)
else:
raise exceptions.PermissionDenied, \
'The object was not moved.\n' + \
'The user has insufficient permissions.'
def move_to(self, target):
"""
Moves the item to the designated target.
@param target: The id of the target container or the container object
itself
@type target: str OR L{Container}
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
user = context.user
user_role = permsresolver.get_access(self, user)
can_move = user_role > permsresolver.AUTHOR
## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id)
parent_id = self._pid
if isinstance(target, (str, bytes)):
target = db._db.get_item(target)
if target is None or target._isDeleted:
raise exceptions.ObjectNotFound("The target container does not exist.")
contentclass = self.get_contentclass()
user_role2 = permsresolver.get_access(target, user)
if self.isCollection and target.is_contained_in(self._id):
raise exceptions.ContainmentError(
"Cannot move item to destination.\n" "The destination is contained in the source."
)
if not (self._isSystem) and can_move and user_role2 > permsresolver.READER:
if contentclass not in target.containment:
raise exceptions.ContainmentError(
"The target container does not accept " 'objects of type\n"%s".' % contentclass
)
db._db.delete_item(self)
self._pid = target._id
self.inheritRoles = False
self.modified = time.time()
db._db.put_item(self)
# update target
if self.isCollection:
target._nc += 1
else:
target._ni += 1
target.modified = time.time()
db._db.put_item(target)
# update parent
parent = db._db.get_item(parent_id)
parent.modified = time.time()
db._db.put_item(parent)
else:
raise exceptions.PermissionDenied("The object was not moved.\n" "The user has insufficient permissions.")
def properties(self):
"Displays a generic edit form based on the object's schema"
sLang = context.request.get_lang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = iUserRole == permsresolver.READER
admin = iUserRole == permsresolver.COORDINATOR
modified = date.Date(self.modified)
params = {
"URI": self.id,
"ICON": self.__image__,
"TITLE": xml.xml_encode(self.displayName.value),
"MODIFIED": modified.format(DATES_FORMAT, sLang),
"MODIFIED_BY": xml.xml_encode(self.modifiedBy),
"CONTENTCLASS": self.contentclass,
"PROPERTIES": [],
"EXTRA_TABS": [],
"ADMIN": admin,
"ROLES_INHERITED": str(self.inheritRoles).lower(),
"ACTION_DISABLED": str(readonly).lower(),
"METHOD": "update",
}
# inspect item properties
for attr_name in self.__props__:
attr = getattr(self, attr_name)
if isinstance(attr, datatypes.DataType):
control, tab = _getControlFromAttribute(self, attr_name, attr, readonly)
params["PROPERTIES"].append(control)
params["EXTRA_TABS"].append(tab)
return params
def update(self, data):
"Updates an object based on values contained inside the data dictionary"
# get user role
iUserRole = permsresolver.get_access(self, context.user)
if "__rolesinherited" in data and iUserRole == permsresolver.COORDINATOR:
self.inheritRoles = data.pop("__rolesinherited")
if not self.inheritRoles:
acl = data.pop("__acl")
if acl:
security = {}
for descriptor in acl:
security[descriptor["id"]] = int(descriptor["role"])
self.security = security
for prop in data:
oAttr = getattr(self, prop)
if isinstance(oAttr, datatypes.File):
# see if the user has uploaded a new file
if data[prop]["tempfile"]:
oAttr.filename = data[prop]["filename"]
sPath = context.server.temp_folder + "/" + data[prop]["tempfile"]
oAttr.load_from_file(sPath)
elif isinstance(oAttr, datatypes.Date):
oAttr.value = data[prop].value
elif isinstance(oAttr, datatypes.Integer):
oAttr.value = int(data[prop])
else:
oAttr.value = data[prop]
self.update()
return True
def getInfo(self):
"Returns info about the container's contents"
sLang = context.request.get_lang()
lstChildren = []
children = self.get_children()
for child in children:
obj = {
'id': child.id,
'cc': child.contentclass,
'image': child.__image__,
'displayName': child.displayName.value,
'isCollection': child.isCollection,
'modified': date.Date(child.modified)}
if hasattr(child, 'size'):
obj['size'] = child.size
lstChildren.append(obj)
containment = []
for contained in self.containment:
image = misc.get_rto_by_name(contained).__image__
if not type(image) == str:
image = ''
localestring = resources.get_resource(contained, sLang)
containment.append([localestring, contained, image])
return {
'displayName': self.displayName.value,
'path': misc.get_full_path(self),
'parentid': self.parentid,
'iscollection': self.isCollection,
'containment': containment,
'user_role': permsresolver.get_access(self, context.user),
'contents': lstChildren}
def new(self):
"Displays a generic form for creating a new object"
sCC = context.request.queryString['cc'][0]
oNewItem = misc.get_rto_by_name(sCC)()
role = permsresolver.get_access(self, context.user)
params = {
'CC': sCC,
'URI': self.id,
'TITLE': '@@CREATE@@ "@@%s@@"' % sCC,
'ICON': oNewItem.__image__,
'PROPERTIES': [],
'EXTRA_TABS': [],
'ADMIN': role == permsresolver.COORDINATOR,
'ROLES_INHERITED': 'true',
'ACTION_DISABLED': 'false',
'METHOD': 'create'}
# inspect item properties
for attr_name in oNewItem.__props__:
attr = getattr(oNewItem, attr_name)
if isinstance(attr, datatypes.DataType):
control, tab = baseitem._getControlFromAttribute(oNewItem,
attr_name,
attr,
False,
True)
params['PROPERTIES'].append(control)
params['EXTRA_TABS'].append(tab)
return params
def update(self, trans):
"""
Updates the item.
