예제 #1
0
파일: view_str.py 프로젝트: ollawone/stdm
    def _edit_permissions(self):
        """
        Returns True/False whether the current logged in user
        has permissions to create new social tenure relationships.
        If true, then the system assumes that
        they can also edit STR records.
        """
        canEdit = False
        userName = globals.APP_DBCONN.User.UserName
        authorizer = Authorizer(userName)
        newSTRCode = "9576A88D-C434-40A6-A318-F830216CA15A"

        # Get the name of the content from the code
        cnt = Content()
        createSTRCnt = cnt.queryObject().filter(
            Content.code == newSTRCode).first()
        if createSTRCnt:
            name = createSTRCnt.name
            canEdit = authorizer.CheckAccess(name)

        return canEdit
예제 #2
0
class ContentGroup(QObject, HashableMixin):
    """
    Groups related content items together.
    """
    contentAuthorized = pyqtSignal(Content)

    def __init__(self, username, containerItem=None, parent=None):
        from stdm.security.authorization import Authorizer

        QObject.__init__(self, parent)
        HashableMixin.__init__(self)
        self._username = username
        self._contentItems = []
        self._authorizer = Authorizer(self._username)
        self._containerItem = containerItem

    def hasPermission(self, content):
        """
        Checks whether the currently logged in user has permissions to access
        the given content item.
        """
        return self._authorizer.CheckAccess(content.code)

    @staticmethod
    def contentItemFromQAction(qAction):
        """
        Creates a Content object from a QAction object.
        """
        cnt = Content()
        cnt.name = qAction.text()

        return cnt

    def contentItems(self):
        """
        Returns a list of content items in the group.
        """
        return self._contentItems

    def addContent(self, name, code):
        """
        Create a new Content item and add it to the collection.
        """
        cnt = Content()
        cnt.name = name
        cnt.code = code

        self._contentItems.append(cnt)

    def addContentItems(self, contents):
        """
        Append list of content items to the group's collection.
        """
        self._contentItems.extend(contents)

    def addContentItem(self, content):
        """
        Adds a Content instance to the collection.
        """
        self._contentItems.append(content)

    def setContainerItem(self, containerItem):
        """
        ContainerItem can be a QAction, QListWidgetItem, etc. that can be associated with the group.
        """
        self._containerItem = containerItem

    def containerItem(self):
        """
        Returns an instance of a ContainerItem associated with this group.
        """
        return self._containerItem

    def checkContentAccess(self):
        """
        Asserts whether each content item(s) in the group has access permissions.
        For each item that has permission then a signal is raised containing the
        Content item as an argument.
        Those items which have been granted permission will be returned in a list.
        """
        allowedContent = []

        for c in self.contentItems():
            hasPerm = self.hasPermission(c)
            if hasPerm:
                allowedContent.append(c)
                self.contentAuthorized.emit(c)

        return allowedContent

    def hash_code(self, name):
        ht = hashlib.sha1(name.encode('utf-8'))
        return ht.hexdigest()

    def register(self):
        """
        Registers the content items into the database. Registration only works for a 
        postgres user account.
        """
        PG_ACCOUNT = "postgres"

        if self._username == PG_ACCOUNT:
            for c in self.contentItems():
                if isinstance(c, Content):
                    cnt = Content()
                    qo = cnt.queryObject()

                    if c.code is None:
                        code = self.hash_code(unicode(c.name))
                        cn = c
                    else:
                        code = c.code

                    cn = qo.filter(Content.code == code).first()

                    #If content not found then add
                    if cn is None:
                        #Check if the 'postgres' role is defined, if not then create one
                        rl = Role()
                        rolequery = rl.queryObject()
                        role = rolequery.filter(
                            Role.name == PG_ACCOUNT).first()

                        if role is None:
                            rl.name = PG_ACCOUNT
                            rl.contents = [c]
                            rl.save()
                        else:
                            existingContents = role.contents
                            #Append new content to existing
                            if c.code is None:
                                c.code = code

                            if len([
                                    e_cont for e_cont in existingContents
                                    if e_cont.name == c.name
                            ]) == 0:
                                existingContents.append(c)
                                role.contents = existingContents
                                role.update()
        else:
            for c in self.contentItems():
                if isinstance(c, Content):
                    cnt = Content()
                    qo = cnt.queryObject()
                    cn = qo.filter(Content.name == c.name).first()
                    c.code = cn.code