def __init__(self, **traits):
"""Initialise the object."""
super(_ChangePasswordAction, self).__init__(**traits)
get_permissions_manager().user_manager.on_trait_event(
self._refresh_enabled, 'user_authenticated')
def authenticate_user(self):
"""Authenticate the user."""
if self.user_db.authenticate_user(self.user):
self.user.authenticated = True
# Tell the policy manager before everybody else.
get_permissions_manager().policy_manager.load_policy(self.user)
self.user_authenticated = self.user
def unauthenticate_user(self):
"""Unauthenticate the user."""
if self.user.authenticated and self.user_db.unauthenticate_user(self.user):
self.user.authenticated = False
# Tell the policy manager before everybody else.
get_permissions_manager().policy_manager.load_policy(None)
self.user_authenticated = None
def _add_clicked(self, info):
"""Invoked by the "Add" button."""
role = self._validate(info)
if role is None:
return
# Add the data to the database.
try:
get_permissions_manager().policy_manager.policy_storage.add_role(
role.name, role.description, [p.id for p in role.permissions])
info.ui.dispose()
except PolicyStorageError as e:
self._ps_error(e)
def _save_clicked(self, info):
"""Invoked by the "Save" button."""
assignment = self._validate(info)
if assignment is None:
return
# Update the data in the database.
try:
get_permissions_manager().policy_manager.policy_storage.set_assignment(assignment.user_name, [r.name for r in assignment.roles])
info.ui.dispose()
except PolicyStorageError as e:
self._ps_error(e)
def _save_clicked(self, info):
"""Invoked by the "Save" button."""
assignment = self._validate(info)
if assignment is None:
return
# Update the data in the database.
try:
get_permissions_manager().policy_manager.policy_storage.set_assignment(assignment.user_name, [r.name for r in assignment.roles])
info.ui.dispose()
except PolicyStorageError, e:
self._ps_error(e)
def _delete_clicked(self, info):
"""Invoked by the "Delete" button."""
role = self._validate(info)
if role is None:
return
if confirm(None, "Are you sure you want to delete the role \"%s\"?" % role.name) == YES:
# Delete the data from the database.
try:
get_permissions_manager().policy_manager.policy_storage.delete_role(role.name)
info.ui.dispose()
except PolicyStorageError as e:
self._ps_error(e)
def _add_clicked(self, info):
"""Invoked by the "Add" button."""
role = self._validate(info)
if role is None:
return
# Add the data to the database.
try:
get_permissions_manager().policy_manager.policy_storage.add_role(
role.name, role.description,
[p.id for p in role.permissions])
info.ui.dispose()
except PolicyStorageError, e:
self._ps_error(e)
def _delete_clicked(self, info):
"""Invoked by the "Delete" button."""
role = self._validate(info)
if role is None:
return
if confirm(None, "Are you sure you want to delete the role \"%s\"?" % role.name) == YES:
# Delete the data from the database.
try:
get_permissions_manager().policy_manager.policy_storage.delete_role(role.name)
info.ui.dispose()
except PolicyStorageError, e:
self._ps_error(e)
def __init__(self, **traits):
"""Initialise the object."""
buttons = [
Action(name="Search"),
Action(name="Add"),
Action(name="Modify"),
Action(name="Delete"), CancelButton
]
all_perms = list(
get_permissions_manager().policy_manager.permissions.values())
perms_editor = SetEditor(values=all_perms,
left_column_title="Available Permissions",
right_column_title="Assigned Permissions")
perms_group = Group(Item(name='permissions', editor=perms_editor),
label='Permissions',
show_border=True,
show_labels=False)
super(_RoleView, self).__init__(Item(name='name'),
Item(name='description'),
perms_group,
buttons=buttons,
**traits)
def role_assignment():
"""Implement the role assignment for the current policy manager."""
# Create a dictionary of roles keyed by the role name.
all_roles = {}
try:
roles = get_permissions_manager().policy_manager.policy_storage.all_roles()
except PolicyStorageError, e:
error(None, str(e))
return
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
role = self._role(info)
# Get all roles that satisfy the criteria.
try:
roles = get_permissions_manager().policy_manager.policy_storage.matching_roles(role.name)
except PolicyStorageError, e:
self._ps_error(e)
return
def role_assignment():
"""Implement the role assignment for the current policy manager."""