@param trans: A valid transaction handle
@return: None
"""
old_item = _db.get_item(self._id, trans)
parent = _db.get_item(self._parentid, trans)
user = currentThread().context.user
user_role = permsresolver.get_access(old_item, user)
if user_role > permsresolver.READER:
# set security
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
if (self.inheritRoles != old_item.inheritRoles) or \
(not self.inheritRoles and \
self.security != old_item.security):
self._applySecurity(parent, trans)
else:
# restore previous ACL
self.security = old_item.security
self.inheritRoles = old_item.inheritRoles
_db.handle_update(self, old_item, trans)
self.modifiedBy = user.displayName.value
self.modified = time.time()
parent.modified = self.modified
_db.put_item(self, trans)
_db.put_item(parent, trans)
else:
raise exceptions.PermissionDenied, \
'The user does not have update permissions.'
def create(self, data):
"Creates a new item"
oNewItem = misc.get_rto_by_name(data.pop('CC'))()
# get user role
iUserRole = permsresolver.get_access(self, context.user)
if '__rolesinherited' in data and iUserRole == permsresolver.COORDINATOR:
oNewItem.inheritRoles = data.pop('__rolesinherited')
if not oNewItem.inheritRoles:
acl = data.pop('__acl')
if acl:
security = {}
for descriptor in acl:
security[descriptor['id']] = int(descriptor['role'])
oNewItem.security = security
# set props
for prop in data:
oAttr = getattr(oNewItem, prop)
if isinstance(oAttr, datatypes.File):
if data[prop]['tempfile']:
oAttr.filename = data[prop]['filename']
sPath = (context.server.temp_folder + '/' +
data[prop]['tempfile'])
oAttr.load_from_file(sPath)
os.remove(sPath)
elif isinstance(oAttr, datatypes.Date):
oAttr.value = data[prop].value
elif isinstance(oAttr, datatypes.Integer):
oAttr.value = int(data[prop])
else:
oAttr.value = data[prop]
oNewItem.append_to(self)
return oNewItem.id
def delete(self, trans):
"""
Deletes the item permanently.
@param trans: A valid transaction handle
@return: None
"""
user = currentThread().context.user
self = _db.get_item(self._id, trans)
user_role = permsresolver.get_access(self, user)
can_delete = (user_role > permsresolver.AUTHOR) or \
(user_role == permsresolver.AUTHOR and self._owner == user._id)
if (not(self._isSystem) and can_delete):
# delete item physically
self._delete(trans)
# update container
parent = _db.get_item(self._parentid, trans)
parent.modified = time.time()
_db.put_item(parent, trans)
else:
raise exceptions.PermissionDenied, \
'The object was not deleted.\n' + \
'The user has insufficient permissions.'
def update(self, data):
"Updates an object based on values contained inside the data dictionary"
# get user role
iUserRole = permsresolver.get_access(self, context.user)
if '__rolesinherited' in data and iUserRole == permsresolver.COORDINATOR:
self.inheritRoles = data.pop('__rolesinherited')
if not self.inheritRoles:
acl = data.pop('__acl')
if acl:
security = {}
for descriptor in acl:
security[descriptor['id']] = int(descriptor['role'])
self.security = security
for prop in data:
oAttr = getattr(self, prop)
if isinstance(oAttr, datatypes.File):
# see if the user has uploaded a new file
if data[prop]['tempfile']:
oAttr.filename = data[prop]['filename']
sPath = (context.server.temp_folder + '/' +
data[prop]['tempfile'])
oAttr.load_from_file(sPath)
elif isinstance(oAttr, datatypes.Date):
oAttr.value = data[prop].value
elif isinstance(oAttr, datatypes.Integer):
oAttr.value = int(data[prop])
else:
oAttr.value = data[prop]
self.update()
return True
def properties(self):
"Displays a generic edit form based on the object's schema"
sLang = context.request.get_lang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = (iUserRole == permsresolver.READER)
admin = (iUserRole == permsresolver.COORDINATOR)
modified = date.Date(self.modified)
params = {
'URI': self.id,
'ICON': self.__image__,
'TITLE': xml.xml_encode(self.displayName.value),
'MODIFIED': modified.format(DATES_FORMAT, sLang),
'MODIFIED_BY': xml.xml_encode(self.modifiedBy),
'CONTENTCLASS': self.contentclass,
'PROPERTIES': [],
'EXTRA_TABS': [],
'ADMIN': admin,
'ROLES_INHERITED': str(self.inheritRoles).lower(),
'ACTION_DISABLED': str(readonly).lower(),
'METHOD': 'update'
}
# inspect item properties
for attr_name in self.__props__:
attr = getattr(self, attr_name)
if isinstance(attr, datatypes.DataType):
control, tab = \
_getControlFromAttribute(self, attr_name, attr, readonly)
params['PROPERTIES'].append(control)
params['EXTRA_TABS'].append(tab)
return params
def create(self, data):
"Creates a new item"
oNewItem = misc.get_rto_by_name(data.pop('CC'))()
# get user role
iUserRole = permsresolver.get_access(self, context.user)
