def member_new(self, id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
#self._check_access('group_delete', context, {'id': id})
try:
if request.method == 'POST':
data_dict = clean_dict(dict_fns.unflatten(
tuplize_dict(parse_params(request.params))))
data_dict['id'] = id
c.group_dict = self._action('group_member_create')(context, data_dict)
self._redirect_to(controller='group', action='members', id=id)
else:
user = request.params.get('user')
if user:
c.user_dict = get_action('user_show')(context, {'id': user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member'
else:
c.user_role = 'member'
c.group_dict = self._action('group_show')(context, {'id': id})
c.roles = self._action('member_roles_list')(context, {})
except NotAuthorized:
abort(401, _('Unauthorized to add member to group %s') % '')
except NotFound:
abort(404, _('Group not found'))
return self._render_template('group/member_new.html')
def member_new(self, id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
#self._check_access('group_delete', context, {'id': id})
try:
if request.method == 'POST':
data_dict = clean_dict(dict_fns.unflatten(
tuplize_dict(parse_params(request.params))))
data_dict['id'] = id
c.group_dict = self._action('group_member_create')(context, data_dict)
self._redirect_to(controller='group', action='members', id=id)
else:
user = request.params.get('user')
if user:
c.user_dict = get_action('user_show')(context, {'id': user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member'
else:
c.user_role = 'member'
c.group_dict = self._action('group_show')(context, {'id': id})
c.roles = self._action('member_roles_list')(context, {})
except NotAuthorized:
abort(401, _('Unauthorized to add member to group %s') % '')
except NotFound:
abort(404, _('Group not found'))
except ValidationError, e:
h.flash_error(e.error_summary)
def check_journal_role(pkg, role):
user = tk.c.user
if not user:
return False
group = pkg.get('owner_org', pkg.get('group_id', False))
if group:
return users_role_for_group_or_org(group, user) == role
return False
def owner_org_validator(key, data, errors, context):
owner_org = data.get(key)
user = context['auth_user_obj']
if owner_org is not missing and owner_org is not None and owner_org != '':
role = users_role_for_group_or_org(owner_org, user.name)
if role == 'member':
return
default_oov(key, data, errors, context)
def owner_org_validator(key, data, errors, context):
owner_org = data.get(key)
user = context['auth_user_obj']
if owner_org is not missing and owner_org is not None and owner_org != '':
role = users_role_for_group_or_org(owner_org, user.name)
if role == 'member':
return
default_oov(key, data, errors, context)
def member_new(self, id):
context = {
'model': model,
'session': model.Session,
'user': c.user or c.author
}
#self._check_access('group_delete', context, {'id': id})
try:
c.group_dict = self._action('group_show')(context, {'id': id})
group_type = 'organization' if c.group_dict[
'is_organization'] else 'group'
c.roles = self._action('member_roles_list')(
context, {
'group_type': group_type
})
if request.method == 'POST':
data_dict = clean_dict(
dict_fns.unflatten(
tuplize_dict(parse_params(request.params))))
data_dict['id'] = id
email = data_dict.get('email')
if email:
user_data_dict = {
'email': email,
'group_id': data_dict['id'],
'role': data_dict['role']
}
del data_dict['email']
user_dict = self._action('user_invite')(context,
user_data_dict)
data_dict['username'] = user_dict['name']
c.group_dict = self._action('group_member_create')(context,
data_dict)
self._redirect_to(controller='group', action='members', id=id)
else:
user = request.params.get('user')
if user:
c.user_dict = get_action('user_show')(context, {
'id': user
})
c.user_role = new_authz.users_role_for_group_or_org(
id, user) or 'member'
else:
c.user_role = 'member'
except NotAuthorized:
abort(401, _('Unauthorized to add member to group %s') % '')
except NotFound:
abort(404, _('Group not found'))
except ValidationError, e:
h.flash_error(e.error_summary)
def member_new(self, id):
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
#self._check_access('group_delete', context, {'id': id})
try:
data_dict = {'id': id}
data_dict['include_datasets'] = False
c.group_dict = self._action('group_show')(context, data_dict)
group_type = 'organization' if c.group_dict['is_organization'] else 'group'
c.roles = self._action('member_roles_list')(
context, {'group_type': group_type}
)
if request.method == 'POST':
data_dict = clean_dict(df.unflatten(
tuplize_dict(parse_params(request.params))))
data_dict['id'] = id
data_dict['role'] = 'editor' # fixed
email = data_dict.get('email')
if email:
# check if user exists
user = context['session'].query(model.User).filter_by(email=email, state='active').first()
if user:
data_dict['username'] = user.name
else:
user_data_dict = {
'email': email,
'group_id': data_dict['id'],
'role': data_dict['role']
}
del data_dict['email']
user_dict = self._action('user_invite')(context,
user_data_dict)
data_dict['username'] = user_dict['name']
c.group_dict = self._action('group_member_create')(context, data_dict)
self._redirect_to(controller='group', action='members', id=id)
else:
user = request.params.get('user')
if user:
c.user_dict = get_action('user_show')(context, {'id': user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member'
else:
c.user_role = 'member'
except NotAuthorized:
abort(401, _('Unauthorized to add member to group %s') % '')
except NotFound:
abort(404, _('Group not found'))
except ValidationError, e:
h.flash_error(e.error_summary)
def user_is_member_of_package_org(user, package):
"""Return True if the package is in an organization and the user has the member role in that organization
@param user: A user object
@param package: A package object
@return: True if the user has the 'member' role in the organization that owns the package, False otherwise
"""
if package.owner_org:
role_in_org = users_role_for_group_or_org(package.owner_org, user.name)
if role_in_org == 'member':
return True
return False
def package_create(fb, context, data_dict):
user = context['auth_user_obj']
if data_dict and 'owner_org' in data_dict:
role = users_role_for_group_or_org(data_dict['owner_org'], user.name)
if role == 'member':
return {'success': True}
else:
