def __addNewUsersCheckInput(self, _count, credit, owner_name, creator_name,
group_name, remote_address,
credit_change_comment, user_ids):
if not isInt(_count) or _count <= 0:
raise GeneralException(
errorText("USER_ACTIONS", "INVALID_USER_COUNT") % _count)
if not isFloat(credit):
raise GeneralException(
errorText("USER_ACTIONS", "CREDIT_NOT_FLOAT"))
if credit < 0:
raise GeneralException(
errorText("USER_ACTIONS", "CREDIT_MUST_BE_POSITIVE"))
admin_main.getLoader().checkAdminName(owner_name)
admin_main.getLoader().checkAdminName(creator_name)
group_main.getLoader().checkGroupName(group_name)
if user_ids:
if len(user_ids) != _count:
raise GeneralException(
errorText("USER_ACTIONS", "USER_IDS_COUNT_NOT_MATCH"))
for user_id in user_ids:
if not isInt(user_id):
raise GeneralException(
errorText("USER", "INVALID_USER_ID") % user_id)
def delGroup(self, group_name):
"""
delete group with name "group_name"
"""
self.__delGroupCheckInput(group_name)
group_obj = group_main.getLoader().getGroupByName(group_name)
self.__checkGroupUsageInUsers(group_obj)
self.__deleteGroupDB(group_obj.getGroupID())
group_main.getLoader().unloadGroup(group_obj.getGroupID())
def delGroup(self,group_name):
"""
delete group with name "group_name"
"""
self.__delGroupCheckInput(group_name)
group_obj=group_main.getLoader().getGroupByName(group_name)
self.__checkGroupUsageInUsers(group_obj)
self.__deleteGroupDB(group_obj.getGroupID())
group_main.getLoader().unloadGroup(group_obj.getGroupID())
def __updateGroupCheckInput(self,group_id,group_name,comment,owner_name):
group_obj=group_main.getLoader().getGroupByID(group_id)
if group_obj.getGroupName()!=group_name:
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name)
if not isValidName(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name)
admin_main.getLoader().checkAdminName(owner_name)
def updateGroup(self,group_id,group_name,comment,owner_name): """ update group information with id "group_id" notice that group_name is changable """ self.__updateGroupCheckInput(group_id,group_name,comment,owner_name) admin_obj=admin_main.getLoader().getAdminByName(owner_name) self.__updateGroupDB(group_id,group_name,comment,admin_obj.getAdminID()) group_main.getLoader().unloadGroup(group_id) group_main.getLoader().loadGroup(group_id)
def updateGroup(self, group_id, group_name, comment, owner_name):
"""
update group information with id "group_id"
notice that group_name is changable
"""
self.__updateGroupCheckInput(group_id, group_name, comment, owner_name)
admin_obj = admin_main.getLoader().getAdminByName(owner_name)
self.__updateGroupDB(group_id, group_name, comment,
admin_obj.getAdminID())
group_main.getLoader().unloadGroup(group_id)
group_main.getLoader().loadGroup(group_id)
def addGroup(self,group_name,comment,owner_id): """ add a new group with name "group_name" group_name(string): name of a new group owner_id(integer): id of owner admin id comment(string): """ self.__addGroupCheckInput(group_name,comment,owner_id) group_id=self.__getNewGroupSeq() self.__addGroupDB(group_id,group_name,comment,owner_id) group_main.getLoader().loadGroup(group_id)
def addGroup(self, group_name, comment, owner_id):
"""
add a new group with name "group_name"
group_name(string): name of a new group
owner_id(integer): id of owner admin id
comment(string):
"""
self.__addGroupCheckInput(group_name, comment, owner_id)
group_id = self.__getNewGroupSeq()
self.__addGroupDB(group_id, group_name, comment, owner_id)
group_main.getLoader().loadGroup(group_id)
def __addNewUsersCheckInput(self,_count,credit,owner_name,creator_name,group_name,remote_address,credit_change_comment):
if not isInt(_count) or _count<=0:
raise GeneralException(errorText("USER_ACTIONS","INVALID_USER_COUNT")%_count)
if not isFloat(credit):
raise GeneralException(errorText("USER_ACTIONS","CREDIT_NOT_FLOAT"))
if credit<0:
raise GeneralException(errorText("USER_ACTIONS","CREDIT_MUST_BE_POSITIVE"))
admin_main.getLoader().checkAdminName(owner_name)
admin_main.getLoader().checkAdminName(creator_name)
group_main.getLoader().checkGroupName(group_name)
def __updateGroupCheckInput(self, group_id, group_name, comment,
owner_name):
group_obj = group_main.getLoader().getGroupByID(group_id)
if group_obj.getGroupName() != group_name:
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name)
if not isValidName(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_INVALID") % group_name)
admin_main.getLoader().checkAdminName(owner_name)
def __reloadGroups(self, admin_id):
"""
reload groups with owner of deleted admin
"""
all_groups = group_main.getLoader().getAllGroupNames()
for group_name in all_groups:
try:
group_obj = group_main.getLoader().getGroupByName(group_name)
except GeneralException:
pass
if group_obj.getOwnerID() == admin_id:
group_main.getLoader().loadGroupByName(group_name)
def run(self):
users_table=self.getSearchHelper().getTable("users")
users_table.exactSearch(self.getSearchHelper(),
"group_name",
"group_id",
lambda x:group_main.getLoader().getGroupByName(x).getGroupID()
)
def addNewUsersQuery(self,
_count,
credit,
owner_name,
group_name,
ibs_query,
user_ids=None):
"""
_count(integer): count of users
owner_name(string): name of owner admin
credit(float): amount of credit users will have,
group_name(string): name of group string
ibs_query(IBSQuery instance): IBSQuery instance we'll add query to
user_ids(None or list of int): user_ids to use for created users.