if '__rolesinherited' in data and iUserRole == permsresolver.COORDINATOR:
oNewItem.inheritRoles = data.pop('__rolesinherited')
if not oNewItem.inheritRoles:
acl = data.pop('__acl')
if acl:
security = {}
for descriptor in acl:
security[descriptor['id']] = int(descriptor['role'])
oNewItem.security = security
# set props
for prop in data:
oAttr = getattr(oNewItem, prop)
if isinstance(oAttr, datatypes.File):
if data[prop]['tempfile']:
oAttr.filename = data[prop]['filename']
sPath = (context.server.temp_folder + '/' +
data[prop]['tempfile'])
oAttr.load_from_file(sPath)
os.remove(sPath)
elif isinstance(oAttr, datatypes.Date):
oAttr.value = data[prop].value
elif isinstance(oAttr, datatypes.Integer):
oAttr.value = int(data[prop])
else:
oAttr.value = data[prop]
oNewItem.append_to(self)
return oNewItem.id
def new(self):
"Displays a generic form for creating a new object"
sCC = context.request.queryString['cc'][0]
oNewItem = misc.get_rto_by_name(sCC)()
role = permsresolver.get_access(self, context.user)
params = {
'CC': sCC,
'URI': self.id,
'TITLE': '@@CREATE@@ "@@%s@@"' % sCC,
'ICON': oNewItem.__image__,
'PROPERTIES': [],
'EXTRA_TABS': [],
'ADMIN': role == permsresolver.COORDINATOR,
'ROLES_INHERITED': 'true',
'ACTION_DISABLED': 'false',
'METHOD': 'create'
}
# inspect item properties
for attr_name in oNewItem.__props__:
attr = getattr(oNewItem, attr_name)
if isinstance(attr, datatypes.DataType):
control, tab = baseitem._getControlFromAttribute(
oNewItem, attr_name, attr, False, True)
params['PROPERTIES'].append(control)
params['EXTRA_TABS'].append(tab)
return params
def getInfo(self):
"Returns info about the container's contents"
sLang = context.request.get_lang()
lstChildren = []
children = self.get_children()
for child in children:
obj = {
'id': child.id,
'cc': child.contentclass,
'image': child.__image__,
'displayName': child.displayName.value,
'isCollection': child.isCollection,
'modified': date.Date(child.modified)
}
if hasattr(child, 'size'):
obj['size'] = child.size
lstChildren.append(obj)
containment = []
for contained in self.containment:
image = misc.get_rto_by_name(contained).__image__
if not type(image) == str:
image = ''
localestring = resources.get_resource(contained, sLang)
containment.append([localestring, contained, image])
return {
'displayName': self.displayName.value,
'path': misc.get_full_path(self),
'parentid': self.parentid,
'iscollection': self.isCollection,
'containment': containment,
'user_role': permsresolver.get_access(self, context.user),
'contents': lstChildren
}
def new(self):
"Displays the form for creating a new application"
new_app = common.Application()
role = permsresolver.get_access(self, context.user)
return {
'CC': new_app.contentclass,
'URI': self.id,
'ICON': new_app.__image__,
'ADMIN': role == permsresolver.COORDINATOR}
def new(self):
"Displays the form for creating a new application"
new_app = common.Application()
role = permsresolver.get_access(self, context.user)
return {
'CC': new_app.contentclass,
'URI': self.id,
'ICON': new_app.__image__,
'ADMIN': role == permsresolver.COORDINATOR
}
def new(self):
oGroup = security.Group()
role = permsresolver.get_access(self, context.user)
return {
'CC': oGroup.contentclass,
'URI': self.id,
'REL_CC': '|'.join(oGroup.members.relCc),
'ICON': oGroup.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(oGroup.policies.relCc),
'ADMIN': role == permsresolver.COORDINATOR}
def new(self):
oGroup = security.Group()
role = permsresolver.get_access(self, context.user)
return {
'CC': oGroup.contentclass,
'URI': self.id,
'REL_CC': '|'.join(oGroup.members.relCc),
'ICON': oGroup.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(oGroup.policies.relCc),
'ADMIN': role == permsresolver.COORDINATOR
}
def new(self):
"Displays the form for creating a new user"
oUser = security.User()
role = permsresolver.get_access(self, context.user)
return {
'CC': oUser.contentclass,
'URI': self.id,
'REL_CC': '|'.join(oUser.memberof.relCc),
'ICON': oUser.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(oUser.policies.relCc),
'ADMIN': role == permsresolver.COORDINATOR}
def new(self):
"Displays the form for creating a new user"
oUser = security.User()
role = permsresolver.get_access(self, context.user)
return {
'CC': oUser.contentclass,
'URI': self.id,
'REL_CC': '|'.join(oUser.memberof.relCc),
'ICON': oUser.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(oUser.policies.relCc),
'ADMIN': role == permsresolver.COORDINATOR
}
def _get_item(self, s):
item = persist.loads(s)
if self.fetch_all:
if self.resolve_shortcuts:
while item != None and isinstance(item, Shortcut):
item = _db.get_item(item.target.value, self._txn)
else:
