diff --git a/ckan/controllers/user.py b/ckan/controllers/user.py index 7a0cf3389bb..86424a3010e 100644 --- a/ckan/controllers/user.py +++ b/ckan/controllers/user.py @@ -11,7 +11,7 @@ from ckan.logic import NotFound, NotAuthorized, ValidationError from ckan.logic import check_access, get_action from ckan.logic import tuplize_dict, clean_dict, parse_params -from ckan.logic.schema import user_new_form_schema, user_edit_form_schema +from ckan.logic.schema import user_new_form_schema, user_edit_form_schema from ckan.logic.action.get import user_activity_list_html from ckan.lib.captcha import check_recaptcha, CaptchaError @@ -31,7 +31,7 @@ def __before__(self, action, **env): if c.action not in ('login','request_reset','perform_reset',): abort(401, _('Not authorized to see this page')) - ## hooks for subclasses + ## hooks for subclasses new_user_form = 'user/new_user_form.html' edit_user_form = 'user/edit_user_form.html' @@ -130,7 +130,7 @@ def new(self, data=None, errors=None, error_summary=None): if context['save'] and not data: return self._save_new(context) - + data = data or {} errors = errors or {} error_summary = error_summary or {} @@ -201,10 +201,10 @@ def edit(self, id=None, data=None, errors=None, error_summary=None): abort(404, _('User not found')) user_obj = context.get('user_obj') - + if not (ckan.authz.Authorizer().is_sysadmin(unicode(c.user)) or c.user == user_obj.name): abort(401, _('User %s not authorized to edit %s') % (str(c.user), id)) - + errors = errors or {} vars = {'data': data, 'errors': errors, 'error_summary': error_summary} @@ -244,9 +244,9 @@ def login(self): # #1662 restriction log.warn('Cannot mount CKAN at a URL and login with OpenID.') g.openid_enabled = False - + return render('user/login.html') - + def logged_in(self): if c.user: context = {'model': model, @@ -268,14 +268,14 @@ def logged_in(self): h.flash_error('Login failed. Bad username or password.' + \ ' (Or if using OpenID, it hasn\'t been associated with a user account.)') h.redirect_to(controller='user', action='login') - + def logged_out(self): c.user = None response.delete_cookie("ckan_user") response.delete_cookie("ckan_display_name") response.delete_cookie("ckan_apikey") return render('user/logout.html') - + def request_reset(self): if request.method == 'POST': id = request.params.get('user') @@ -337,7 +337,7 @@ def perform_reset(self, id): if request.method == 'POST': try: - context['reset_password'] = True + context['reset_password'] = True new_password = self._get_form_password() user_dict['password'] = new_password user_dict['reset_key'] = c.reset_key @@ -365,7 +365,7 @@ def _format_about(self, about): log.error('Could not print "about" field Field: %r Error: %r', about, e) html = _('Error: Could not parse About text') return html - + def _get_form_password(self): password1 = request.params.getone('password1') password2 = request.params.getone('password2') @@ -375,4 +375,4 @@ def _get_form_password(self): elif not password1 == password2: raise ValueError(_("The passwords you entered do not match.")) return password1 - + diff --git a/ckan/model/user.py b/ckan/model/user.py index 96660ef839d..780cb94ef00 100644 --- a/ckan/model/user.py +++ b/ckan/model/user.py @@ -148,6 +148,19 @@ def number_administered_packages(self): def is_in_group(self, group): return group in self.get_groups() + def is_in_groups(self, groupids): + """ Given a list of group ids, returns True if this user is in any of + those groups """ + guser = set( self.get_group_ids() ) + gids = set( groupids ) + + return len( guser.intersection( gids ) ) > 0 + + + def get_group_ids(self, group_type=None): + """ Returns a list of group ids that the current user belongs to """ + return [ g.id for g in self.get_groups( group_type=group_type ) ] + def get_groups(self, group_type=None, capacity=None): import ckan.model as model