1ad13d048f
Some extra type safety checks
2017-08-24 14:28:17 +02:00
cfde720b1d
Orgs: PATCH op to batch-add emails as members now strip()s emails
...
It also refuses to add empty emails.
2017-08-24 14:28:11 +02:00
5d17d892a4
Orgs: Use current_user() in PATCH handler
2017-08-24 14:28:02 +02:00
40172bf8b5
Orgs: Use create-organization capability to control access
...
This is more explicit and future-proof than checking for admin cap.
2017-08-24 14:27:52 +02:00
72404d0fd9
Handle registration of previously unknown organization members.
...
When a new user is created, two things happen:
- before inserting into MongoDB, the organizational roles are given
- after inserting, the organizations are updated to move the user from
`unknown_members` to `members`.
2017-08-24 14:26:19 +02:00
b53d485960
Added access control to organizations Eve endpoints
2017-08-24 14:26:19 +02:00
cf51d1a280
Added utility function current_user() that acts like flask_login.current_user
...
This actually returns an AnonymousUser object, instead of None, when the
user is not logged in.
For compatibility with existing code, this function doesn't set
g.current_user to that AnonymousUser instance. We may decide to do this
later.
2017-08-24 14:26:19 +02:00
efc1890871
Added PATCH support for organizations
...
With a PATCH request you can now:
- assign users,
- remove a user,
- edit the name, description, and website fields.
Only the organization admin user can do this.
2017-08-24 14:26:19 +02:00
93d534fe94
Added Organization Manager.
...
This is a Flamenco/Attract-style Manager object that's instantiated by
the PillarApplication. It can create Organizations and assign/remove
users.
Also I updated the Organization schema to reflect the currently desired
design.
NOTA BENE: this does not include any security/authorisation checks on Eve's
organizations collection.
2017-08-24 14:25:52 +02:00
87afbc52f6
Updated do_badger to take an optional set of roles.
...
The 'role' parameter now must be passed as keyword arg instead of
positional arg. Either 'role' or 'roles' must be given.
2017-08-23 08:59:23 +02:00
15de24214a
Decouple upload_and_process from stream_to_storage
...
The stream_to_storage function is still quite large, and this is a first step at refactoring it. stream_to_storage can be used for files that are uploaded on the server without the /stream endpoint (for example downloaded from a link).
2017-08-22 13:26:12 +02:00
2b09711eb0
Load user capabilities from Pillar config and allow extensions to extend.
...
Default caps can be overridden using the USER_CAPABILITIES name in
config_local.py. These can be extended by Pillar Extensions.
2017-08-22 11:31:17 +02:00
566f2a4835
Late-initialise CLI user & late-import UserClass class
...
This may fix some unit tests issues.
2017-08-22 09:41:38 +02:00
575a7ed1a7
Introduced role-based capability system.
...
It's still rather limited and hard-coded, but it works.
2017-08-18 14:47:42 +02:00
566a23d3b6
Unified user representation for web and API calls
...
Both approaches now use a pillar.auth.UserClass instance. g.current_user
is now always set to that instance, even for web entry points.
This UserClass instance can still be keyed like the old dict, but this is
for temporary compatibility and shouldn't be relied on in new or touched
code.
2017-08-18 13:19:34 +02:00
6285e81883
Add course and workshop project types to admin interface
2017-07-27 17:18:20 +02:00
4c896ae6b7
Introducing new icons
...
graduation-cap and lightbulb thanks to @venomgfx.
2017-07-26 16:55:42 +02:00
b3aee6c8bc
Introducing new types of projects
...
We reorganized training projects into courses and workshops. Project types should be expandable by extensions to avoid this kind of changes.
2017-07-26 16:55:02 +02:00
e18ed79c7b
Move training and open-projects to blender-cloud repo
2017-07-26 16:52:45 +02:00
502e494083
Clean up local login
...
Use generate_and_store_token and get_local_user directly instead of the /make-token endpoint.
2017-07-14 21:41:40 +02:00
e752a5dc87
On new project creation, use the backend storage set in config
2017-07-14 12:04:24 +02:00
5ec76f8801
Remove Blender Cloud specific pages
...
