def addRight(callerPriv):
'''
Add a right item.
parameters:
token
name: such as b999
product:
'''
user=request.params.get("name")
product=request.params.get("product")
if user==None or product==None:
return {"results":{"error":{"code":13,"msg":"Parameter missing."}}}
uInfo=brauth.getUser(name=user)
if uInfo==None:
return {"results":{"error":{"code":23,"msg":"Can not find the target user."}}}
elif "error" in uInfo:
return {"results":uInfo}
pInfo=brauth.getProduct(name=product)
if pInfo==None:
return {"results":{"error":{"code":24,"msg":"Can not find the target product."}}}
elif "error" in pInfo:
return {"results":pInfo}
try:
brauth.addRight(callerPriv=callerPriv,uid=uInfo["_id"],pid=pInfo["_id"])
return {"results":'OK'}
except Exception,e:
print str(e)
return {"results":{"error":{"code":16,"msg":"Add fail."}}}
def delete_right(callerPriv):
'''
Delete a right item.
parameters:
token
name
product
return:
{results:OK}
'''
user=request.params.get("name")
product=request.params.get("product")
if user==None or product==None:
return {"results":{"error":{"code":13,"msg":"Parameter missing."}}}
uInfo=brauth.getUser(name=user)
if uInfo==None:
return {"results":{"error":{"code":23,"msg":"Can not find the target user."}}}
elif "error" in uInfo:
return {"results":uInfo}
pInfo=brauth.getProduct(name=product)
if pInfo==None:
return {"results":{"error":{"code":24,"msg":"Can not find the target product."}}}
elif "error" in pInfo:
return {"results":pInfo}
brauth.removeRight(callerPriv=callerPriv,uid=uInfo['_id'],pid=pInfo['_id'])
return {"results":"OK"}
def getRight(callerPriv):
'''
List rights items.
parameters:
name
token
return:
{user:string,products:[p1,p2]}
'''
user=request.params.get("name")
if user==None:
return {"results":{"error":{"code":13,"msg":"Parameter missing."}}}
userInfo=brauth.getUser(name=user)
if userInfo==None:
return {"results":{"error":{"code":21,"msg":"Can not find the user."}}}
pids=brauth.getRight(callerPriv=callerPriv,uid=userInfo['_id'])
products=[]
if pids!=None:
for pid in pids:
product=brauth.getProduct(pid)
if product!=None:
products.append(product['name'])
return {"results":{"user":user,"products":products}}
def wrapper(*a, **ka):
token = request.params.get("token")
if token == None:
return {
"results": {
"error": {
"code": 12,
"msg": "Invalid token"
}
}
}
else:
uid = brauth.validateToken(token)
#print "token:%s"%token
#print "uid:%s"%uid
if uid == -1:
return {
"results": {
"error": {
"code": 12,
"msg": "Invalid token"
}
}
}
else:
user = brauth.getUser(uid=uid)
if user == None:
return {
"results": {
"error": {
"code": 14,
"msg": "Can not find the user."
}
}
}
else:
if 'priviledge' in user:
priviledge = user['priviledge']
if priviledge > PRIVILEDGE_LEVEL_PM:
return {
"results": {
"error": {
"code": 15,
"msg": "Insufficient right."
}
}
}
else:
return func(callerPriv=priviledge, *a, **ka)
else:
return {
"results": {
"error": {
"code": 26,
"msg":
"No priviledge data in user info."
}
}
}
def addRight(callerPriv):
'''
Add a right item.
parameters:
token
name: such as b999
product:
'''
user = request.params.get("name")
product = request.params.get("product")
if user == None or product == None:
return {
"results": {
"error": {
"code": 13,
"msg": "Parameter missing."
}
}
}
uInfo = brauth.getUser(name=user)
if uInfo == None:
return {
"results": {
"error": {
"code": 23,
"msg": "Can not find the target user."
}
}
}
elif "error" in uInfo:
return {"results": uInfo}
pInfo = brauth.getProduct(name=product)
if pInfo == None:
return {
"results": {
"error": {
"code": 24,
"msg": "Can not find the target product."
