def share_groups(request):
'''Shares the node's access control groups as a JSON-formatted list.'''
if (request.method=='GET'):
response_data = {}
# current node
current_site = Site.objects.get_current()
response_data['site'] = serialize_site(current_site)
# list groups from this node, index by group name
print 'Listing visible groups for current site=%s' % current_site
groups = {}
for group in registrationService.listGroups():
if group['visible'] and group['name'].lower() != 'wheel':
groups[ group['name'] ] = group
response_data["groups"] = groups
return HttpResponse(json.dumps(response_data, indent=4), content_type=JSON)
else:
return HttpResponseNotAllowed(['GET'])
def share_groups(request):
'''Shares the node's access control groups as a JSON-formatted list.'''
if (request.method == 'GET'):
response_data = {}
# current node
current_site = Site.objects.get_current()
response_data['site'] = serialize_site(current_site)
# list groups from this node, index by group name
print 'Listing visible groups for current site=%s' % current_site
groups = {}
for group in registrationService.listGroups():
if group['visible'] and group['name'].lower() != 'wheel':
groups[group['name']] = group
response_data["groups"] = groups
return HttpResponse(json.dumps(response_data, indent=4),
content_type=JSON)
else:
return HttpResponseNotAllowed(['GET'])
def ac_subscribe(request, group_name):
"""
View to request an access control permission.
Currently, it can only be used to request ROLE_USER.
"""
title = "%s Data Access Request" % group_name
template = "cog/access_control/subscribe.html"
# prevent requests to 'wheel' group
if group_name == "wheel":
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# check that group exists in local database
group_list = registrationService.listGroups()
group_names = [str(groupDict["name"]) for groupDict in group_list]
if not group_name in group_names:
return HttpResponseForbidden(GROUP_NOT_FOUND_MESSAGE)
# display submission form
if request.method == "GET":
try:
status = registrationService.status(request.user.profile.openid(), group_name, ROLE_USER)
except ObjectDoesNotExist:
# user does not exist in ESGF database
print "Inserting user into ESGF security database"
esgfDatabaseManager.insertEsgfUser(request.user.profile)
status = None
licenseTxt = None
licenseHtml = None
try:
licenseFile = "cog/access_control/licenses/%s.txt" % group_name
licenseTxt = render_to_string(licenseFile)
except TemplateDoesNotExist:
try:
licenseFile = "cog/access_control/licenses/%s.html" % group_name
licenseHtml = render_to_string(licenseFile)
except TemplateDoesNotExist:
pass
return render(
request,
template,
{
"title": title,
"group_name": group_name,
"status": status,
"licenseTxt": licenseTxt,
"licenseHtml": licenseHtml,
},
)
# process submission form
else:
approved = registrationService.subscribe(request.user.profile.openid(), group_name, ROLE_USER)
# notify node administrators
if not approved:
notifyAdmins(group_name, request.user.id, request)
# (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse("ac_subscribe", kwargs={"group_name": group_name}) + "?approved=%s" % approved
)
def ac_subscribe(request, group_name):
"""
View to request an access control permission.
Currently, it can only be used to request ROLE_USER.
"""
title = '%s Data Access Request' % group_name
template = 'cog/access_control/subscribe.html'
# prevent requests to 'wheel' group
if group_name == 'wheel':
return HttpResponseForbidden(PERMISSION_DENIED_MESSAGE)
# check that group exists in local database
group_list = registrationService.listGroups()
group_names = [str(groupDict['name']) for groupDict in group_list]
if not group_name in group_names:
return HttpResponseForbidden(GROUP_NOT_FOUND_MESSAGE)
# display submission form
if request.method == 'GET':
try:
status = registrationService.status(request.user.profile.openid(),
group_name, ROLE_USER)
except ObjectDoesNotExist:
# user does not exist in ESGF database
print 'Inserting user into ESGF security database'
esgfDatabaseManager.insertEsgfUser(request.user.profile)
status = None
licenseTxt = None
licenseHtml = None
try:
licenseFile = 'cog/access_control/licenses/%s.txt' % group_name
licenseTxt = render_to_string(licenseFile)
except TemplateDoesNotExist:
try:
licenseFile = 'cog/access_control/licenses/%s.html' % group_name
licenseHtml = render_to_string(licenseFile)
except TemplateDoesNotExist:
pass
return render(
request, template, {
'title': title,
'group_name': group_name,
'status': status,
'licenseTxt': licenseTxt,
'licenseHtml': licenseHtml
})
# process submission form
else:
approved = registrationService.subscribe(request.user.profile.openid(),
group_name, ROLE_USER)
# notify node administrators
if not approved:
notifyAdmins(group_name, request.user.id, request)
# (GET-POST-REDIRECT)
return HttpResponseRedirect(
reverse('ac_subscribe', kwargs={'group_name': group_name}) +
"?approved=%s" % approved)