They are now available in the blender-cloud repository. This is an effort to make Pillar a generic package.
2017-07-13 18:24:43 +02:00
bd13d89817
Added permission check to DELETE of nodes.
2017-07-13 17:29:46 +02:00
4c273671e4
CLI index_users_rebuild() made parallel
2017-07-11 15:29:17 +02:00
f3e79bcfb5
Formatting
2017-07-11 12:56:40 +02:00
b04abef20f
Also push user to Algolia when its role changes through the badger
...
This may cause some superfluous pushes, though.
2017-07-11 12:56:32 +02:00
73d4a77881
Role change blinker: make comparison set-based
...
This makes it impervious to changes in order and duplicate roles.
2017-07-11 12:17:06 +02:00
c974b388b6
Formatting
2017-06-29 11:05:14 +02:00
e061d6c29d
Allow editing users' email address via /u/
...
Also reloads the user info after a succesful edit.
2017-06-29 11:05:01 +02:00
fc4ab9d6ba
Removed obsolete comment file + function
2017-06-16 13:40:31 +02:00
2482381999
Added ability to add missing node types to replace_pillar_node_type_schemas
2017-06-16 12:40:10 +02:00
6e6ea6082d
Renamed _attachments_embedded_schema to attachments_embedded_schema
...
It's used in multiple files, and thus shouldn't be marked as 'private'.
2017-06-16 12:39:51 +02:00
50108201cf
Removed 'content' property from page node type
...
... because it doesn't work when it's there.
2017-06-16 12:38:51 +02:00
964526924d
Save thumbnails with explicit quality setting.
...
This should have been the default value anyway, but T49477 looks like it
may not be. This should solve that.
2017-06-15 16:56:23 +02:00
7ed053b6c1
Little clarification
...
... because I always forget this myself...
2017-06-15 14:52:43 +02:00
8e02de32ab
Pillar Extensions can now determine which user roles to index in Algola
2017-06-15 11:31:48 +02:00
8d94901bab
Use app.user_roles to construct the roles field in /u
2017-06-15 11:13:44 +02:00
13b67702b4
Let Pillar extensions register new roles.
...
These will be available via the app.user_roles property.
2017-06-15 11:06:01 +02:00
cdb148fc0d
Just import the forms module, not every single form it it separately.
2017-06-15 11:04:44 +02:00
efa2321ac3
Pillar extensions can now register global Jinja2 context processors.
2017-06-14 16:10:11 +02:00
73c5032a48
Convert timezone, not replace it
2017-06-14 12:06:20 +02:00
293961097f
Merge branch 'production'
2017-06-08 11:45:16 +02:00
740df09b9d
User edit form: prevent accidentally revoking roles
...
Prevent accidentally revoking roles that were not part of the form.
2017-06-08 11:35:33 +02:00
263c274774
Allow indexing of flamenco-user role.
...
Role handling should be refactored so that extensions can also declare
roles, and whether they should be pushed to Algolia or not.
2017-06-08 11:34:53 +02:00
91807ad022
Add comment to STORAGE_BACKEND config
2017-06-07 19:40:19 +02:00
155ddf243a
Partial revert of "Added @project_view() decorator to reduce duplicated code."
...
This reverts parts of commit 0cf96e47e8
2017-06-07 17:06:26 +02:00
1ce4654673
Autodetect timestamp format in Blender ID token expiry.
...
The new Blender ID uses a different timestamp format than the old one.
We can alter Blender ID, but using the ISO 8601 is a good idea anyway.
2017-06-07 09:00:51 +02:00
72cbd2ce2b
Added 'repr' Jinja2 filter.
...
This can help with debugging, for example by showing the difference between
a string ID and an ObjectID.
2017-06-06 18:29:33 +02:00
3d273d4284
Expose Flask session to Jinja
2017-06-06 18:06:46 +02:00
d920d9e9fe
Also mock .s() and .si() celery signature functions.
2017-06-06 17:35:56 +02:00