# If there is no organization, then this should return success if the user can create datasets for *some*
# organisation (see the ckan implementation), so either if anonymous packages are allowed or if we have
# member status in any organization.
if has_user_permission_for_some_org(user.name, 'read'):
return {'success': True}
return fb(context, data_dict)
def package_create(context, data_dict):
user = context['auth_user_obj']
if data_dict and 'owner_org' in data_dict:
role = users_role_for_group_or_org(data_dict['owner_org'], user.name)
if role == 'member':
return {'success': True}
else:
# If there is no organization, then this should return success if the user can create datasets for *some*
# organisation (see the ckan implementation), so either if anonymous packages are allowed or if we have
# member status in any organization.
if has_user_permission_for_some_org(user.name, 'read'):
return {'success': True}
fallback = get_default_auth('create', 'package_create')
return fallback(context, data_dict)
def member_new(self, id):
context = {"model": model, "session": model.Session, "user": c.user or c.author}
# self._check_access('group_delete', context, {'id': id})
try:
c.group_dict = self._action("group_show")(context, {"id": id})
group_type = "organization" if c.group_dict["is_organization"] else "group"
c.roles = self._action("member_roles_list")(context, {"group_type": group_type})
if request.method == "POST":
data_dict = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(request.params))))
data_dict["id"] = id
email = data_dict.get("email")
if email:
user_data_dict = {"email": email, "group_id": data_dict["id"], "role": data_dict["role"]}
del data_dict["email"]
user_dict = self._action("user_invite")(context, user_data_dict)
data_dict["username"] = user_dict["name"]
c.group_dict = self._action("group_member_create")(context, data_dict)
self._redirect_to(controller="group", action="members", id=id)
else:
user = request.params.get("user")
if user:
c.user_dict = get_action("user_show")(context, {"id": user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or "member"
else:
c.user_role = "member"
except NotAuthorized:
abort(401, _("Unauthorized to add member to group %s") % "")
except NotFound:
abort(404, _("Group not found"))
except ValidationError, e:
h.flash_error(e.error_summary)
def member_new(self, id):
context = {"model": model, "session": model.Session, "user": c.user or c.author}
# self._check_access('group_delete', context, {'id': id})
try:
if request.method == "POST":
data_dict = clean_dict(dict_fns.unflatten(tuplize_dict(parse_params(request.params))))
data_dict["id"] = id
c.group_dict = self._action("group_member_create")(context, data_dict)
self._redirect_to(controller="group", action="members", id=id)
else:
user = request.params.get("user")
if user:
c.user_dict = get_action("user_show")(context, {"id": user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or "member"
else:
c.user_role = "member"
c.group_dict = self._action("group_show")(context, {"id": id})
c.roles = self._action("member_roles_list")(context, {})
except NotAuthorized:
abort(401, _("Unauthorized to add member to group %s") % "")
except NotFound:
abort(404, _("Group not found"))
return self._render_template("group/member_new.html")
def member_new(self, id):
# FIXME: heavily customized version of GroupController.member_new
# that is tied to our particular auth mechanism and permissions
# This would be better in the idir extension
import ckan.lib.navl.dictization_functions as dict_fns
import ckan.new_authz as new_authz
context = {'model': model, 'session': model.Session,
'user': c.user or c.author}
errors = {}
try:
group_type = 'organization'
c.roles = self._action('member_roles_list')(context, {'group_type': group_type})
if request.method == 'POST':
data_dict = clean_dict(dict_fns.unflatten(
tuplize_dict(parse_params(request.params))))
data_dict['id'] = id
idir_account = data_dict.get('idir')
if idir_account:
'''
Check if the account has only alphanumeric characters
'''
import re
name_match = re.compile('[a-z0-9_\-]*$')
if not name_match.match(idir_account) :
c.group_dict = self._action('organization_show')(context, {'id' : data_dict['id']})
errors['idir'] = _('must be purely lower case alphanumeric (ascii) characters and these symbols: -_')
vars = {'data': data_dict, 'errors': errors}
return render('organization/member_new.html', extra_vars=vars)
try:
user_dict = get_action('user_show')(context, {'id': idir_account.lower(), 'include_datasets': False})
except NotFound:
user_dict = {}
if not user_dict :
user_data_dict = {
'name': idir_account.lower(),
'email': '*****@*****.**',
'password' : 't35tu53r'
}
del data_dict['idir']
user_dict = self._action('user_create')(context,
user_data_dict)
data_dict['username'] = user_dict['name']
data_dict['role'] = data_dict.get('role', 'editor')
c.group_dict = self._action('group_member_create')(context, data_dict)
self._redirect_to(controller='group', action='members', id=id)
else:
user = request.params.get('user')
if user:
c.user_dict = get_action('user_show')(context, {'id': user})
c.user_role = new_authz.users_role_for_group_or_org(id, user) or 'member'
else:
c.user_role = 'member'
c.group_dict = self._action('group_show')(context, {'id': id})
except NotAuthorized:
abort(401, _('Unauthorized to add member to group %s') % '')
except NotFound:
abort(404, _('Group not found'))
except ValidationError, e:
h.flash_error(e.error_summary)
