def _get_principals(self, request):
"""
Calculates the identities that can be used
when authorizing the user
"""
principals = [Everyone, Authenticated, request.authenticated_userid]
if is_owner(request.context, request.authenticated_userid):
principals.append(Owner)
principals.extend(get_user_roles(request, request.authenticated_userid))
request.__effective_principals__ = principals
return principals
def __acl__(self):
acl = [
(Allow, Manager, view_token),
(Allow, Owner, view_token),
]
# When checking permissions directly on the object (For example when determining
# the visible fields), request.context.owner will be related to the owner of where we are posting the
# activity, for example, when posting to a context, the context), so we need to provide permissions
# for the owner of the object itself, or the flatten will result empty...
if is_owner(self, self.request.authenticated_userid):
acl.append((Allow, self.request.authenticated_userid, view_token))
return acl
def __acl__(self):
acl = [
(Allow, Manager, delete_comment),
(Allow, Owner, delete_comment),
]
activity = self.__parent__.activity
# If the user accessing the activity owns it, give it permission to delete
if is_owner(activity, activity.request.authenticated_userid):
acl.append((Allow, activity.request.authenticated_userid, delete_comment))
if activity.get('contexts', []) and hasattr(activity.request.actor, 'getSubscription'):
subscription = activity.request.actor.getSubscription(activity['contexts'][0])
if subscription:
permissions = subscription.get('permissions', [])
if 'delete' in permissions:
acl.append((Allow, activity.request.authenticated_userid, delete_comment))
return acl
def __acl__(self):
acl = [
(Allow, Manager, view_activity),
(Allow, Manager, delete_activity),
(Allow, Manager, list_comments),
(Allow, Manager, add_comment),
(Allow, Manager, favorite),
(Allow, Manager, unfavorite),
(Allow, Manager, like),
(Allow, Owner, view_activity),
(Allow, Owner, delete_activity),
]
if is_self_operation(self.request):
acl.append((Allow, self.request.authenticated_userid, favorite))
if self.has_favorite_from(self.request.actor):
acl.append((Allow, self.request.authenticated_userid, unfavorite))
# When checking permissions directly on the object (For example when determining
# the visible fields), request.context.owner will be related to the owner of where we are posting the
# activity, for example, when posting to a context, the context), so we need to provide permissions
# for the owner of the object itself, or the flatten will result empty...
if is_owner(self, self.request.authenticated_userid):
acl.append((Allow, self.request.authenticated_userid, view_activity))
# If we have an activity that has contexts, grant view_activity if the context
# subscription provides the read permission.
#
# There's two use case where the actor's that just posted the activity may not have a subscription.
# 1. A Manager is posting in a context as himself (not impersonating) and he's not subscribed.
# As we allow this in static acls, a manager will already have the permissions granted below.
# 2. A Manager is posting in a context as a context, so the context won't be subcribed in any way.
# As the user authenticated wil be a manager, it will already have the permissions granted below.
if self.get("contexts", []) and hasattr(self.request.actor, "getSubscription"):
from max.models import Context
# When dealing with context activities, request context will be already loaded, so reuse it
activity_context_same_as_request_context = (
isinstance(self.request.context, Context)
and self.request.context["hash"] == self["contexts"][0]["hash"]
)
if activity_context_same_as_request_context:
context = self.request.context
else:
# When activity context is not loaded, instantiate a lazy one
context = Context.from_object(self.request, self["contexts"][0])
subscription = self.request.actor.getSubscription(context)
if subscription:
permissions = subscription.get("permissions", [])
if "read" in permissions:
acl.append((Allow, self.request.authenticated_userid, view_activity))
acl.append((Allow, self.request.authenticated_userid, list_comments))
# Allow like on non impersonated requests
if is_self_operation(self.request):
acl.append((Allow, self.request.authenticated_userid, like))
if "flag" in permissions:
acl.append((Allow, self.request.authenticated_userid, flag))
acl.append((Allow, self.request.authenticated_userid, unflag))
if "delete" in permissions:
acl.append((Allow, self.request.authenticated_userid, delete_activity))
acl.append((Allow, self.request.authenticated_userid, delete_comment))
if "write" in permissions:
acl.append((Allow, self.request.authenticated_userid, add_comment))
# If no susbcription found, check context policy
else:
# XXX This should be cached at resource level
context.wake()
if context.get("permissions", {}).get("read", DEFAULT_CONTEXT_PERMISSIONS["read"]) == "public":
acl.append((Allow, self.request.authenticated_userid, view_activity))
if is_self_operation(self.request):
acl.append((Allow, self.request.authenticated_userid, like))
# Only context activites can be flagged/unflagged, so we give permissions to
# Manager here, as it don't make sense to do it globally
acl.extend([(Allow, Manager, flag), (Allow, Manager, unflag)])
# Activies without a context are considered public to all authenticated users, so commentable.
# Those activities commments also will be readable by all authenticated users.
# Owners of activities can delete them outside contexts.
else:
acl.extend(
[
(Allow, Authenticated, view_activity),
(Allow, Authenticated, add_comment),
(Allow, Owner, delete_comment),
(Allow, Authenticated, list_comments),
]
)
if is_self_operation(self.request):
acl.append((Allow, self.request.authenticated_userid, like))
# Allow unlike only if actor has a like on this activity.
# Allow Managers to unlike likes from other users
if self.has_like_from(self.request.actor):
acl.append((Allow, Manager, unlike))
if is_self_operation(self.request):
acl.append((Allow, self.request.authenticated_userid, unlike))
return acl