def view(request):
session = DBSession()
ro, view_params = view_init(request, session, 'actors')
actors = [('user', Role.to_str(Role.edit), ro.owner)]
for pol in ro.auth:
actors.append(('user', Role.to_str(pol.role), pol.actor))
view_params["actors"] = actors
return view_params
def register_new_actor(request, session, ro, new_uid):
"""Register a new user according to info in form
Args:
request: (Request)
session: (DBSession)
ro: (ResearchObject)
new_uid: (str) id of user to add to ro auth
Returns:
(bool): whether ro has changed and need to be reloaded
"""
role = Role.from_str(request.params.get("role_new", "denied"))
actor = Actor.get(session, new_uid)
if actor is not None:
if new_uid in (pol.actor for pol in ro.auth):
msg = "%s already a direct member" % actor.id
request.session.flash(msg, 'warning')
return False
ro.add_policy(session, actor, role)
request.session.flash("New actor %s added" % actor.id, 'success')
return True
request.session.flash("Actor %s does not exists" % new_uid, 'warning')
return False
def view(request):
allow_edit = request.unauthenticated_userid is not None
session = DBSession()
params = dict(request.params)
main_search = params.pop('main_search', None)
if main_search is not None:
groups = [gr.strip() for gr in main_search.split(" ")
if len(gr.strip()) > 0]
for gr in groups:
if ":" in gr:
k, v = gr.split(":")
params[k.strip()] = v.strip()
else:
params["name"] = gr
res = search(session, params)
ros = []
for ro in res:
role = ro.access_role(session, request.unauthenticated_userid)
if role != Role.denied:
ros.append((Role.to_str(role), ro))
query = " ".join("%s:%s" % kv for kv in params.items())
return {'allow_edit': allow_edit, 'query': query, 'ros': ros}
def view(request):
session = DBSession()
team, view_params = view_init(request, session, 'members')
members = []
for pol in team.auth:
members.append((Role.to_str(pol.role), pol.actor))
view_params["members"] = members
return view_params
def view(request):
session = DBSession()
team, view_params = edit_init(request, session, 'members')
need_update = 'update' in request.params
if not need_update:
for pol in team.auth:
rm_button_id = "rm_%s" % pol.actor
if rm_button_id in request.params:
need_update = True
if need_update:
need_reload = False
# check for new members
new_uid = request.params['new_member']
if len(new_uid) > 0:
need_reload = register_new_user(request, session, team, new_uid)
# update user roles
for pol in team.auth:
# check need to remove
if "rm_%s" % pol.actor in request.params:
team.remove_policy(session, pol.actor)
request.session.flash("User %s removed" % pol.actor, 'success')
need_reload = True
else: # update roles
if pol.actor == new_uid and need_reload:
new_role_str = request.params.get("role_new", "denied")
else:
new_role_str = request.params.get("role_%s" % pol.actor,
"denied")
new_role = Role.from_str(new_role_str)
if new_role != pol.role:
team.update_policy(session, pol.actor, new_role)
need_reload = True
if need_reload:
loc = request.current_route_url()
return HTTPFound(location=loc)
else:
pass
members = []
for pol in team.auth:
members.append((pol.role, pol.actor))
view_params["members"] = members
return view_params
def register_new_user(request, session, team, new_uid):
"""Register a new user according to info in form
Args:
request: (Request)
session: (DBSession)
team: (Team)
new_uid: (str) id of user to add to team auth
Returns:
(bool): whether team has changed and need to be reloaded
"""
if new_uid == team.id:
msg = "Cannot be a member of itself"
request.session.flash(msg, 'warning')
return False
role = Role.from_str(request.params.get("role_new", "denied"))
member = User.get(session, new_uid)
if member is not None:
if new_uid in (pol.actor for pol in team.auth):
msg = "%s already a direct member" % member.id
request.session.flash(msg, 'warning')
return False
team.add_policy(session, member, role)
request.session.flash("New member %s added" % member.id, 'success')
return True
member = Team.get(session, new_uid)
if member is not None:
if team.has_member(session, new_uid):
request.session.flash("%s already a member" % member.id, 'warning')
return False
if member.has_member(session, team.id):
msg = "Circular reference %s is a member of %s" % (team.id,
member.id)
request.session.flash(msg, 'warning')
return False
team.add_policy(session, member, role)
request.session.flash("New member %s added" % member.id, 'success')
return True
request.session.flash("User %s does not exists" % new_uid, 'warning')
return False