}
}
}
elif "error" in pInfo:
return {"results": pInfo}
try:
brauth.addRight(callerPriv=callerPriv,
uid=uInfo["_id"],
pid=pInfo["_id"])
return {"results": 'OK'}
except Exception, e:
print str(e)
return {"results": {"error": {"code": 16, "msg": "Add fail."}}}
def delete_right(callerPriv):
'''
Delete a right item.
parameters:
token
name
product
return:
{results:OK}
'''
user = request.params.get("name")
product = request.params.get("product")
if user == None or product == None:
return {
"results": {
"error": {
"code": 13,
"msg": "Parameter missing."
}
}
}
uInfo = brauth.getUser(name=user)
if uInfo == None:
return {
"results": {
"error": {
"code": 23,
"msg": "Can not find the target user."
}
}
}
elif "error" in uInfo:
return {"results": uInfo}
pInfo = brauth.getProduct(name=product)
if pInfo == None:
return {
"results": {
"error": {
"code": 24,
"msg": "Can not find the target product."
}
}
}
elif "error" in pInfo:
return {"results": pInfo}
brauth.removeRight(callerPriv=callerPriv,
uid=uInfo['_id'],
pid=pInfo['_id'])
return {"results": "OK"}
def resetPass(callerPriv):
'''
Parameters:
name
'''
user = request.params.get("name")
if user == None:
return {
"results": {
"error": {
"code": 13,
"msg": "Parameter missing."
}
}
}
else:
info = brauth.getUser(name=user)
if info == None:
return {
"results": {
"error": {
"code": 14,
"msg": "Can not find the user."
}
}
}
else:
if callerPriv > info['priviledge']:
return {
"results": {
"error": {
"code": 15,
"msg": "Insufficient right."
}
}
}
else:
newpass = brauth.randomPass(6)
brauth.setPass(user, newpass)
brauth.sendMail(info['email'], user, newpass)
return {'results': 'OK'}
def resetPass(callerPriv):
'''
Parameters:
name
'''
user=request.params.get("name")
if user==None:
return {"results":{"error":{"code":13,"msg":"Parameter missing."}}}
else:
info=brauth.getUser(name=user)
if info==None:
return {"results":{"error":{"code":14,"msg":"Can not find the user."}}}
else:
if callerPriv>info['priviledge']:
return {"results":{"error":{"code":15,"msg":"Insufficient right."}}}
else:
newpass=brauth.randomPass(6)
brauth.setPass(user,newpass)
brauth.sendMail(info['email'],user,newpass)
return {'results':'OK'}
def getRight(callerPriv):
'''
List rights items.
parameters:
name
token
return:
{user:string,products:[p1,p2]}
'''
user = request.params.get("name")
if user == None:
return {
"results": {
"error": {
"code": 13,
"msg": "Parameter missing."
}
}
}
userInfo = brauth.getUser(name=user)
if userInfo == None:
return {
"results": {
"error": {
"code": 21,
"msg": "Can not find the user."
}
}
}
pids = brauth.getRight(callerPriv=callerPriv, uid=userInfo['_id'])
products = []
if pids != None:
for pid in pids:
product = brauth.getProduct(pid)
if product != None:
products.append(product['name'])
return {"results": {"user": user, "products": products}}
def wrapper(*a, **ka):
token=request.params.get("token")
if token==None:
return {"results":{"error":{"code":12,"msg":"Invalid token"}}}
else:
uid=brauth.validateToken(token)
#print "token:%s"%token
#print "uid:%s"%uid
if uid==-1:
return {"results":{"error":{"code":12,"msg":"Invalid token"}}}
else:
user=brauth.getUser(uid=uid)
if user==None:
return {"results":{"error":{"code":14,"msg":"Can not find the user."}}}
else:
if 'priviledge' in user:
priviledge=user['priviledge']
if priviledge>PRIVILEDGE_LEVEL_PM:
return {"results":{"error":{"code":15,"msg":"Insufficient right."}}}
else:
return func(callerPriv=priviledge, *a, **ka)
else:
return {"results":{"error":{"code":26,"msg":"No priviledge data in user info."}}}
