Exemplo n.º 1
0
    def filter_transaction(self, log, server):

        transaction_xml = log.get_xml_value("transaction")

        rules = server.get_value("access_rules")
        if not rules:
            rules = "<rules/>"

        #rules = '''
        #<rules>
        #<rule group='project' code='*' access='allow'/>
        #<rule group='search_type' code='sthpw/note' access='allow'/>
        #<rule group='search_type' code='new_project/brochures' access='allow'/>
        #</rules>
        #'''

        from tactic.ui.sync import SyncFilter
        sync_filter = SyncFilter(rules=rules, transaction=log)
        sync_filter.execute()

        filtered_xml = sync_filter.get_filtered_xml()
        message = sync_filter.get_message()
        return message, filtered_xml
Exemplo n.º 2
0
    def execute(self):
        input = self.get_input()


        search_type = input.get('search_type')
        if search_type != 'sthpw/transaction_log':
            print("ERROR: this trigger can only be executed for transaction_logs")
            return

        
        project = Project.get()

        # Block admin project from syncing
        # NOTE: maybe need an option to enable this?
        if project.get_code() == 'admin':
            return


        log = input.get('sobject')
        transaction_code = log.get_value("code")

        # if this is a remote transaction, then do not create a job for it
        local_prefix = Config.get_value("install", "server")


        search = Search("sthpw/sync_server")
        search.add_filter("state", "online")
        servers = search.get_sobjects()
        #print("servers: ", len(servers))




        # These are usually determined by the server entry
        #sync_mode = input.get('mode')
        #if not sync_mode or sync_mode == 'default':
        #    sync_mode = 'xmlrpc'
        ## This will transaction into a "file" folder
        #sync_mode = "file"

        #file_mode = 'delayed'
        #file_mode = 'upload'


        # get some user info
        env = Environment.get()
        #user = env.get_user_name()
        #ticket = env.get_ticket()

        project_code = Project.get_project_code()

        from pyasm.security import AccessManager
        access_manager = AccessManager()


        for server in servers:

            # check security
            #if not self.check_security(server):
            #    print("Transaction denied due to security restrictions")
            #    continue

            server_code = server.get_code()

            # don't publish a transaction back to the original server
            if log.get_value("server_code") == server_code:
                continue

            # check project security
            rules = server.get_value("access_rules");
            if not rules:
                rules = "<rules/>"
            access_manager.add_xml_rules(rules)

            # filter based on project code
            namespace = log.get_value("namespace")
            key1 = { 'code': namespace }
            key2 = { 'code': '*' }
            keys = [key1, key2]
            if not access_manager.check_access("project", keys, "allow", default="deny"):
                continue


            # filter based on transaction key
            """
            keywords = log.get_value("kewords", no_exception=True)
            key1 = { 'keywords': keywords }
            key2 = { 'keywords': '*' }
            keys = [key1, key2]
            if not access_manager.check_access("transaction", keys, "allow", default="deny"):
                continue
            """


            # filter out any specific rules from transaction itself
            from tactic.ui.sync import SyncFilter
            sync_filter = SyncFilter(rules=rules, transaction=log)
            sync_filter.execute()

            filtered_xml = sync_filter.get_filtered_xml()
            message = sync_filter.get_message()


            # create a new job entry
            job = SearchType.create("sthpw/sync_job")
            job.set_value("state", "pending")
            job.set_value("server_code", server_code)
            job.set_value("transaction_code", transaction_code)
            job.set_user()

            job.set_value("command", "tactic.command.TransactionQueueCmd")
            kwargs = {
                'server': server.get_value("code"),
                'transaction_code': transaction_code,
                'project_code': project_code,
                #'file_mode': file_mode,
                #'sync_mode': sync_mode
            }
            job.set_json_value("data", kwargs)
            job.commit()
Exemplo n.º 3
0
    def execute(my):
        input = my.get_input()


        search_type = input.get('search_type')
        if search_type != 'sthpw/transaction_log':
            print "ERROR: this trigger can only be executed for transaction_logs"
            return

        
        project = Project.get()
        # Things done in the Admin project are not sync'd.
        # NOTE: maybe need an option to enable this?
        if project.get_code() == 'admin':
            return


        log = input.get('sobject')
        transaction_code = log.get_value("code")

        # if this is a remote transaction, then do not create a job for it
        local_prefix = Config.get_value("install", "server")


        search = Search("sthpw/sync_server")
        search.add_filter("state", "online")
        servers = search.get_sobjects()


        #print "servers: ", len(servers)

        mode = input.get('mode')
        if not mode or mode == 'default':
            mode = 'xmlrpc'
        # This will transaction into a "file" folder
        mode = "file"


        file_mode = 'upload'

        # get some user info
        env = Environment.get()
        #user = env.get_user_name()
        #ticket = env.get_ticket()

        project_code = Project.get_project_code()

        from pyasm.security import AccessManager
        access_manager = AccessManager()


        for server in servers:

            # FIXME
            # check security
            #if not my.check_security(server):
            #    print "Transaction denied due to security restrictions"
            #    continue

            server_code = server.get_code()

            # don't publish a transaction back to the original server
            if log.get_value("server_code") == server_code:
                continue

            # check project security
            rules = server.get_value("access_rules");
            if not rules:
                rules = "<rules/>"
            access_manager.add_xml_rules(rules)

            namespace = log.get_value("namespace")
            key1 = { 'code': namespace }
            key2 = { 'code': '*' }
            keys = [key1, key2]
            if not access_manager.check_access("project", keys, "allow", default="deny"):
                continue



            from tactic.ui.sync import SyncFilter
            sync_filter = SyncFilter(rules=rules, transaction=log)
            sync_filter.execute()

            filtered_xml = sync_filter.get_filtered_xml()
            message = sync_filter.get_message()


            # create a new job entry
            job = SearchType.create("sthpw/sync_job")
            job.set_value("state", "pending")
            job.set_value("server_code", server_code)
            job.set_value("transaction_code", transaction_code)
            job.set_user()

            host = server.get_value("host")


            job.set_value("command", "tactic.command.TransactionQueueCmd")
            kwargs = {
                'server': server.get_value("code"),
                'transaction_code': transaction_code,
                'file_mode': file_mode,
                'project_code': project_code,
                'mode': mode
            }
            job.set_json_value("data", kwargs)
            job.commit()