# Create a dictionary of roles keyed by the role name.
all_roles = {}
try:
roles = get_permissions_manager(
).policy_manager.policy_storage.all_roles()
except PolicyStorageError, e:
error(None, str(e))
return
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
role = self._role(info)
# Get all roles that satisfy the criteria.
try:
roles = get_permissions_manager(
).policy_manager.policy_storage.matching_roles(role.name)
except PolicyStorageError, e:
self._ps_error(e)
return
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
pm = get_permissions_manager()
assignment = self._assignment(info)
user = pm.user_manager.matching_user(assignment.user_name)
if user is None:
return
try:
user_name, role_names = pm.policy_manager.policy_storage.get_assignment(user.name)
except PolicyStorageError, e:
self._ps_error(e)
return
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
pm = get_permissions_manager()
assignment = self._assignment(info)
user = pm.user_manager.matching_user(assignment.user_name)
if user is None:
return
try:
user_name, role_names = pm.policy_manager.policy_storage.get_assignment(
user.name)
except PolicyStorageError, e:
self._ps_error(e)
return
def __init__(self, **traits):
"""Initialise the object."""
buttons = [Action(name="Search"), Action(name="Add"),
Action(name="Modify"), Action(name="Delete"), CancelButton]
all_perms = get_permissions_manager().policy_manager.permissions.values()
perms_editor = SetEditor(values=all_perms,
left_column_title="Available Permissions",
right_column_title="Assigned Permissions")
perms_group = Group(Item(name='permissions', editor=perms_editor),
label='Permissions', show_border=True, show_labels=False)
super(_RoleView, self).__init__(Item(name='name'),
Item(name='description'), perms_group, buttons=buttons,
**traits)
def _perms_to_list(self, perm_ids):
"""Return a list of Permission instances created from the given list of
permission ids."""
pl = []
for id in perm_ids:
try:
p = get_permissions_manager().policy_manager.permissions[id]
except KeyError:
# FIXME: permissions should be populated from the policy
# database - or is it needed at all? Should it just be read
# when managing roles?
p = Permission(id=id, application_defined=False)
pl.append(p)
return pl
def _perms_to_list(self, perm_ids):
"""Return a list of Permission instances created from the given list of
permission ids."""
pl = []
for id in perm_ids:
try:
p = get_permissions_manager().policy_manager.permissions[id]
except KeyError:
# FIXME: permissions should be populated from the policy
# database - or is it needed at all? Should it just be read
# when managing roles?
p = Permission(id=id, application_defined=False)
pl.append(p)
return pl
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
pm = get_permissions_manager()
assignment = self._assignment(info)
user = pm.user_manager.matching_user(assignment.user_name)
if user is None:
return
try:
user_name, role_names = pm.policy_manager.policy_storage.get_assignment(user.name)
except PolicyStorageError as e:
self._ps_error(e)
return
# Update the viewed object.
assignment.user_name = user.name
assignment.description = user.description
assignment.roles = self._roles_to_list(role_names)
def role_assignment():
"""Implement the role assignment for the current policy manager."""
# Create a dictionary of roles keyed by the role name.
all_roles = {}
try:
roles = get_permissions_manager().policy_manager.policy_storage.all_roles()
except PolicyStorageError as e:
error(None, str(e))
return
for name, description in roles:
all_roles[name] = Role(name=name, description=description)
assignment = Assignment()
view = _AssignmentView(all_roles)
handler = _AssignmentHandler(all_roles=all_roles)
assignment.edit_traits(view=view, handler=handler)
def __init__(self, **traits):
"""Initialise the object."""
pm = get_permissions_manager()
# Put them in a group so we can optionally append (because the PyFace
# API doesn't do what you expect with append()).
group = Group()
group.append(LoginAction())
for act in pm.user_manager.user_actions:
group.append(act)
group.append(LogoutAction())
for act in pm.user_manager.management_actions:
group.append(act)
for act in pm.policy_manager.management_actions:
group.append(act)
super(UserMenuManager, self).__init__(group, **traits)
def __init__(self, **traits):
"""Initialise the object."""
pm = get_permissions_manager()
# Put them in a group so we can optionally append (because the PyFace
# API doesn't do what you expect with append()).
group = Group()
group.append(LoginAction())
for act in pm.user_manager.user_actions:
group.append(act)
group.append(LogoutAction())
for act in pm.user_manager.management_actions:
group.append(act)
for act in pm.policy_manager.management_actions:
group.append(act)
super(UserMenuManager, self).__init__(group, **traits)
def _search_clicked(self, info):
"""Invoked by the "Search" button."""
role = self._role(info)
# Get all roles that satisfy the criteria.
try:
roles = get_permissions_manager().policy_manager.policy_storage.matching_roles(role.name)
except PolicyStorageError as e:
self._ps_error(e)
return
if len(roles) == 0:
self._error("There is no role that matches \"%s\"." % role.name)
return
name, description, perm_ids = select_role(roles)
if name:
# Update the viewed object.
role.name = name
role.description = description
role.permissions = self._perms_to_list(perm_ids)
def perform(self, event):
"""Perform the action."""
get_permissions_manager().user_manager.unauthenticate_user()
def perform(self, event):
"""Perform the action."""
get_permissions_manager().user_manager.authenticate_user()
def __init__(self, **traits):
"""Initialise the object."""
super(_ChangePasswordAction, self).__init__(**traits)
get_permissions_manager().user_manager.on_trait_event(self._refresh_enabled, 'user_authenticated')
def perform(self, event):
"""Perform the action."""
um = get_permissions_manager().user_manager
um.user_db.change_password(um.user)
