def multi_update(vol, users, usergateways, acquisitiongateways, replicagateways): v_id = vol.volume_id db.delete_volume(v_id) logging.info(users) for user in users: fields = {} if v_id in user.volumes_o: new_volumes_o = user.volumes_o new_volumes_o.remove(v_id) fields['volumes_o'] = new_volumes_o if v_id in user.volumes_rw: new_volumes_rw = user.volumes_rw new_volumes_rw.remove(v_id) fields['volumes_rw'] = new_volumes_rw if v_id in user.volumes_r: new_volumes_r = user.volumes_r new_volumes_r.remove(v_id) fields['volumes_r'] = new_volumes_r if fields: db.update_user(user.email, **fields) for ug in usergateways: fields = {} fields['volume_id'] = 0 db.update_user_gateway(ug.g_id, **fields) for ag in acquisitiongateways: logging.info(ag) fields = {} new_ids = ag.volume_ids.remove(v_id) if not new_ids: fields['volume_ids'] = [] else: fields['volume_ids'] = new_ids db.update_acquisition_gateway(ag.g_id, **fields) for rg in replicagateways: fields = {} new_ids = rg.volume_ids.remove(v_id) if not new_ids: fields['volume_ids'] = [] else: fields['volume_ids'] = new_ids db.update_replica_gateway(rg.g_id, **fields) # Clear initial data session variable to prevent stale tables in ag.views.viewgateway and rg.views.viewgateway session.pop("rg_initial_data" + str(v_id), None) session.pop("ag_initial_data" + str(v_id), None) # Clear initial data session variable to prevent stale data in volume settings, change rgs, and change ags. session.pop("volume_initial_ags" + str(v_id), None) session.pop("volume_initial_rgs" + str(v_id), None)
def addpermissions(request, volume_id): ''' This handler allows adding users to volumes so they can have either read access or read and write access. ''' session = request.session username = session['login_email'] if request.method != "POST": return redirect('syn/volume/' + str(vol.volume_id) + '/permissions') else: vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) addform = forms.AddPermissions(request.POST) passwordform = libforms.Password(request.POST) if not passwordform.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: # Check password hash if vol.volume_secret_salted_hash != Volume.generate_password_hash( passwordform.cleaned_data['password'], vol.volume_secret_salt): session['message'] = "Incorrect password" return redirect('django_volume.views.volumepermissions', vol.volume_id) if not addform.is_valid(): session[ 'message'] = "Incorrect entry fields: likely invalid email address." return redirect('django_volume.views.volumepermissions', vol.volume_id) # Ok to update else: new_username = addform.cleaned_data['user'] read = addform.cleaned_data['read'] write = addform.cleaned_data['write'] for data in session['initial_perms' + str(volume_id)]: if data['user'] == new_username: session['message'] = "User already has rights for volume." return redirect('django_volume.views.volumepermissions', vol.volume_id) new_user = db.read_user(new_username) if not new_user: session[ 'message'] = "No Syndicate user with the email {} exists.".format( new_username) return redirect('django_volume.views.volumepermissions', vol.volume_id) if vol.owner_id == new_user.owner_id: session['message'] = "You already own this volume." return redirect('django_volume.views.volumepermissions', vol.volume_id) if write: if read: new_volumes_rw = new_user.volumes_rw + [vol.volume_id] fields = {'volumes_rw': new_volumes_rw} db.update_user(new_username, **fields) else: session[ 'message'] = "Write permissions require read permissions as well." return redirect('django_volume.views.volumepermissions', vol.volume_id) elif read: new_volumes_r = new_user.volumes_r + [vol.volume_id] fields = {'volumes_r': new_volumes_r} db.update_user(new_username, **fields) # Clear out old permissions data. session.pop('initial_perms' + str(volume_id), None) session['new_change'] = "We've saved a new user to your volume." session['next_url'] = '/syn/volume/' + str( vol.volume_id) + '/permissions' session[ 'next_message'] = "Click here to see your volumes permissions." return redirect('/syn/thanks')
def changepermissions(request, volume_id): ''' This view handles modification or removal of rights to the volume for users who already had some rights. ''' session = request.session username = session['login_email'] vol = db.read_volume(volume_id) if not vol: return redirect('django_volume.views.viewvolume', volume_id) PermissionFormSet = formset_factory(forms.Permissions, extra=0) if request.method != "POST": return redirect('/syn/volume/' + str(vol.volume_id) + '/permissions') else: passwordform = libforms.Password(request.POST) formset = PermissionFormSet(request.POST) if not passwordform.is_valid(): session['message'] = "Password required." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: # Check password hash if vol.volume_secret_salted_hash != Volume.generate_password_hash( passwordform.cleaned_data['password'], vol.volume_secret_salt): session['message'] = "Incorrect password" return redirect('django_volume.views.volumepermissions', vol.volume_id) if not formset.is_valid(): session['message'] = "Invalid field entries." return redirect('django_volume.views.volumepermissions', vol.volume_id) else: initial_and_forms = zip(session['initial_perms' + str(volume_id)], formset.forms) for data, form in initial_and_forms: check_username = data['user'] check_read = form.cleaned_data['read'] check_write = form.cleaned_data['write'] check_user = db.read_user(check_username) if check_write and not check_read: session[ 'message'] = "Write permissions require read permissions as well." return redirect('django_volume.views.volumepermissions', vol.volume_id) if data['write']: if check_write: continue elif check_read: # Give read, take away write new_volumes_r = check_user.volumes_r + [vol.volume_id] new_volumes_rw = check_user.volumes_rw.remove( vol.volume_id) if not new_volumes_rw: new_volumes_rw = [] fields = { 'volumes_r': new_volumes_r, 'volumes_rw': new_volumes_rw } db.update_user(check_username, **fields) else: # change to no permissions new_volumes_rw = check_user.volumes_rw.remove( vol.volume_id) if not new_volumes_rw: new_volumes_rw = [] fields = {'volumes_rw': new_volumes_rw} db.update_user(check_username, **fields) elif data['read']: if check_write: # Give write, take away read new_volumes_r = check_user.volumes_r.remove( vol.volume_id) new_volumes_rw = check_user.volumes_rw + [ vol.volume_id ] if not new_volumes_r: new_volumes_r = [] fields = { 'volumes_r': new_volumes_r, 'volumes_rw': new_volumes_rw } db.update_user(check_username, **fields) elif check_read: continue else: # change to no permissions new_volumes_r = check_user.volumes_r.remove( vol.volume_id) if not new_volumes_r: new_volumes_r = [] fields = {'volumes_r': new_volumes_r} db.update_user(check_username, **fields) # Clear out stale data. session.pop("initial_perms" + str(volume_id), None) session['new_change'] = "We've saved your new permissions." session['next_url'] = '/syn/volume/' + str( vol.volume_id) + '/permissions' session[ 'next_message'] = "Click here to see your volumes permissions." return redirect('/syn/thanks')