if set to None generate new ids
XXX: add this: if credit is an empty string, group initial_credit
is used, or an exception is raised if there's no initial_credit for user
return a list of user ids of newly added users
"""
owner_admin_obj = admin_main.getLoader().getAdminByName(owner_name)
group_obj = group_main.getLoader().getGroupByName(group_name)
if not user_ids:
user_ids = self.__generateUserIDs(_count)
self.__insertBasicUsersQueries(_count, user_ids, credit,
owner_admin_obj.getAdminID(),
group_obj.getGroupID(), ibs_query)
return user_ids
def listGroups(self,request): """ return a list of group names, that requester admin has access to """ request.needAuthType(request.ADMIN) requester=request.getAuthNameObj() group_names=group_main.getLoader().getAllGroupNames() return filter(requester.canUseGroup,group_names)
def __addGroupCheckInput(self,group_name,comment,owner_id):
if not isValidName(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_INVALID")%group_name)
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(errorText("GROUPS","GROUP_NAME_TAKEN")%group_name)
admin_main.getLoader().checkAdminID(owner_id)
def __fixGroupNames(self, db_usages):
group_usages = []
for row in db_usages:
group_name = group_main.getLoader().getGroupByID(
row["group_id"]).getGroupName()
group_usages.append((group_name, row["duration"]))
return group_usages
def check(self, admin_obj, admin_perm_obj, group_name):
if admin_perm_obj.getValue(
) == "All" and not admin_obj.canUseGroup(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_CHANGE_DENIED") % group_name)
elif group_main.getLoader().getGroupByName(
group_name).getOwnerID() != admin_obj.getAdminID():
raise GeneralException(
errorText("GROUPS", "GROUP_CHANGE_DENIED") % group_name)
def updateGroupAttrs(self,group_name,attrs,to_del_attrs,admin_obj): """ update group attributes attrs(dic): a dic of attributes in format attr_name=>attr_value that tell "I want these attributes have these values", so attrs may contain only a portion of attributes and not all of them to_del_attrs(list): list of attributes that should be deleted from group admin_obj(Admin instance): admin that request this update """ group_obj=group_main.getLoader().getGroupByName(group_name) changed_attr_updaters=user_main.getAttributeManager().getAttrUpdaters(attrs,"change") deleted_attr_updaters=user_main.getAttributeManager().getAttrUpdaters(to_del_attrs,"delete") ibs_query=IBSQuery() self.__getChangedQuery(ibs_query,group_obj,changed_attr_updaters,admin_obj) self.__getDeletedQuery(ibs_query,group_obj,deleted_attr_updaters,admin_obj) ibs_query.runQuery() group_main.getLoader().loadGroupByName(group_name) self.__broadcastChange() self.__callPostUpdates(changed_attr_updaters,deleted_attr_updaters)
def __addGroupCheckInput(self, group_name, comment, owner_id):
if not isValidName(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_INVALID") % group_name)
if group_main.getLoader().groupNameExists(group_name):
raise GeneralException(
errorText("GROUPS", "GROUP_NAME_TAKEN") % group_name)
admin_main.getLoader().checkAdminID(owner_id)
def __checkChargeUsageInGroups(self, charge_obj, attr_name):
group_ids = group_main.getActionManager().getGroupIDsWithAttr(
attr_name, charge_obj.getChargeID())
if len(group_ids) > 0:
raise GeneralException(
errorText("CHARGES", "CHARGE_USED_IN_GROUP") %
(charge_obj.getChargeName(), ",".join(
map(
lambda _id: group_main.getLoader().getGroupByID(_id).