# check read permissions
access = permsresolver.get_access(item, self._thread.context.user)
if item._isDeleted or access == 0:
item = None
elif self.resolve_shortcuts and isinstance(item, Shortcut):
item = item.get_target(self._txn)
return item
def _get_item(self, s):
item = persist.loads(s)
if not self.enforce_permissions:
if self.resolve_shortcuts:
while item is not None and isinstance(item, Shortcut):
item = _db.get_item(item.target.value)
else:
# check read permissions
access = permsresolver.get_access(item, context.user)
if item._isDeleted or access == 0:
item = None
elif self.resolve_shortcuts and isinstance(item, Shortcut):
item = item.get_target()
return item
def _get_item(self, s):
item = persist.loads(s)
if not self.enforce_permissions:
if self.resolve_shortcuts:
while item is not None and isinstance(item, Shortcut):
item = _db.get_item(item.target.value)
else:
# check read permissions
access = permsresolver.get_access(item, context.user)
if item._isDeleted or access == 0:
item = None
elif self.resolve_shortcuts and isinstance(item, Shortcut):
item = item.get_target()
return item
def append_to(self, parent):
"""
Adds the item to the specified container.
@param parent: The id of the destination container or the container
itself
@type parent: str OR L{Container}
@return: None
"""
if isinstance(parent, basestring):
parent = db._db.get_item(parent)
contentclass = self.get_contentclass()
user = context.user
user_role = permsresolver.get_access(parent, user)
if user_role == permsresolver.READER:
raise exceptions.PermissionDenied(
'The user does not have write permissions '
'on the parent folder.')
if contentclass not in parent.containment:
raise exceptions.ContainmentError(
'The target container does not accept '
'objects of type\n"%s".' % contentclass)
# set security to new item
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
self._apply_security(parent, True)
else:
# user is not COORDINATOR
self.inheritRoles = True
self.security = parent.security
self._owner = user._id
self._created = time.time()
self.modifiedBy = user.displayName.value
self.modified = time.time()
self._pid = parent._id
db._db.handle_update(self, None)
db._db.put_item(self)
if self.isCollection:
parent._nc += 1
else:
parent._ni += 1
parent.modified = self.modified
db._db.put_item(parent)
db._db.handle_post_update(self, None)
def recycle(self, rb_id, trans):
"""
Moves the item to the specified recycle bin.
The item then becomes inaccessible.
@param rb_id: The id of the destination container, which must be
a L{RecycleBin} instance
@type rb_id: str
@param trans: A valid transaction handle
@return: None
"""
user = currentThread().context.user
self = _db.get_item(self._id, trans)
user_role = permsresolver.get_access(self, user)
can_delete = (user_role > permsresolver.AUTHOR) or \
(user_role == permsresolver.AUTHOR and
self._owner == user._id)
if (not(self._isSystem) and can_delete):
deleted = DeletedItem(self, trans)
deleted._owner = user._id
deleted._created = time.time()
deleted.modifiedBy = user.displayName.value
deleted.modified = time.time()
deleted._parentid = rb_id
# check recycle bin's containment
recycle_bin = _db.get_item(rb_id, trans)
if not(deleted.get_contentclass() in recycle_bin.containment):
raise exceptions.ContainmentError, \
'The target container does not accept ' + \
'objects of type\n"%s".' % deleted.get_contentclass()
_db.handle_update(deleted, None, trans)
_db.put_item(deleted, trans)
# delete item logically
self._recycle(trans)
# update container
parent = _db.get_item(self._parentid, trans)
parent.modified = time.time()
_db.put_item(parent, trans)
else:
raise exceptions.PermissionDenied, \
'The object was not deleted.\n' + \
'The user has insufficient permissions.'
def get_child_by_name(self, name):
"""
This method returns the child with the specified name.
@param name: The name of the child
@type name: str
@return: The child object if a child with the given name exists
else None.
@rtype: L{GenericItem}
"""
item = db._db.get_child_by_name(self._id, name)
if item is not None:
user_role = permsresolver.get_access(item, context.user)
if user_role < permsresolver.READER:
return None
return item
def get_child_by_name(self, name):
"""
This method returns the child with the specified name.
@param name: The name of the child
@type name: str
@return: The child object if a child with the given name exists
else None.
@rtype: L{GenericItem}
"""
item = db._db.get_child_by_name(self._id, name)
if item is not None:
user_role = permsresolver.get_access(item, context.user)
if user_role < permsresolver.READER:
return None
return item
def _restore(self, deleted, target):
"""
Restores a logically deleted item to the designated target.
