def setup_hubs_security(group, creator): """creator will be admin user """ if not creator: raise TypeError("We must have a creator to create a group, since otherwise it will be inaccessible") create_reference(TgGroup, group) if group.level == 'member': admin_group = TgGroup.objects.get(place=group.place, level='host') setup_hubs_security(admin_group, creator) setup_group_security(group, group, admin_group, creator) elif group.level == 'host': setup_group_security(group, group, group, creator) return group
def setup_hubs_security(group, creator): """creator will be admin user """ if not creator: raise TypeError("We must have a creator to create a group, since otherwise it will be inaccessible") create_reference(TgGroup, group) if group.level == 'member': admin_group = TgGroup.objects.get(place=group.place, level='host') setup_hubs_security(admin_group, creator) setup_group_security(group, group, admin_group, creator, 'invite') elif group.level == 'host': setup_group_security(group, group, group, creator, 'private') return group
def patch_in_groups(request): """Do group security setup for hubspace groups XXX patch group names to reflect Location names XXX ensure all directors are in the host group 1. setup a security context for each group passing in context_agent, context_admin and creator 2. set 'hosts' as a members of the members group, ignore 'directors' groups (they are deprecated - bring on host anarchy!) """ no_security = [group for group in TgGroup.objects.filter(level='member').exclude(place__name='hubplus') if not group.ref.all()] admin_user = get_admin_user() for group in no_security: setup_hubs_security(group, admin_user) #this should have setup most of the host groups, but if not no_security_host = [group for group in TgGroup.objects.filter(level='host') if not group.ref.all()] #e.g. hubspace superuser and hubspace api for group in no_security_host: create_reference(TgGroup, group) setup_group_security(group, group, group, admin_user) return HttpResponse("patched %s hub group's security" % str(len(no_security_host)))