Exemplo n.º 1
0
    def execute(my):

        web = WebContainer.get_web()
        if web.get_form_value("update") != "true":
            return

        my.element_name = my.kwargs.get("element_name")

        security_groups = web.get_form_values("security")
        from pyasm.security import AccessRuleBuilder, AccessManager

        rule_group = "side_bar"

        # get all of the groups
        search = Search("sthpw/login_group")
        login_groups = search.get_sobjects()

        for login_group in login_groups:

            access_rules = login_group.get_xml_value("access_rules")

            # add the rule to each group
            builder = AccessRuleBuilder(access_rules)

            code = login_group.get_value("login_group")
            if code in security_groups:
                builder.remove_rule(rule_group, my.element_name)
            else:
                builder.add_rule(rule_group, my.element_name, "deny")

            login_group.set_value("access_rules", builder.to_string())
            login_group.commit()
Exemplo n.º 2
0
    def execute(my):

        web = WebContainer.get_web()
        if web.get_form_value("update") != "true":
            return

        my.element_name = my.kwargs.get("element_name")

        security_groups = web.get_form_values("security")
        from pyasm.security import AccessRuleBuilder, AccessManager

        rule_group = "side_bar"

        # get all of the groups
        search = Search("sthpw/login_group")
        login_groups = search.get_sobjects()

        for login_group in login_groups:

            access_rules = login_group.get_xml_value("access_rules")

            # add the rule to each group
            builder = AccessRuleBuilder(access_rules)

            code = login_group.get_value("login_group")
            if code in security_groups:
                builder.remove_rule(rule_group, my.element_name)
            else:
                builder.add_rule(rule_group, my.element_name, "deny")

            login_group.set_value("access_rules", builder.to_string())
            login_group.commit()
Exemplo n.º 3
0
    def execute(my):

        web = WebContainer.get_web()
        if web.get_form_value("update") != "true":
            return

        my.element_name = my.kwargs.get("element_name")

        security_groups = web.get_form_values("security")
        from pyasm.security import AccessRuleBuilder, AccessManager

        rule_group = "side_bar"

        for security_group in security_groups:
            if not security_group:
                continue

            search = Search("sthpw/login_group")
            search.add_filter("login_group", security_group)
            login_group = search.get_sobject()
            assert login_group

            access_rules = login_group.get_xml_value("access_rules")

            # add the rule to each group
            builder = AccessRuleBuilder(access_rules)
            builder.add_rule(rule_group, my.element_name, "deny")

            login_group.set_value("access_rules", builder.to_string())
            login_group.commit()
Exemplo n.º 4
0
    def execute(self):

        web = WebContainer.get_web()
        if web.get_form_value("update") != "true":
            return

        self.element_name = self.kwargs.get("element_name")

        security_groups = web.get_form_values("security")
        from pyasm.security import AccessRuleBuilder, AccessManager

        rule_group = "side_bar"

        for security_group in security_groups:
            if not security_group:
                continue

            search = Search("sthpw/login_group")
            search.add_filter("login_group", security_group)
            login_group = search.get_sobject()
            assert login_group

            access_rules = login_group.get_xml_value("access_rules")

            # add the rule to each group
            builder = AccessRuleBuilder(access_rules)
            builder.add_rule(rule_group, self.element_name, "deny")

            login_group.set_value("access_rules", builder.to_string())
            login_group.commit()
Exemplo n.º 5
0
    def execute(my):

        search_key = my.search_key
        assert search_key

        sobject = SearchKey.get_by_search_key(search_key)
        xml = sobject.get_xml_value("access_rules")

        from pyasm.security import AccessRuleBuilder
        builder = AccessRuleBuilder(xml=xml)

        web = WebContainer.get_web()
        rules = web.get_form_values("rule")


        # sync the rules
        group = "builtin"
        group_default = 'deny'
        builder.add_default_rule(group, group_default)
        default_attr = builder.get_default(group)
        
        for item in permission_list:
            key = item.get('key')
            if key in rules:
                if default_attr == 'deny':
                    access = "allow"
                    builder.add_rule(group, key, access)
                else:
                    builder.remove_rule(group, key)
            else:
                if default_attr == 'deny':
                    builder.remove_rule(group, key)
                else:
                    access = "deny"
                    builder.add_rule(group, key, access)

        new_rules = builder.to_string()
        sobject.set_value("access_rules", new_rules)
        sobject.commit()
        my.add_description('Built-in access rules updated sucessfully!')
Exemplo n.º 6
0
    def execute(self):

        search_key = self.search_key
        assert search_key

        sobject = SearchKey.get_by_search_key(search_key)
        xml = sobject.get_xml_value("access_rules")

        from pyasm.security import AccessRuleBuilder
        builder = AccessRuleBuilder(xml=xml)

        web = WebContainer.get_web()
        rules = web.get_form_values("rule")


        # sync the rules
        group = "builtin"
        group_default = 'deny'
        builder.add_default_rule(group, group_default)
        default_attr = builder.get_default(group)
        
        for item in permission_list:
            key = item.get('key')
            if key in rules:
                if default_attr == 'deny':
                    access = "allow"
                    builder.add_rule(group, key, access)
                else:
                    builder.remove_rule(group, key)
            else:
                if default_attr == 'deny':
                    builder.remove_rule(group, key)
                else:
                    access = "deny"
                    builder.add_rule(group, key, access)

        new_rules = builder.to_string()
        sobject.set_value("access_rules", new_rules)
        sobject.commit()
        self.add_description('Built-in access rules updated sucessfully!')