@return: None
"""
# check permissions
user = context.user
user_role = permsresolver.get_access(target, user)
if user_role > permsresolver.READER:
deleted._pid = target._id
deleted.inheritRoles = False
deleted._undelete()
else:
raise exceptions.PermissionDenied("The user does not have write permissions on the " "destination folder.")
def append_to(self, parent, trans):
"""
Adds the item to the specified container.
@param parent: The id of the destination container or the container
itself
@type parent: str OR L{Container}
@param trans: A valid transaction handle
@return: None
"""
if type(parent) == str:
parent = _db.get_item(parent, trans)
if isinstance(self, Shortcut):
contentclass = self.get_target_contentclass(trans)
else:
contentclass = self.get_contentclass()
user = currentThread().context.user
user_role = permsresolver.get_access(parent, user)
if user_role == permsresolver.READER:
raise exceptions.PermissionDenied, \
'The user does not have write permissions ' + \
'on the parent folder.'
if not(contentclass in parent.containment):
raise exceptions.ContainmentError, \
'The target container does not accept ' + \
'objects of type\n"%s".' % contentclass
# set security to new item
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
self._applySecurity(parent, trans)
else:
# user is not COORDINATOR
self.inheritRoles = True
self.security = parent.security
self._owner = user._id
self._created = time.time()
self.modifiedBy = user.displayName.value
self.modified = time.time()
self._parentid = parent._id
_db.handle_update(self, None, trans)
parent.modified = self.modified
_db.put_item(self, trans)
_db.put_item(parent, trans)
def append_to(self, parent):
"""
Adds the item to the specified container.
@param parent: The id of the destination container or the container
itself
@type parent: str OR L{Container}
@return: None
"""
if isinstance(parent, basestring):
parent = db._db.get_item(parent)
contentclass = self.get_contentclass()
user = context.user
user_role = permsresolver.get_access(parent, user)
if user_role == permsresolver.READER:
raise exceptions.PermissionDenied("The user does not have write permissions " "on the parent folder.")
if contentclass not in parent.containment:
raise exceptions.ContainmentError(
"The target container does not accept " 'objects of type\n"%s".' % contentclass
)
# set security to new item
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
self._apply_security(parent, True)
else:
# user is not COORDINATOR
self.inheritRoles = True
self.security = parent.security
self._owner = user._id
self._created = time.time()
self.modifiedBy = user.displayName.value
self.modified = time.time()
self._pid = parent._id
db._db.handle_update(self, None)
db._db.put_item(self)
if self.isCollection:
parent._nc += 1
else:
parent._ni += 1
parent.modified = self.modified
db._db.put_item(parent)
db._db.handle_post_update(self, None)
def get_item(oid, trans=None):
"""
Fetches an object from the database.
If the user has no read permissions on the object
or the item has been deleted then C{None} is returned.
@param oid: The object's ID or the object's full path.
@type oid: str
@param trans: A valid transaction handle.
@rtype: L{GenericItem<porcupine.systemObjects.GenericItem>}
"""
item = _db.get_item(oid, trans)
if item != None and not item._isDeleted and \
permsresolver.get_access(item, currentThread().context.user) != 0:
return item
def get_item(oid, trans=None):
"""
Fetches an object from the database.
If the user has no read permissions on the object
or the item has been deleted then C{None} is returned.
@param oid: The object's ID or the object's full path.
@type oid: str
@param trans: A valid transaction handle.
@rtype: L{GenericItem<porcupine.systemObjects.GenericItem>}
"""
item = _db.get_item(oid)
if item is not None and not item._isDeleted and \
permsresolver.get_access(item, context.user) != 0:
return item
def properties(self):
"Displays the group's properties form"
sLang = context.request.get_lang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = (iUserRole == permsresolver.READER)
admin = (iUserRole == permsresolver.COORDINATOR)
params = {
'ID': self.id,
'ICON': self.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(self.policies.relCc),
'NAME': xml.xml_encode(self.displayName.value),
'DESCRIPTION': xml.xml_encode(self.description.value),
'MODIFIED': date.Date(self.modified).format(baseitem.DATES_FORMAT,
sLang),
'MODIFIED_BY': xml.xml_encode(self.modifiedBy),
'CONTENTCLASS': self.contentclass,
'SELECT_FROM': self.parentid,
'REL_CC': '|'.join(self.members.relCc),
'READONLY': str(readonly).lower(),
'ADMIN': admin,
'ROLES_INHERITED': str(self.inheritRoles).lower()
}
members_options = []
members = self.members.get_items()
for user in members:
members_options += [
xml.xml_encode(user.__image__), user.id,
xml.xml_encode(user.displayName.value)
]
params['MEMBERS'] = ';'.join(members_options)
policies_options = []
policies = self.policies.get_items()
for policy in policies:
policies_options += [
xml.xml_encode(policy.__image__), policy.id,
xml.xml_encode(policy.displayName.value)
]
params['POLICIES'] = ';'.join(policies_options)
return params
def copy_to(self, target):
"""
Copies the item to the designated target.
