def priv_add(masterRole=None, masterId=None, object=None, objectId=None, operList=None, master="user"): # role operation define default role_privilege = { "user": {"administrator": "add|del|upd|get|privilege_add|privilege_del|privilege_upd|privilege_query"}, "device": { "administrator": "add|del|upd|get|privilege_add|privilege_del|privilege_upd|privilege_query", "operator": "upd|query", "guest": "query", }, "sensor": { "administrator": "add|del|upd|get|command|privilege_add|privilege_del|privilege_upd|privilege_query", "operator": "upd|query|command", "guest": "query", }, } if masterId is None: masterId = "all" if object is None: object = "all" if objectId is None: objectId = "all" if masterRole is None: masterRole = "all" if operList is None: if role_privilege.has_key(object): if role_privilege[object].has_key(masterRole): operList = role_privilege[object][masterRole] if operList is None: return error.ERR_CODE_ERR_ return database.db_insert_privilege(master, masterId, masterRole, object, objectId, operList)
def priv_init(): """ some default privilege table will be created in phase of iotx server init. 0 super user 1 any role can create a user 2 any role can access a device(if has accessKey, and login) 3 ... """ # get super user id , and create topest privilege table row = database.db_select_user_by_name(configure.super_user_name) if len(row) > 0: database.db_insert_privilege("user", row[0], "all", "all", "all", "all") database.db_insert_privilege("user", "all", "all", "user", "all", "add") database.db_insert_privilege("user", "all", "all", "device", "all", "add")