def __init__(self, request):
Resource = appenlight.models.resource.Resource
self.__acl__ = []
group_id = request.matchdict.get("group_id", request.params.get("group_id"))
group_id = to_integer_safe(group_id)
self.report_group = ReportGroupService.by_id(group_id) if group_id else None
if not self.report_group:
raise HTTPNotFound()
self.public = self.report_group.public
self.resource = (
ResourceService.by_resource_id(self.report_group.resource_id)
if self.report_group
else None
)
if self.resource:
self.__acl__ = self.resource.__acl__
if request.user:
permissions = ResourceService.perms_for_user(self.resource, request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
if self.public:
self.__acl__.append((Allow, Everyone, "view"))
if not request.user:
# unauthed users need to visit using both group and report pair
report_id = request.params.get(
"reportId", request.params.get("report_id", -1)
)
report = self.report_group.get_report(report_id, public=True)
if not report:
raise HTTPNotFound()
add_root_superperm(request, self)
def __init__(self, request):
self.__acl__ = []
self.used_uuid = False
# used_uuid is set to true if user who is normally not authorized to
# view the resource gains access to it because owner set it to public
# and user knows the uuid of object
alert_id = request.matchdict.get("alert_id",
request.GET.get("alert_id"))
self.alert = AlertChannelActionService.by_pkey(alert_id)
if not self.alert:
raise HTTPNotFound()
self.chart = DashboardChartService.by_uuid(self.alert.other_id)
if not self.chart:
raise HTTPNotFound()
self.resource = ResourceService.by_resource_id(self.chart.resource_id)
if self.resource and request.user:
self.__acl__ = self.resource.__acl__
permissions = ResourceService.perms_for_user(
self.resource, request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
if self.resource and self.resource.public:
if not request.has_permission("view", self):
self.used_uuid = True
self.__acl__.append((Allow, Everyone, "view"))
add_root_superperm(request, self)
def __init__(self, request):
self.__acl__ = []
self.used_uuid = False
# used_uuid is set to true if user who is normally not authorized to
# view the resource gains access to it because owner set it to public
# and user knows the uuid of object
org_resource_id = request.matchdict.get("resource_id",
request.GET.get("resource_id"))
resource_id = to_integer_safe(org_resource_id)
self.resource = (ResourceService.by_resource_id(resource_id)
if resource_id else None)
if self.resource is None:
self.resource = DashboardService.by_uuid(org_resource_id)
if self.resource and request.user:
self.__acl__ = self.resource.__acl__
permissions = ResourceService.perms_for_user(
self.resource, request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
if self.resource and self.resource.public:
if not request.has_permission("view", self):
self.used_uuid = True
self.__acl__.append((Allow, Everyone, "view"))
add_root_superperm(request, self)
def __init__(self, request):
self.__acl__ = [(Allow, Authenticated, 'authenticated'),
(Allow, Authenticated, 'create_resources')]
# general page factory - append custom non resource permissions
if hasattr(request, 'user') and request.user:
acls = permission_to_04_acls(request.user.permissions)
for perm_user, perm_name in acls:
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
def __init__(self, request):
self.__acl__ = [
(Allow, Authenticated, "authenticated"),
(Allow, Authenticated, "create_resources"),
]
# general page factory - append custom non resource permissions
if hasattr(request, "user") and request.user:
acls = permission_to_04_acls(UserService.permissions(request.user))
for perm_user, perm_name in acls:
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
def add_root_superperm(request, context):
"""
Adds ALL_PERMISSIONS to every resource if user somehow has 'root_permission'
non-resource permission
"""
if hasattr(request, "user") and request.user:
acls = permission_to_04_acls(UserService.permissions(request.user))
for perm_user, perm_name in acls:
if perm_name == "root_administration":
context.__acl__.append(rewrite_root_perm(perm_user, perm_name))
def __init__(self, request):
Resource = appenlight.models.resource.Resource
self.__acl__ = []
resource_id = request.unsafe_json_body().get("resource_id")
resource_id = to_integer_safe(resource_id)
self.resource = ResourceService.by_resource_id(resource_id)
if self.resource and request.user:
self.__acl__ = self.resource.__acl__
permissions = ResourceService.perms_for_user(self.resource, request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
add_root_superperm(request, self)
def __init__(self, request):
Resource = appenlight.models.resource.Resource
self.__acl__ = []
resource_id = request.matchdict.get("resource_id",
request.GET.get("resource_id"))
resource_id = to_integer_safe(resource_id)
self.resource = Resource.by_resource_id(resource_id) \
if resource_id else None
if self.resource and request.user:
self.__acl__ = self.resource.__acl__
permissions = self.resource.perms_for_user(request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
add_root_superperm(request, self)
def __init__(self, request):
Resource = appenlight.models.resource.Resource
self.__acl__ = []
self.resource = None
plugin_id = to_integer_safe(request.matchdict.get("id"))
self.plugin = PluginConfigService.by_id(plugin_id)
if not self.plugin:
raise HTTPNotFound()
if self.plugin.resource_id:
self.resource = ResourceService.by_resource_id(self.plugin.resource_id)
if self.resource:
self.__acl__ = self.resource.__acl__
if request.user and self.resource:
permissions = ResourceService.perms_for_user(self.resource, request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
add_root_superperm(request, self)
def __init__(self, request):
Resource = appenlight.models.resource.Resource
self.__acl__ = []
json_body = request.safe_json_body
self.resource = None
if json_body:
resource_id = json_body.get('resource_id')
else:
resource_id = request.GET.get('resource_id')
if resource_id:
resource_id = to_integer_safe(resource_id)
self.resource = Resource.by_resource_id(resource_id)
if self.resource and request.user:
self.__acl__ = self.resource.__acl__
permissions = self.resource.perms_for_user(request.user)
for perm_user, perm_name in permission_to_04_acls(permissions):
self.__acl__.append(rewrite_root_perm(perm_user, perm_name))
add_root_superperm(request, self)