@param target: The id of the target container or the container object
itself
@type target: str OR L{Container}
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
if isinstance(target, (str, bytes)):
target = db._db.get_item(target)
if target is None or target._isDeleted:
raise exceptions.ObjectNotFound(
'The target container does not exist.')
contentclass = self.get_contentclass()
if self.isCollection and target.is_contained_in(self._id):
raise exceptions.ContainmentError(
'Cannot copy item to destination.\n'
'The destination is contained in the source.')
# check permissions on target folder
user = context.user
user_role = permsresolver.get_access(target, user)
if not (self._isSystem) and user_role > permsresolver.READER:
if contentclass not in target.containment:
raise exceptions.ContainmentError(
'The target container does not accept '
'objects of type\n"%s".' % contentclass)
self._copy(target, clear_inherited=True)
# update parent
if self.isCollection:
target._nc += 1
else:
target._ni += 1
target.modified = time.time()
db._db.put_item(target)
else:
raise exceptions.PermissionDenied(
'The object was not copied.\n'
'The user has insufficient permissions.')
def _restore(self, deleted, target):
"""
Restores a logically deleted item to the designated target.
@return: None
"""
# check permissions
user = context.user
user_role = permsresolver.get_access(target, user)
if user_role > permsresolver.READER:
deleted._pid = target._id
deleted.inheritRoles = False
deleted._undelete()
else:
raise exceptions.PermissionDenied(
'The user does not have write permissions on the '
'destination folder.')
def copy_to(self, target_id, trans):
"""
Copies the item to the designated target.
@param target_id: The ID of the destination container
@type target_id: str
@param trans: A valid transaction handle
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
target = _db.get_item(target_id, trans)
if target == None or target._isDeleted:
raise exceptions.ObjectNotFound, (
'The target container "%s" does not exist.' %
target_id , False)
if isinstance(self, Shortcut):
contentclass = self.get_target_contentclass(trans)
else:
contentclass = self.get_contentclass()
if self.isCollection and target.is_contained_in(self._id, trans):
raise exceptions.ContainmentError, \
'Cannot copy item to destination.\n' + \
'The destination is contained in the source.'
# check permissions on target folder
user = currentThread().context.user
user_role = permsresolver.get_access(target, user)
if not(self._isSystem) and user_role > permsresolver.READER:
if not(contentclass in target.containment):
raise exceptions.ContainmentError, \
'The target container does not accept ' + \
'objects of type\n"%s".' % contentclass
self._copy(target, trans, clear_inherited=True)
# update parent
target.modified = time.time()
_db.put_item(target, trans)
else:
raise exceptions.PermissionDenied, \
'The object was not copied.\n' + \
'The user has insufficient permissions.'
def copy_to(self, target):
"""
Copies the item to the designated target.
@param target: The id of the target container or the container object
itself
@type target: str OR L{Container}
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
if isinstance(target, (str, bytes)):
target = db._db.get_item(target)
if target is None or target._isDeleted:
raise exceptions.ObjectNotFound("The target container does not exist.")
contentclass = self.get_contentclass()
if self.isCollection and target.is_contained_in(self._id):
raise exceptions.ContainmentError(
"Cannot copy item to destination.\n" "The destination is contained in the source."
)
# check permissions on target folder
user = context.user
user_role = permsresolver.get_access(target, user)
if not (self._isSystem) and user_role > permsresolver.READER:
if contentclass not in target.containment:
raise exceptions.ContainmentError(
"The target container does not accept " 'objects of type\n"%s".' % contentclass
)
self._copy(target, clear_inherited=True)
# update parent
if self.isCollection:
target._nc += 1
else:
target._ni += 1
target.modified = time.time()
db._db.put_item(target)
else:
raise exceptions.PermissionDenied("The object was not copied.\n" "The user has insufficient permissions.")
def properties(self):
"Displays the group's properties form"
sLang = context.request.get_lang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = (iUserRole == permsresolver.READER)
admin = (iUserRole == permsresolver.COORDINATOR)
params = {
'ID': self.id,
'ICON': self.__image__,
'SELECT_FROM_POLICIES': 'policies',
'POLICIES_REL_CC': '|'.join(self.policies.relCc),
'NAME': xml.xml_encode(self.displayName.value),
'DESCRIPTION': xml.xml_encode(self.description.value),
'MODIFIED': date.Date(self.modified).format(
baseitem.DATES_FORMAT, sLang),
'MODIFIED_BY': xml.xml_encode(self.modifiedBy),
'CONTENTCLASS': self.contentclass,
'SELECT_FROM': self.parentid,
'REL_CC': '|'.join(self.members.relCc),
'READONLY': str(readonly).lower(),
'ADMIN': admin,
'ROLES_INHERITED': str(self.inheritRoles).lower()}
members_options = []
members = self.members.get_items()
for user in members:
members_options += [xml.xml_encode(user.__image__),
user.id,
xml.xml_encode(user.displayName.value)]
params['MEMBERS'] = ';'.join(members_options)
policies_options = []
policies = self.policies.get_items()
for policy in policies:
policies_options += [xml.xml_encode(policy.__image__),
policy.id,
xml.xml_encode(policy.displayName.value)]
params['POLICIES'] = ';'.join(policies_options)
return params
def recycle(self, rb_id):
"""
Moves the item to the specified recycle bin.
