def group_list(context, data_dict): '''Returns a list of groups''' model = context['model'] user = context['user'] api = context.get('api_version') or '1' ref_group_by = 'id' if api == '2' else 'name' order_by = data_dict.get('order_by', 'name') if order_by not in set(('name', 'packages')): raise logic.ParameterError('"order_by" value %r not implemented.' % order_by) all_fields = data_dict.get('all_fields', None) check_access('group_list', context, data_dict) query = model.Session.query(model.Group).join(model.GroupRevision) query = query.filter(model.GroupRevision.state == 'active') query = query.filter(model.GroupRevision.current == True) if order_by == 'name': sort_by, reverse = 'name', False groups = query.all() if order_by == 'packages': sort_by, reverse = 'packages', True group_list = model_dictize.group_list_dictize(groups, context, lambda x: x[sort_by], reverse) if not all_fields: group_list = [group[ref_group_by] for group in group_list] return group_list
def string_to_timedelta(s): '''Parse a string s and return a standard datetime.timedelta object. Handles days, hours, minutes, seconds, and microseconds. Accepts strings in these formats: 2 days 14 days 4:35:00 (hours, minutes and seconds) 4:35:12.087465 (hours, minutes, seconds and microseconds) 7 days, 3:23:34 7 days, 3:23:34.087465 .087465 (microseconds only) :raises ckan.logic.ParameterError: if the given string does not match any of the recognised formats ''' patterns = [] days_only_pattern = '(?P<days>\d+)\s+day(s)?' patterns.append(days_only_pattern) hms_only_pattern = '(?P<hours>\d?\d):(?P<minutes>\d\d):(?P<seconds>\d\d)' patterns.append(hms_only_pattern) ms_only_pattern = '.(?P<milliseconds>\d\d\d)(?P<microseconds>\d\d\d)' patterns.append(ms_only_pattern) hms_and_ms_pattern = hms_only_pattern + ms_only_pattern patterns.append(hms_and_ms_pattern) days_and_hms_pattern = '{0},\s+{1}'.format(days_only_pattern, hms_only_pattern) patterns.append(days_and_hms_pattern) days_and_hms_and_ms_pattern = days_and_hms_pattern + ms_only_pattern patterns.append(days_and_hms_and_ms_pattern) for pattern in patterns: match = re.match('^{0}$'.format(pattern), s) if match: break if not match: raise logic.ParameterError('Not a valid time: {0}'.format(s)) gd = match.groupdict() days = int(gd.get('days', '0')) hours = int(gd.get('hours', '0')) minutes = int(gd.get('minutes', '0')) seconds = int(gd.get('seconds', '0')) milliseconds = int(gd.get('milliseconds', '0')) microseconds = int(gd.get('microseconds', '0')) delta = datetime.timedelta(days=days, hours=hours, minutes=minutes, seconds=seconds, milliseconds=milliseconds, microseconds=microseconds) return delta
def send_email_notifications(context, data_dict): '''Send any pending activity stream notification emails to users. You must provide a sysadmin's API key in the Authorization header of the request, or call this action from the command-line via a `paster post ...` command. ''' # If paste.command_request is True then this function has been called # by a `paster post ...` command not a real HTTP request, so skip the # authorization. if not pylons.request.environ.get('paste.command_request'): _check_access('send_email_notifications', context, data_dict) if not paste.deploy.converters.asbool( pylons.config.get('ckan.activity_streams_email_notifications')): raise logic.ParameterError('ckan.activity_streams_email_notifications' ' is not enabled in config') ckan.lib.email_notifications.get_and_send_notifications_for_all_users()
def user_role_update(context, data_dict): '''Update a user or authorization group's roles for a domain object. Either the ``user`` or the ``authorization_group`` parameter must be given. You must be authorized to update the domain object. To delete all of a user or authorization group's roles for domain object, pass an empty list ``[]`` to the ``roles`` parameter. :param user: the name or id of the user :type user: string :param authorization_group: the name or id of the authorization group :type authorization_group: string :param domain_object: the name or id of the domain object (e.g. a package, group or authorization group) :type domain_object: string :param roles: the new roles, e.g. ``['editor']`` :type roles: list of strings :returns: the updated roles of all users and authorization_groups for the domain object :rtype: dictionary ''' model = context['model'] new_user_ref = data_dict.get( 'user') # the user who is being given the new role new_authgroup_ref = data_dict.get( 'authorization_group') # the authgroup who is being given the new role if bool(new_user_ref) == bool(new_authgroup_ref): raise logic.ParameterError( 'You must provide either "user" or "authorization_group" parameter.' ) domain_object_ref = _get_or_bust(data_dict, 'domain_object') if not isinstance(data_dict['roles'], (list, tuple)): raise logic.ParameterError('Parameter "%s" must be of type: "%s"' % ('role', 'list')) desired_roles = set(data_dict['roles']) if new_user_ref: user_object = model.User.get(new_user_ref) if not user_object: raise NotFound('Cannot find user %r' % new_user_ref) data_dict['user'] = user_object.id add_user_to_role_func = model.add_user_to_role remove_user_from_role_func = model.remove_user_from_role else: user_object = model.AuthorizationGroup.get(new_authgroup_ref) if not user_object: raise NotFound('Cannot find authorization group %r' % new_authgroup_ref) data_dict['authorization_group'] = user_object.id add_user_to_role_func = model.add_authorization_group_to_role remove_user_from_role_func = model.remove_authorization_group_from_role domain_object = logic.action.get_domain_object(model, domain_object_ref) data_dict['id'] = domain_object.id if isinstance(domain_object, model.Package): _check_access('package_edit_permissions', context, data_dict) elif isinstance(domain_object, model.Group): _check_access('group_edit_permissions', context, data_dict) elif isinstance(domain_object, model.AuthorizationGroup): _check_access('authorization_group_edit_permissions', context, data_dict) # Todo: 'system' object else: raise logic.ParameterError( 'Not possible to update roles for domain object type %s' % type(domain_object)) # current_uors: in order to avoid either creating a role twice or # deleting one which is non-existent, we need to get the users\' # current roles (if any) current_role_dicts = _get_action('roles_show')(context, data_dict)['roles'] current_roles = set( [role_dict['role'] for role_dict in current_role_dicts]) # Whenever our desired state is different from our current state, # change it. for role in (desired_roles - current_roles): add_user_to_role_func(user_object, role, domain_object) for role in (current_roles - desired_roles): remove_user_from_role_func(user_object, role, domain_object) # and finally commit all these changes to the database if not (current_roles == desired_roles): model.repo.commit_and_remove() return _get_action('roles_show')(context, data_dict)
def user_role_update(context, data_dict): ''' For a named user (or authz group), set his/her authz roles on a domain_object. ''' model = context['model'] user = context['user'] # the current user, who is making the authz change new_user_ref = data_dict.get( 'user') # the user who is being given the new role new_authgroup_ref = data_dict.get( 'authorization_group') # the authgroup who is being given the new role if bool(new_user_ref) == bool(new_authgroup_ref): raise logic.ParameterError( 'You must provide either "user" or "authorization_group" parameter.' ) domain_object_ref = data_dict['domain_object'] if not isinstance(data_dict['roles'], (list, tuple)): raise logic.ParameterError('Parameter "%s" must be of type: "%s"' % ('role', 'list')) desired_roles = set(data_dict['roles']) if new_user_ref: user_object = model.User.get(new_user_ref) if not user_object: raise NotFound('Cannot find user %r' % new_user_ref) data_dict['user'] = user_object.id add_user_to_role_func = model.add_user_to_role remove_user_from_role_func = model.remove_user_from_role else: user_object = model.AuthorizationGroup.get(new_authgroup_ref) if not user_object: raise NotFound('Cannot find authorization group %r' % new_authgroup_ref) data_dict['authorization_group'] = user_object.id add_user_to_role_func = model.add_authorization_group_to_role remove_user_from_role_func = model.remove_authorization_group_from_role domain_object = logic.action.get_domain_object(model, domain_object_ref) data_dict['id'] = domain_object.id if isinstance(domain_object, model.Package): check_access('package_edit_permissions', context, data_dict) elif isinstance(domain_object, model.Group): check_access('group_edit_permissions', context, data_dict) elif isinstance(domain_object, model.AuthorizationGroup): check_access('authorization_group_edit_permissions', context, data_dict) # Todo: 'system' object else: raise logic.ParameterError( 'Not possible to update roles for domain object type %s' % type(domain_object)) # current_uors: in order to avoid either creating a role twice or # deleting one which is non-existent, we need to get the users\' # current roles (if any) current_role_dicts = get_action('roles_show')(context, data_dict)['roles'] current_roles = set( [role_dict['role'] for role_dict in current_role_dicts]) # Whenever our desired state is different from our current state, # change it. for role in (desired_roles - current_roles): add_user_to_role_func(user_object, role, domain_object) for role in (current_roles - desired_roles): remove_user_from_role_func(user_object, role, domain_object) # and finally commit all these changes to the database if not (current_roles == desired_roles): model.repo.commit_and_remove() return get_action('roles_show')(context, data_dict)