Skip to content

Commit

Permalink
[1669] Emergency test commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@rossjones
rossjones committed Jan 31, 2012
1 parent afd752a commit 8b02d22
Show file tree
Hide file tree
Showing 10 changed files with 271 additions and 28 deletions.
2 changes: 1 addition & 1 deletion ckan/controllers/group.py
View file
Expand Up @@ -423,7 +423,7 @@ def _save_edit(self, id, context):
context['message'] = data_dict.get('log_message', '')
data_dict['id'] = id
group = get_action('group_update')(context, data_dict)
h.redirect_to('%s_read' % group['type'], id=group['name'])
h.redirect_to('%s_read' % str(group['type']), id=group['name'])
except NotAuthorized:
abort(401, _('Unauthorized to read group %s') % id)
except NotFound, e:
Expand Down
20 changes: 13 additions & 7 deletions ckan/lib/create_test_data.py
View file
Expand Up @@ -273,7 +273,7 @@ def pkg(pkg_name):


@classmethod
def create_groups(cls, group_dicts, admin_user_name=None):
def create_groups(cls, group_dicts, admin_user_name=None, auth_profile=""):
'''A more featured interface for creating groups.
All group fields can be filled, packages added and they can
have an admin user.'''
Expand All @@ -289,6 +289,7 @@ def create_groups(cls, group_dicts, admin_user_name=None):
group_attributes = set(('name', 'title', 'description', 'parent_id'))
for group_dict in group_dicts:
group = model.Group(name=unicode(group_dict['name']))
group.type = auth_profile or 'group'
for key in group_dict:
if key in group_attributes:
setattr(group, key, group_dict[key])
Expand All @@ -307,7 +308,7 @@ def create_groups(cls, group_dicts, admin_user_name=None):
model.repo.commit_and_remove()

@classmethod
def create(cls):
def create(cls, auth_profile=""):
import ckan.model as model
model.Session.remove()
rev = model.repo.new_revision()
Expand All @@ -318,11 +319,13 @@ def create(cls):
* Package: warandpeace
* Associated tags, etc etc
'''

if auth_profile == "publisher":
publisher_group = model.Group(name=u"publisher_group", type="publisher")

cls.pkg_names = [u'annakarenina', u'warandpeace']
pkg1 = model.Package(name=cls.pkg_names[0])
#pkg1.group = publisher_group
if auth_profile == "publisher":
pkg1.group = publisher_group
model.Session.add(pkg1)
pkg1.title = u'A Novel By Tolstoy'
pkg1.version = u'0.7a'
Expand Down Expand Up @@ -376,7 +379,8 @@ def create(cls):
tag1 = model.Tag(name=u'russian')
tag2 = model.Tag(name=u'tolstoy')

#pkg2.group = publisher_group
if auth_profile == "publisher":
pkg2.group = publisher_group

# Flexible tag, allows spaces, upper-case,
# and all punctuation except commas
Expand All @@ -395,10 +399,12 @@ def create(cls):
# group
david = model.Group(name=u'david',
title=u'Dave\'s books',
description=u'These are books that David likes.')
description=u'These are books that David likes.',
type=auth_profile or 'group')
roger = model.Group(name=u'roger',
title=u'Roger\'s books',
description=u'Roger likes these books.')
description=u'Roger likes these books.',
type=auth_profile or 'group')
for obj in [david, roger]:
model.Session.add(obj)

Expand Down
2 changes: 1 addition & 1 deletion ckan/lib/helpers.py
View file
Expand Up @@ -148,7 +148,7 @@ def subnav_named_route(c, text, routename,**kwargs):
""" Generate a subnav element based on a named route """
return link_to(
text,
url_for(routename, **kwargs),
url_for(str(routename), **kwargs),
class_=('active' if c.action == kwargs['action'] else '')
)

Expand Down
5 changes: 0 additions & 5 deletions ckan/logic/auth/publisher/__init__.py
View file
Expand Up @@ -3,13 +3,8 @@
def _groups_intersect( groups_A, groups_B ):
""" Return true if any of the groups in A are also in B (or size
of intersection > 0). If both are empty for now we will allow it """
# TODO: Fix me.