The item then becomes inaccessible.
@param rb_id: The id of the destination container, which must be
a L{RecycleBin} instance
@type rb_id: str
@return: None
"""
user = context.user
self_ = db._db.get_item(self._id)
user_role = permsresolver.get_access(self_, user)
can_delete = (user_role > permsresolver.AUTHOR) or \
(user_role == permsresolver.AUTHOR and
self_._owner == user._id)
if (not (self_._isSystem) and can_delete):
deleted = DeletedItem(self_)
deleted._owner = user._id
deleted._created = time.time()
deleted.modifiedBy = user.displayName.value
deleted.modified = time.time()
deleted._pid = rb_id
# check recycle bin's containment
recycle_bin = db._db.get_item(rb_id)
if deleted.get_contentclass() not in recycle_bin.containment:
raise exceptions.ContainmentError(
'The target container does not accept '
'objects of type\n"%s".' % deleted.get_contentclass())
db._db.handle_update(deleted, None)
db._db.put_item(deleted)
db._db.handle_post_update(deleted, None)
# delete item logically
self_._recycle()
else:
raise exceptions.PermissionDenied(
'The object was not deleted.\n'
'The user has insufficient permissions.')
def delete(self):
"""
Deletes the item permanently.
@return: None
"""
user = context.user
self_ = db._db.get_item(self._id)
user_role = permsresolver.get_access(self_, user)
can_delete = (user_role > permsresolver.AUTHOR) or (
user_role == permsresolver.AUTHOR and self_._owner == user._id
)
if not (self_._isSystem) and can_delete:
# delete item physically
self_._delete()
else:
raise exceptions.PermissionDenied("The object was not deleted.\n" "The user has insufficient permissions.")
def delete(self):
"""
Deletes the item permanently.
@return: None
"""
user = context.user
self_ = db._db.get_item(self._id)
user_role = permsresolver.get_access(self_, user)
can_delete = (user_role > permsresolver.AUTHOR) or \
(user_role == permsresolver.AUTHOR and self_._owner == user._id)
if (not (self_._isSystem) and can_delete):
# delete item physically
self_._delete()
else:
raise exceptions.PermissionDenied(
'The object was not deleted.\n'
'The user has insufficient permissions.')
def recycle(self, rb_id):
"""
Moves the item to the specified recycle bin.
The item then becomes inaccessible.
@param rb_id: The id of the destination container, which must be
a L{RecycleBin} instance
@type rb_id: str
@return: None
"""
user = context.user
self_ = db._db.get_item(self._id)
user_role = permsresolver.get_access(self_, user)
can_delete = (user_role > permsresolver.AUTHOR) or (
user_role == permsresolver.AUTHOR and self_._owner == user._id
)
if not (self_._isSystem) and can_delete:
deleted = DeletedItem(self_)
deleted._owner = user._id
deleted._created = time.time()
deleted.modifiedBy = user.displayName.value
deleted.modified = time.time()
deleted._pid = rb_id
# check recycle bin's containment
recycle_bin = db._db.get_item(rb_id)
if deleted.get_contentclass() not in recycle_bin.containment:
raise exceptions.ContainmentError(
"The target container does not accept " 'objects of type\n"%s".' % deleted.get_contentclass()
)
db._db.handle_update(deleted, None)
db._db.put_item(deleted)
db._db.handle_post_update(deleted, None)
# delete item logically
self_._recycle()
else:
raise exceptions.PermissionDenied("The object was not deleted.\n" "The user has insufficient permissions.")
def properties(self):
"Displays the application's properties form"
context = HttpContext.current()
sLang = context.request.getLang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = (iUserRole == 1)
modified = date.Date(self.modified)
return {
'ID' : self.id,
'IMG' : self.__image__,
'NAME' : xml.xml_encode(self.displayName.value),
'DESCRIPTION' : xml.xml_encode(self.description.value),
'ICON' : self.icon.value,
'LAUNCH_URL' : xml.xml_encode(self.launchUrl.value),
'MODIFIED' : modified.format(baseitem.DATES_FORMAT, sLang),
'MODIFIED_BY' : xml.xml_encode(self.modifiedBy),
'CONTENTCLASS' : self.contentclass,
'SECURITY_TAB' : baseitem._getSecurity(self, context.user),
'READONLY' : str(readonly).lower()
}
def properties(self):
"Displays the application's properties form"
sLang = context.request.get_lang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = (iUserRole == permsresolver.READER)
admin = (iUserRole == permsresolver.COORDINATOR)
modified = date.Date(self.modified)
return {
'ID': self.id,
'IMG': self.__image__,
'NAME': xml.xml_encode(self.displayName.value),
'DESCRIPTION': xml.xml_encode(self.description.value),
'ICON': self.icon.value,
'LAUNCH_URL': xml.xml_encode(self.launchUrl.value),
'MODIFIED': modified.format(baseitem.DATES_FORMAT, sLang),
'MODIFIED_BY': xml.xml_encode(self.modifiedBy),
'CONTENTCLASS': self.contentclass,
'ADMIN': admin,
'ROLES_INHERITED': str(self.inheritRoles).lower(),
'READONLY': str(readonly).lower()}
def update(self):
"""
Updates the item.
