archive/pillar
0
0
Fork 0
Code Issues 42 Pull Requests Projects Releases Wiki Activity

Fixing type_groups_permissions

Browse Source
This commit is contained in:
Eibriel
2015-05-19 12:49:09 -03:00
parent bb8e690711
commit 80711800de
1 changed files with 24 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
attract/application/__init__.py
View File

@@ -182,6 +182,7 @@ def pre_POST(request):
global_validation() global_validation()
# print ("Post") # print ("Post")
# print ("World: {0}".format(g.get('world_permissions'))) # print ("World: {0}".format(g.get('world_permissions')))
# print ("Group: {0}".format(g.get('groups_permissions')))
action = 'POST' action = 'POST'
print (g.get('type_groups_permissions')) print (g.get('type_groups_permissions'))
# Is quering for one specific node # Is quering for one specific node
@@ -195,9 +196,11 @@ def pre_DELETE(request, lookup):
global_validation() global_validation()
type_world_permissions = g.get('type_world_permissions') type_world_permissions = g.get('type_world_permissions')
type_owner_permissions = g.get('type_owner_permissions') type_owner_permissions = g.get('type_owner_permissions')
type_groups_permissions = g.get('type_groups_permissions')
# print ("Delete") # print ("Delete")
# print ("Owner: {0}".format(type_owner_permissions)) print ("Owner: {0}".format(type_owner_permissions))
# print ("World: {0}".format(type_world_permissions)) print ("World: {0}".format(type_world_permissions))
print ("Groups: {0}".format(type_groups_permissions))
action = 'DELETE' action = 'DELETE'
if '_id' in lookup: if '_id' in lookup:
@@ -210,7 +213,7 @@ def pre_DELETE(request, lookup):
else: else:
owner = False owner = False
if action not in type_world_permissions[node_type] and \ if action not in type_world_permissions[node_type] and \
action not in g.get('groups_permissions'): action not in type_groups_permissions[node_type]:
if action not in type_owner_permissions[node_type]: if action not in type_owner_permissions[node_type]:
print ("Abort1") print ("Abort1")
abort(403) abort(403)
@@ -228,6 +231,7 @@ def check_permissions(user):
dbnode = None dbnode = None
owner_permissions = [] owner_permissions = []
world_permissions = [] world_permissions = []
groups_permissions = []
groups = app.data.driver.db['groups'] groups = app.data.driver.db['groups']
users = app.data.driver.db['users'] users = app.data.driver.db['users']
owner_group = groups.find_one({'name': 'owner'}) owner_group = groups.find_one({'name': 'owner'})
@@ -248,7 +252,11 @@ def check_permissions(user):
if dbnode: if dbnode:
node_type = str(dbnode['node_type']) node_type = str(dbnode['node_type'])
json_data = json.loads(request.data) json_data = None
try:
json_data = json.loads(request.data)
except ValueError:
pass
if not node_type and json_data: if not node_type and json_data:
if 'node_type' in json_data: if 'node_type' in json_data:
node_type = json_data['node_type'] node_type = json_data['node_type']
@@ -268,7 +276,7 @@ def check_permissions(user):
# Get and store permissions for that node_type # Get and store permissions for that node_type
type_owner_permissions = {} type_owner_permissions = {}
type_world_permissions = {} type_world_permissions = {}
groups_permissions = [] type_groups_permissions = {}
for per in owner_group['permissions']: for per in owner_group['permissions']:
type_owner_permissions[per['node_type']] = per['permissions'] type_owner_permissions[per['node_type']] = per['permissions']
@@ -280,19 +288,27 @@ def check_permissions(user):
if str(per['node_type']) == node_type: if str(per['node_type']) == node_type:
world_permissions = per['permissions'] world_permissions = per['permissions']
# Adding empty permissions
if per['node_type'] not in type_groups_permissions:
type_groups_permissions[per['node_type']] = []
groups_data = user_data.get('groups') groups_data = user_data.get('groups')
if groups_data: if groups_data:
for group in groups_data: for group in groups_data:
group_data = groups.find_one({'_id': ObjectId(group)}) group_data = groups.find_one({'_id': ObjectId(group)})
for per in group_data['permissions']: for per in group_data['permissions']:
groups_permissions += per['permissions'] type_groups_permissions[per['node_type']] += \
per['permissions']
if str(per['node_type']) == node_type:
groups_permissions = per['permissions']
# Store permission properties on global # Store permission properties on global
setattr(g, 'owner_permissions', owner_permissions) setattr(g, 'owner_permissions', owner_permissions)
setattr(g, 'world_permissions', world_permissions) setattr(g, 'world_permissions', world_permissions)
setattr(g, 'type_world_permissions', type_world_permissions)
setattr(g, 'type_owner_permissions', type_owner_permissions)
setattr(g, 'groups_permissions', groups_permissions) setattr(g, 'groups_permissions', groups_permissions)
setattr(g, 'type_owner_permissions', type_owner_permissions)
setattr(g, 'type_world_permissions', type_world_permissions)
setattr(g, 'type_groups_permissions', type_groups_permissions)
class TokensAuth(TokenAuth): class TokensAuth(TokenAuth):