ga = set(groups_A)
gb = set(groups_B)

if len(gb) + len(ga) == 0:
return True

return len( ga.intersection( gb ) ) > 0

7 changes: 6 additions & 1 deletion ckan/logic/auth/publisher/update.py
View file
Expand Up @@ -45,11 +45,16 @@ def package_edit_permissions(context, data_dict):

def group_update(context, data_dict):
model = context['model']
user = context['user']
user = context.get('user','')
group = get_group_object(context, data_dict)

if not user:
return {'success': False, 'msg': _('Only members of this group are authorized to edit this group')}

# Only allow package update if the user and package groups intersect
userobj = model.User.get( user )
if not userobj:
return {'success': False, 'msg': _('Could not find user %s') % str(user)}
if not _groups_intersect( userobj.get_groups('publisher', 'admin'), [group] ):
return {'success': False, 'msg': _('User %s not authorized to edit this group') % str(user)}

Expand Down
2 changes: 1 addition & 1 deletion ckan/logic/auth/update.py
View file
Expand Up @@ -74,7 +74,7 @@ def group_update(context, data_dict):
model = context['model']
user = context['user']
group = get_group_object(context, data_dict)

authorized = check_access_old(group, model.Action.EDIT, context)
if not authorized:
return {'success': False, 'msg': _('User %s not authorized to edit group %s') % (str(user),group.id)}
Expand Down
3 changes: 2 additions & 1 deletion ckan/model/group.py
View file
Expand Up @@ -67,8 +67,9 @@ def related_packages(self):
class Group(vdm.sqlalchemy.RevisionedObjectMixin,
vdm.sqlalchemy.StatefulObjectMixin,
DomainObject):

def __init__(self, name=u'', title=u'', description=u'',
type=u'group', approval_status=u"approved")
type=u'group', approval_status=u'approved' ):
self.name = name
self.title = title
self.description = description
Expand Down
29 changes: 19 additions & 10 deletions ckan/new_authz.py
View file
Expand Up @@ -8,7 +8,12 @@

# This is a private cache used by get_auth_function() and should never
# be accessed directly
_auth_functions = {}
class AuthFunctions:
_functions = {}

def reset_auth_functions(type=''):
AuthFunctions._functions = {}
_get_auth_function('resource_create', type)

def is_authorized(action, context,data_dict=None):
auth_function = _get_auth_function(action)
Expand All @@ -17,11 +22,11 @@ def is_authorized(action, context,data_dict=None):
else:
raise ValueError(_('Authorization function not found: %s' % action))

def _get_auth_function(action):
def _get_auth_function(action, profile=None):
from pylons import config
if _auth_functions:
return _auth_functions.get(action)

if AuthFunctions._functions:
return AuthFunctions._functions.get(action)

# Otherwise look in all the plugins to resolve all possible
# First get the default ones in the ckan/logic/auth directory
Expand All @@ -31,10 +36,14 @@ def _get_auth_function(action):

# We will load the auth profile from settings
module_root = 'ckan.logic.auth'
auth_profile = config.get('ckan.auth.profile', '')
if profile is not None:
auth_profile = profile
else:
auth_profile = config.get('ckan.auth.profile', '')

if auth_profile:
module_root = '%s.%s' % (module_root, auth_profile)

log.info('Using auth profile at %s' % module_root)

for auth_module_name in ['get', 'create', 'update','delete']:
Expand All @@ -50,7 +59,7 @@ def _get_auth_function(action):

for key, v in module.__dict__.items():
if not key.startswith('_'):
_auth_functions[key] = v
AuthFunctions._functions[key] = v

# Then overwrite them with any specific ones in the plugins:
resolved_auth_function_plugins = {}
Expand All @@ -68,6 +77,6 @@ def _get_auth_function(action):
resolved_auth_function_plugins[name] = plugin.name
fetched_auth_functions[name] = auth_function
# Use the updated ones in preference to the originals.
_auth_functions.update(fetched_auth_functions)
return _auth_functions.get(action)
AuthFunctions._functions.update(fetched_auth_functions)
return AuthFunctions._functions.get(action)

0 comments on commit 8b02d22

Please sign in to comment.