@return: None
"""
old_item = db._db.get_item(self._id)
if self._pid is not None:
parent = db._db.get_item(self._pid)
else:
parent = None
user = context.user
user_role = permsresolver.get_access(old_item, user)
if user_role > permsresolver.READER:
# set security
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
if (self.inheritRoles != old_item.inheritRoles) or \
(not self.inheritRoles and \
self.security != old_item.security):
self._apply_security(parent, False)
else:
# restore previous ACL
self.security = old_item.security
self.inheritRoles = old_item.inheritRoles
self.modifiedBy = user.displayName.value
self.modified = time.time()
db._db.handle_update(self, old_item)
db._db.put_item(self)
if parent is not None:
parent.modified = self.modified
db._db.put_item(parent)
db._db.handle_post_update(self, old_item)
else:
raise exceptions.PermissionDenied(
'The user does not have update permissions.')
def update(self):
"""
Updates the item.
@return: None
"""
old_item = db._db.get_item(self._id)
if self._pid is not None:
parent = db._db.get_item(self._pid)
else:
parent = None
user = context.user
user_role = permsresolver.get_access(old_item, user)
if user_role > permsresolver.READER:
# set security
if user_role == permsresolver.COORDINATOR:
# user is COORDINATOR
if (self.inheritRoles != old_item.inheritRoles) or (
not self.inheritRoles and self.security != old_item.security
):
self._apply_security(parent, False)
else:
# restore previous ACL
self.security = old_item.security
self.inheritRoles = old_item.inheritRoles
self.modifiedBy = user.displayName.value
self.modified = time.time()
db._db.handle_update(self, old_item)
db._db.put_item(self)
if parent is not None:
parent.modified = self.modified
db._db.put_item(parent)
db._db.handle_post_update(self, old_item)
else:
raise exceptions.PermissionDenied("The user does not have update permissions.")
def properties(self):
"Displays the group's properties form"
context = HttpContext.current()
sLang = context.request.getLang()
user = context.user
iUserRole = permsresolver.get_access(self, user)
readonly = iUserRole == 1
params = {
"ID": self.id,
"ICON": self.__image__,
"SELECT_FROM_POLICIES": "policies",
"POLICIES_REL_CC": "|".join(self.policies.relCc),
"NAME": xml.xml_encode(self.displayName.value),
"DESCRIPTION": xml.xml_encode(self.description.value),
"MODIFIED": date.Date(self.modified).format(baseitem.DATES_FORMAT, sLang),
"MODIFIED_BY": xml.xml_encode(self.modifiedBy),
"CONTENTCLASS": self.contentclass,
"SELECT_FROM": self.parentid,
"REL_CC": "|".join(self.members.relCc),
"READONLY": str(readonly).lower(),
}
members_options = []
members = self.members.get_items()
for user in members:
members_options += [xml.xml_encode(user.__image__), user.id, xml.xml_encode(user.displayName.value)]
params["MEMBERS"] = ";".join(members_options)
policies_options = []
policies = self.policies.get_items()
for policy in policies:
policies_options += [xml.xml_encode(policy.__image__), policy.id, xml.xml_encode(policy.displayName.value)]
params["POLICIES"] = ";".join(policies_options)
params["SECURITY_TAB"] = baseitem._getSecurity(self, user)
return params
def move_to(self, target):
"""
Moves the item to the designated target.
@param target: The id of the target container or the container object
itself
@type target: str OR L{Container}
@return: None
@raise L{porcupine.exceptions.ObjectNotFound}:
If the target container does not exist.
"""
user = context.user
user_role = permsresolver.get_access(self, user)
can_move = (user_role > permsresolver.AUTHOR)
## or (user_role == permsresolver.AUTHOR and oItem.owner == user.id)
parent_id = self._pid
if isinstance(target, (str, bytes)):
target = db._db.get_item(target)
if target is None or target._isDeleted:
raise exceptions.ObjectNotFound(
'The target container does not exist.')
contentclass = self.get_contentclass()
user_role2 = permsresolver.get_access(target, user)
if self.isCollection and target.is_contained_in(self._id):
raise exceptions.ContainmentError(
'Cannot move item to destination.\n'
'The destination is contained in the source.')
if (not (self._isSystem) and can_move
and user_role2 > permsresolver.READER):
if contentclass not in target.containment:
raise exceptions.ContainmentError(
'The target container does not accept '
'objects of type\n"%s".' % contentclass)
db._db.delete_item(self)
self._pid = target._id
self.inheritRoles = False
self.modified = time.time()
db._db.put_item(self)
# update target
if self.isCollection:
target._nc += 1
else:
target._ni += 1
target.modified = time.time()
db._db.put_item(target)
# update parent
parent = db._db.get_item(parent_id)
parent.modified = time.time()
db._db.put_item(parent)
else:
raise exceptions.PermissionDenied(
'The object was not moved.\n'
'The user has insufficient permissions.')
