示例#1
0
文件: role.py 项目: dmdm/PySite
 def xhr_create(self):
     sch = pysite.dd.build_schema(colander.MappingSchema, self.DD, fieldlist=self.EDIT_FIELDLIST)
     try:
         data = pysite.dd.deserialize(sch, self.request.POST)
     except colander.Invalid as exc:
         return {"status": False, "msg": "Errors", "errors": exc.asdict()}
     try:
         vv = {}
         for k, v in data.items():
             vv[k[self.PREFIXLEN :]] = v
         vv["owner"] = self.request.user.uid
         vv["ctime"] = datetime.datetime.now()
         manager.create_role(vv)
         return {"status": True, "msg": "Ok"}
     except (StatementError, NoResultFound, PySiteError) as exc:
         return {"status": False, "msg": str(exc), "errors": {}}
示例#2
0
文件: manager.py 项目: dmdm/PySite
 def _create_role_and_principal():
     import pysite.authmgr.manager as usrmanager
     sess = pysite.models.DbSession()
     try:
         role = sess.query(Role).filter(Role.name == rolename).one()
         msgs.append("Use existing role '{0}' ({1})".format(
             role.name, role.id))
     except NoResultFound:
         role_data = dict(
             name=rolename,
             owner=owner,
             notes="Manager role for site '{0}'".format(data['sitename'])
         )
         role = usrmanager.create_role(role_data)
         msgs.append("Created role '{0}' ({1})".format(role.name, role.id))
     if isinstance(data['principal'], dict):
         data['principal']['owner'] = owner
         principal = usrmanager.create_principal(data['principal'])
         msgs.append("Created principal '{0}' ({1})".format(
             principal.principal, principal.id))
     else:
         try:
             principal = sess.query(Principal).filter(
                 Principal.principal == data['principal']).one()
             msgs.append("Use existing principal '{0}' ({1})".format(
                 principal.principal, principal.id))
         except NoResultFound:
             errors.append("Principal '{0}' not found".format(
                 data['principal']))
             return info
     try:
         # Save these here. If create_rolemember fails, the session is
         # aborted and we cannot access the attributes of the entities
         # in the except handler.
         princ = principal.principal
         rol = role.name
         usrmanager.create_rolemember(dict(principal_id=principal.id,
             role_id=role.id, owner=owner))
         msgs.append("Set principal '{0}' as member of role '{1}'".format(
             principal.principal, role.name))
     except IntegrityError:
         msgs.append("Principal '{0}' is already member of role '{1}'".format(
             princ, rol))
示例#3
0
    def _setup_users(self):
        sess = pysite.models.DbSession()
        # 1// Create principal system
        p_system = usrmgr.create_principal(dict(
            id=SYSTEM_UID,
            principal='system',
            email='system@localhost',
            first_name='system',
            display_name='System',
            owner=SYSTEM_UID,
            # Roles do not exist yet. Do not auto-create them
            roles=False
        ))

        # 2// Create roles
        # This role should not have members.
        # Not-authenticated users are automatically member of 'everyone'
        usrmgr.create_role(dict(
            id=EVERYONE_RID,
            name='everyone',
            notes='Everyone (incl. unauthenticated users)',
            owner=SYSTEM_UID,
        ))
        usrmgr.create_role(dict(
            id=SYSTEM_RID,
            name='system',
            owner=SYSTEM_UID
        ))
        r_wheel = usrmgr.create_role(dict(
            id=WHEEL_RID,
            name='wheel',
            notes='Site Admins',
            owner=SYSTEM_UID
        ))
        r_users = usrmgr.create_role(dict(
            id=USERS_RID,
            name='users',
            notes='Authenticated Users',
            owner=SYSTEM_UID
        ))
        r_unit_testers = usrmgr.create_role(dict(
            id=UNIT_TESTERS_RID,
            name='unit testers',
            notes='Unit Testers',
            owner=SYSTEM_UID
        ))

        # 3// Put 'system' into its roles
        usrmgr.create_rolemember(dict(
            role_id=r_users.id,
            principal_id=p_system.id,
            owner=SYSTEM_UID
        ))
        usrmgr.create_rolemember(dict(
            role_id=r_wheel.id,
            principal_id=p_system.id,
            owner=SYSTEM_UID
        ))

        # 4// Create principals
        usrmgr.create_principal(dict(
            id=ROOT_UID,
            principal='root',
            email='root@localhost',
            first_name='root',
            display_name='Root',
            pwd=self._rc.g('auth.user_root.pwd'),
            is_enabled=True,
            owner=SYSTEM_UID,
            roles=[r_wheel.name, r_users.name]
        ))
        usrmgr.create_principal(dict(
            id=NOBODY_UID,
            principal='nobody',
            email='nobody@localhost',
            first_name='Nobody',
            display_name='Nobody',
            is_enabled=False,
            owner=SYSTEM_UID,
            # This principal is not member of any role
            # Not-authenticated users are automatically 'nobody'
            roles=False
        ))
        usrmgr.create_principal(dict(
            id=SAMPLE_DATA_UID,
            principal='sample_data',
            email='sample_data@localhost',
            first_name='Sample Data',
            display_name='Sample Data',
            is_enabled=False,
            owner=SYSTEM_UID,
            # This principal is not member of any role
            roles=False
        ))
        usrmgr.create_principal(dict(
            id=UNIT_TESTER_UID,
            principal='unit_tester',
            email='unit_tester@localhost',
            first_name='Unit-Tester',
            display_name='Unit-Tester',
            is_enabled=False,
            owner=SYSTEM_UID,
            roles=[r_unit_testers.name]
        ))
        
        # 5// Set sequence counter for user-created things
        # XXX PostgreSQL only
        # Regular users have ID > 100
        sess.execute('ALTER SEQUENCE principal_id_seq RESTART WITH 101')
        # Regular roles have ID > 100
        sess.execute('ALTER SEQUENCE role_id_seq RESTART WITH 101')
        sess.flush()
示例#4
0
文件: pysite.py 项目: dmdm/PySite
 def create_role(self):
     data = self._parse(self._args.data)
     data['owner'] = pysite.authmgr.const.ROOT_UID
     rs = usrmanager.create_role(data)
     self._print(self._db_data_to_list([rs])[0])