def rename_default_group(root, registry): # pragma: no cover
"""Rename default user group."""
from adhocracy_core.authorization import add_local_roles
from adhocracy_core.authorization import get_local_roles
from adhocracy_core.authorization import set_local_roles
from adhocracy_core.resources.process import IProcess
from adhocracy_core.interfaces import DEFAULT_USER_GROUP_NAME
from adhocracy_core.sheets.principal import IPermissions
catalogs = find_service(root, 'catalogs')
resources = _search_for_interfaces(catalogs, IProcess)
old_default_group_name = 'authenticated'
old_default_group_principal = 'group:' + old_default_group_name
new_default_group_name = DEFAULT_USER_GROUP_NAME
new_default_group_principal = 'group:' + DEFAULT_USER_GROUP_NAME
groups = root['principals']['groups']
if old_default_group_name in groups:
for resource in resources:
local_roles = get_local_roles(resource)
if old_default_group_principal in local_roles:
logger.info('Rename default group in local roles'
' of {0}'.format(resource))
old_roles = local_roles.pop(old_default_group_principal)
set_local_roles(resource, local_roles)
add_local_roles({new_default_group_principal: old_roles})
users = [u for u in root['principals']['users'].values()
if IPermissions.providedBy(u)]
old_default_group = groups[old_default_group_name]
users_with_default_group = []
for user in users:
user_groups = registry.content.get_sheet_field(user,
IPermissions,
'groups')
if old_default_group in user_groups:
users_with_default_group.append(user)
logger.info('Rename default group '
'to {}'.format(new_default_group_name))
groups.rename(old_default_group_name, new_default_group_name)
new_default_group = groups[new_default_group_name]
for user in users_with_default_group:
logger.info('Update default group name of user {}'.format(user))
permission_sheet = registry.content.get_sheet(user, IPermissions)
permissions = permission_sheet.get()
user_groups = permissions['groups']
user_groups.append(new_default_group)
permissions['groups'] = user_groups
permission_sheet.set(permissions)
def _set_local_roles(local_roles_info: dict, context: IResource,
registry: Registry):
resource = find_resource(context, local_roles_info['path'])
local_roles_info['roles'] = _deserialize_roles(local_roles_info['roles'])
set_local_roles(resource, local_roles_info['roles'], registry=registry)
def _set_local_roles(local_roles_info: dict, context: IResource,
registry: Registry):
resource = find_resource(context, local_roles_info['path'])
local_roles_info['roles'] = _deserialize_roles(local_roles_info['roles'])
set_local_roles(resource, local_roles_info['roles'], registry)
def _store_data(self, appstruct):
roles_list = appstruct.get('local_roles', [])
if not roles_list:
return
roles = {x['principal']: set(x['roles']) for x in roles_list}
set_local_roles(self.context, roles, self.registry)
def __call__(self,
parent=None,
appstructs={},
run_after_creation=True,
creator=None,
registry=None,
request=None,
send_event=True,
**kwargs
):
"""Triggered when a ResourceFactory instance is called.
Kwargs::
parent (IPool or None): Add the new resource to this pool.
None value is allowed to create non
persistent Resources (without OID/parent).
Defaults to None.
appstructs (dict): Key/Values of sheet appstruct data.
Key is identifier of a sheet interface.
Value is the data to set.
after_creation (bool): Whether to invoke after_creation hooks,
If parent is None you should set this False
Default is True.
creator (IResource or None): The resource of the creating user
to set the right metadata.
registry (Registry or None): Registry passed to creation eventes.
If None :func:`pyramid.threadlocal.get_current_registry` is
called. Default is None.
request (Request or None): passed to
:class:`adhocracy_core.interfaces.IResourceSheetModified'events
send_event (bool): send
:class:`adhocracy_core.interfaces.IResourceCreatedAndAdded`
event. Default is True.
**kwargs: Arbitary keyword arguments. Will be passed along with
'creator' to the `after_creation` hook as 3rd argument
`options`.
Returns:
object (IResource): the newly created resource
Raises:
KeyError: if self.metadata.use_autonaming is False and the
`resource name` is not given or already used in the
`parent` pool.
You can set the `resource name` with appstruct data
for the name sheet (:mod:`adhocracy_core.sheets.name`).
ComponentLookupError: if `appstructs` contains sheet data
for non existing sheets.
"""
resource = self.meta.content_class()
directlyProvides(resource, self.meta.iresource)
isheets = self.meta.basic_sheets + self.meta.extended_sheets
alsoProvides(resource, isheets)
if registry is None:
registry = get_current_registry()
if parent is not None:
self._add(parent, resource, appstructs, registry)
else:
resource.__parent__ = None
resource.__name__ = ''
for key, struct in appstructs.items():
isheet = DottedNameResolver().maybe_resolve(key)
sheet = get_sheet(resource, isheet, registry=registry)
if sheet.meta.creatable:
sheet.set(struct,
send_event=False,
request=request)
# Fixme: Sideffect. We change here the passed creator because the
# creator of user resources should always be the created user.
# A better solution would be to have custom adapter to add
# resources.
# To prevent import circles we do not import at module level.
from adhocracy_core.resources.principal import IUser
if IUser.providedBy(resource):
creator = resource
if creator is not None:
userid = resource_path(creator)
set_local_roles(resource, {userid: {'role:creator'}})
if IMetadata.providedBy(resource):
metadata = self._get_metadata(resource, creator, registry)
sheet = get_sheet(resource, IMetadata, registry=registry)
sheet.set(metadata,
send_event=False,
request=request,
omit_readonly=False)
if run_after_creation:
for call in self.meta.after_creation:
kwargs['creator'] = creator
call(resource, registry, options=kwargs)
if send_event:
self._notify_new_resource_created_and_added(resource,
registry,
creator)
return resource
def _store_data(self, appstruct):
roles_list = appstruct.get('local_roles', [])
if not roles_list:
return
roles = {x['principal']: set(x['roles']) for x in roles_list}
set_local_roles(self.context, roles, self.registry)
def _set_local_roles(local_roles_info: dict, context: IResource, registry: Registry):
resource = find_resource(context, local_roles_info["path"])
local_roles_info["roles"] = _deserialize_roles(local_roles_info["roles"])
set_local_roles(resource, local_roles_info["roles"])