getGroupName(), group_ids))))
def getGroupInfo(self,request):
"""
group_name(string): group name to return info for
"""
request.needAuthType(request.ADMIN)
request.checkArgs("group_name")
requester=request.getAuthNameObj()
if not requester.canUseGroup(request["group_name"]):
raise GeneralException(errorText("GROUPS","ACCESS_TO_GROUP_DENIED")%request["group_name"])
group_obj=group_main.getLoader().getGroupByName(request["group_name"])
return group_obj.getInfo(request.getDateType())
def listGroups(self,request):
"""
return a list of group names, that requester admin has access to
"""
request.needAuthType(request.ADMIN)
requester=request.getAuthNameObj()
group_names=group_main.getLoader().getAllGroupNames()
group_names = filter(requester.canUseGroup,group_names)
sorted_group_names = SortedList(group_names)
sorted_group_names.sort(False)
return sorted_group_names.getList()
def __createReportResult(self, result, date_type):
for row in result:
row["change_time_formatted"] = AbsDate(
row["change_time"], "gregorian").getDate(date_type)
row["admin_name"] = admin_main.getLoader().getAdminByID(
row["admin_id"]).getUsername()
if row["is_user"] == "t":
row["username"] = user_main.getActionManager(
).getUsernameReprForUserID(row["object_id"])
else:
row["group_name"] = group_main.getLoader().getGroupByID(
row["object_id"]).getGroupName()
return result
def updateGroupAttrs(self, group_name, attrs, to_del_attrs, admin_obj):
"""
update group attributes
attrs(dic): a dic of attributes in format attr_name=>attr_value that tell "I want these attributes
have these values", so attrs may contain only a portion of attributes and not all of them
to_del_attrs(list): list of attributes that should be deleted from group
admin_obj(Admin instance): admin that request this update
"""
group_obj = group_main.getLoader().getGroupByName(group_name)
changed_attr_updaters = user_main.getAttributeManager(
).getAttrUpdaters(attrs, "change")
deleted_attr_updaters = user_main.getAttributeManager(
).getAttrUpdaters(to_del_attrs, "delete")
ibs_query = IBSQuery()
self.__getChangedQuery(ibs_query, group_obj, changed_attr_updaters,
admin_obj)
self.__getDeletedQuery(ibs_query, group_obj, deleted_attr_updaters,
admin_obj)
ibs_query.runQuery()
group_main.getLoader().loadGroupByName(group_name)
self.__broadcastChange()
self.__callPostUpdates(changed_attr_updaters, deleted_attr_updaters)
def updateQuery(self, ibs_query, src, action, **args):
group_obj = group_main.getLoader().getGroupByName(self.group_name)
for user_id in args["users"]:
ibs_query += ibs_db.createUpdateQuery(
"users", {"group_id": group_obj.getGroupID()},
"user_id=%s" % user_id)
if defs.USER_AUDIT_LOG:
ibs_query += user_main.getUserAuditLogManager(
).userAuditLogQuery(
args["admin_obj"].getAdminID(), True, user_id, "group",
args["users"]
[user_id].getBasicUser().getGroupObj().getGroupName(),
self.group_name)
return ibs_query
def __addGroupAttrsForUser(self, user_info, date_type):
"""
add group attributes to attr dic, if user doesn't have the attr. Users don't have
access to groups, and they doesn't know about user/group logic.
"""
group_obj = group_main.getLoader().getGroupByID(
user_info["basic_info"]["group_id"])
group_attrs = group_obj.getParsedAttrs(date_type)
for attr_name in group_attrs:
#if it's not set in user
if attr_name not in user_info["attrs"]:
user_info["attrs"][attr_name] = group_attrs[attr_name]
return user_info
def getGroupInfo(self,request):
"""
group_name(string): group name to return info for
"""
request.needAuthType(request.ADMIN)
request.checkArgs("group_name")
requester=request.getAuthNameObj()
if not requester.canUseGroup(request["group_name"]):
raise GeneralException(errorText("GROUPS","ACCESS_TO_GROUP_DENIED"))
group_obj=group_main.getLoader().getGroupByName(request["group_name"])
return {"group_id":group_obj.getGroupID(),
"group_name":group_obj.getGroupName(),
"comment":group_obj.getComment(),
"owner_id":group_obj.getOwnerID(),
"owner_name":admin_main.getLoader().getAdminByID(group_obj.getOwnerID()).getUsername(),
"raw_attrs":group_obj.getAttrs(),
"attrs":user_main.getAttributeManager().parseAttrs(group_obj.getAttrs(),request.getDateType())
}
def canUseGroup(self, group_name):
"""
return True if admin can use group with name "group_name"
"""
if self.isGod() or self.hasPerm("ACCESS ALL GROUPS"):
return True
if group_main.getLoader().getGroupByName(
group_name).getOwnerID() == self.getAdminID():
return True
if self.hasPerm("GROUP ACCESS"):
