示例#1
0
def has_permission(path, perm, user):
    """
    Checks whether a user has a given permission on a folder path.
    """
    sharepath = path.split("/")[0]
    try:
        share = Share.objects.get(path=sharepath)
    except Share.DoesNotExist:
        share = Share(path=sharepath)
    return share.has_perm(perm, user)
示例#2
0
def has_permission(path, perm, user):
    """
    Checks whether a user has a given permission on a folder path.
    """
    sharepath = path.split("/")[0]
    try:
        share = Share.objects.get(path=sharepath)
    except Share.DoesNotExist:
        share = Share(path=sharepath)
    return share.has_perm(perm, user)
示例#3
0
def permission_list(request, path):
    """
    Manages the properties for the given folder.
    """
    path = clean_path(path)

    # check permissions
    try:
        share = Share.objects.get(path=path)
    except Share.DoesNotExist:
        share = Share(path=path)
    if not share.has_perm('can_manage', request.user):
        return HttpResponseForbidden()

    # process submission
    if request.method == 'POST':
        try:
            data = json.loads(request.body.decode('utf8'))
        except ValueError:
            return HttpResponseBadRequest()

        # properties
        shareform = ShareForm(data, instance=share)
        if not shareform.is_valid():
            return HttpResponseBadRequest()
        shareform.save(commit=False)

        # permissions
        unique = {}
        for blob in data['permissions']:
            form = ShareAccessForm(blob)
            if not form.is_valid():
                return HttpResponseBadRequest()
            permission = form.cleaned_data
            owner = permission['owner']
            if owner in unique:
                for perm in PERMISSIONS:
                    if permission[perm]:
                        unique[owner][perm] = permission[perm]
            else:
                unique[owner] = permission
        acls = []
        for permission in unique.values():
            acl = NamedAcl("%s:" % permission['owner'])
            for perm in PERMISSIONS:
                if permission[perm]:
                    acl.add_perm(perm)
            if acl.permissions:
                acls.append(acl)
        share.set_acls(acls)

        # check we are not locking ourselves out before saving
        if not share.has_perm('can_manage', request.user):
            return HttpResponseForbidden()
        share.save()

    # serialise
    data = {
        'description': share.description,
        'owners': [],
        'permissions': [],
    }

    # owners
    for klass, key in OWNERS:
        for obj in klass.objects.all().order_by(key):
            data['owners'].append({
                'group':
                klass.__name__,
                'name':
                force_text(obj),
                'value':
                "%s:%s" % (klass.__name__.lower(), getattr(obj, key))
            })

    # permissions
    for acl in share.acls():
        entry = {'owner': "%s:%s" % (acl.type, acl.name)}
        for perm in PERMISSIONS:
            entry[perm] = acl.has_perm(perm)
        data['permissions'].append(entry)

    return HttpResponse(json.dumps(data), content_type='application/json')
示例#4
0
def permission_list(request, path):
    """
    Manages the properties for the given folder.
    """
    path = clean_path(path)

    # check permissions
    try:
        share = Share.objects.get(path=path)
    except Share.DoesNotExist:
        share = Share(path=path)
    if not share.has_perm('can_manage', request.user):
        return HttpResponseForbidden()

    # process submission
    if request.method == 'POST':
        try:
            data = json.loads(request.body)
        except ValueError:
            return HttpResponseBadRequest()

        # properties
        shareform = ShareForm(data, instance=share)
        if not shareform.is_valid():
            return HttpResponseBadRequest()
        shareform.save(commit=False)

        # permissions
        unique = {}
        for blob in data['permissions']:
            form = ShareAccessForm(blob)
            if not form.is_valid():
                return HttpResponseBadRequest()
            permission = form.cleaned_data
            owner = permission['owner']
            if unique.has_key(owner):
                for perm in PERMISSIONS:
                    if permission[perm]: unique[owner][perm] = permission[perm]
            else:
                unique[owner] = permission
        acls = []
        for permission in unique.values():
            acl = NamedAcl("%s:" % permission['owner'])
            for perm in PERMISSIONS:
                if permission[perm]: acl.add_perm(perm)
            if acl.permissions: acls.append(acl)
        share.set_acls(acls)

        # check we are not locking ourselves out before saving
        if not share.has_perm('can_manage', request.user):
            return HttpResponseForbidden()
        share.save()

    # serialise
    data = {
        'description': share.description,
        'owners': [],
        'permissions': [],
    }

    # owners
    for klass, key in OWNERS:
        for obj in klass.objects.all().order_by(key):
            data['owners'].append({
                'group': klass.__name__,
                'name': unicode(obj),
                'value': "%s:%s" % (klass.__name__.lower(), getattr(obj, key))
            })

    # permissions
    for acl in share.acls():
        entry = {'owner': "%s:%s" % (acl.type, acl.name)}
        for perm in PERMISSIONS:
            entry[perm] = acl.has_perm(perm)
        data['permissions'].append(entry)

    return HttpResponse(json.dumps(data), content_type='application/json')