try:
self.checkPerm("GROUP ACCESS", group_name)
return True
except PermissionException:
return False
return False
def addNewUsersQuery(self,_count,credit,owner_name,group_name,ibs_query): """ _count(integer): count of users owner_name(string): name of owner admin credit(float): amount of credit users will have, group_name(string): name of group string ibs_query(IBSQuery instance): IBSQuery instance we'll add query to XXX: add this: if credit is an empty string, group initial_credit is used, or an exception is raised if there's no initial_credit for user return a list of user ids of newly added users """ owner_admin_obj=admin_main.getLoader().getAdminByName(owner_name) group_obj=group_main.getLoader().getGroupByName(group_name) user_ids=self.__generateUserIDs(_count) self.__insertBasicUsersQueries(_count,user_ids,credit,owner_admin_obj.getAdminID(),group_obj.getGroupID(),ibs_query) return user_ids
def applyConditions(self):
"""
Apply conditions on tables, should check conditions here
"""
user_audit_table = self.search_helper.getTable("user_audit_log")
self.__addAdminCondition(user_audit_table)
if self.search_helper.hasCondFor("user_ids"):
if self.search_helper.getCondValue("user_ids") != "":
user_audit_table.exactSearch(self.search_helper, "user_ids",
"object_id", MultiStr)
user_audit_table.getRootGroup().addGroup("is_user = '******'")
if self.search_helper.hasCondFor("group_name"):
if self.search_helper.getCondValue("group_name") != "":
user_audit_table.exactSearch(
self.search_helper, "group_name", "object_id",
lambda group_name: group_main.getLoader().getGroupByName(
group_name).getGroupID())
user_audit_table.getRootGroup().addGroup("is_user = '******'")
user_audit_table.exactSearch(self.search_helper, "attr_names",
"attr_name", MultiStr)
self.search_helper.setCondValue("change_time_from_op", ">=")
user_audit_table.dateSearch(self.search_helper, "change_time_from",
"change_time_from_unit",
"change_time_from_op", "change_time")
self.search_helper.setCondValue("change_time_to_op", "<")
user_audit_table.dateSearch(self.search_helper, "change_time_to",
"change_time_to_unit", "change_time_to_op",
"change_time")
def __getGroupObj(self): """ maybe group attributes changed during """ return group_main.getLoader().getGroupByID(self.group_id)
def getValueCandidates(self): return group_main.getLoader().getAllGroupNames()
def checkNewValue(self,new_val): group_main.getLoader().checkGroupName(new_val)
def __delGroupCheckInput(self, group_name):
group_main.getLoader().checkGroupName(group_name)
def check(self,admin_obj,admin_perm_obj,group_name):
if admin_perm_obj.getValue()=="All" and not admin_obj.canUseGroup(group_name):
raise GeneralException(errorText("GROUPS","GROUP_CHANGE_DENIED")%group_name)
elif group_main.getLoader().getGroupByName(group_name).getOwnerID()!=admin_obj.getAdminID():
raise GeneralException(errorText("GROUPS","GROUP_CHANGE_DENIED")%group_name)
def checkInput(self,src,action,arg_dic):#XXX check access of admin to this group group_main.getLoader().checkGroupName(self.group_name)
def getGroupObj(self): return group_main.getLoader().getGroupByID(self.group_id)
from core.group import group_main print str(group_main.getLoader().groups_name)
from core.group import group_main
print str(group_main.getLoader().getGroupByName("test2").getAttrs())
def getValueCandidates(self):
return group_main.getLoader().getAllGroupNames()
def run(self):
users_table = self.getSearchHelper().getTable("users")
users_table.exactSearch(
self.getSearchHelper(), "group_name", "group_id",
lambda x: group_main.getLoader().getGroupByName(x).getGroupID())
def checkInput(self, src, action,
arg_dic): #XXX check access of admin to this group
group_main.getLoader().checkGroupName(self.group_name)
from core.group import group_main print str(group_main.getLoader().groups_name)
def __getGroupObj(self):
"""
maybe group attributes changed during
"""
return group_main.getLoader().getGroupByID(self.group_id)
def getGroupObj(self):
return group_main.getLoader().getGroupByID(self.group_id)
def __delGroupCheckInput(self,group_name): group_main.getLoader().checkGroupName(group_name)
def checkNewValue(self, new_val):
group_main.getLoader().checkGroupName(new_val)
def updateQuery(self,ibs_query,src,action,**args):
group_obj=group_main.getLoader().getGroupByName(self.group_name)
for user_id in args["users"]:
ibs_query+=ibs_db.createUpdateQuery("users",{"group_id":group_obj.getGroupID()},"user_id=%s"%user_id)
return ibs_query
