entities/authobjs.py
author Sylvain Thénault <sylvain.thenault@logilab.fr>
Mon, 11 Jul 2011 09:15:54 +0200
changeset 7639 5c9e94a09e97
parent 7371 233b761201e4
child 7780 a1d5365fefc1
permissions -rw-r--r--
[web form] avoid mis-formated warning for _cw_fields
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
7120
e8b6fc55df2d [cwuser, persistent properties] fix recent set_property implementation on CWUser: for_user is automatically handled for non-managers users (this is seriously debatable though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7110
diff changeset
     1
# copyright 2003-2011 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     2
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     3
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     4
# This file is part of CubicWeb.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     5
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     6
# CubicWeb is free software: you can redistribute it and/or modify it under the
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     7
# terms of the GNU Lesser General Public License as published by the Free
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     8
# Software Foundation, either version 2.1 of the License, or (at your option)
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
     9
# any later version.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    10
#
5424
8ecbcbff9777 replace logilab-common by CubicWeb in disclaimer
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5421
diff changeset
    11
# CubicWeb is distributed in the hope that it will be useful, but WITHOUT
5421
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    12
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    13
# FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public License for more
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    14
# details.
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    15
#
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    16
# You should have received a copy of the GNU Lesser General Public License along
8167de96c523 proper licensing information (LGPL-2.1). Hope I get it right this time.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
    17
# with CubicWeb.  If not, see <http://www.gnu.org/licenses/>.
5556
9ab2b4c74baf [entity] introduce a new 'adapters' registry
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5426
diff changeset
    18
"""entity classes user and group entities"""
583
d0c6f5efb837 fix rtags to have correct msgids for bookmarked_by relation
sylvain.thenault@logilab.fr
parents: 0
diff changeset
    19
d0c6f5efb837 fix rtags to have correct msgids for bookmarked_by relation
sylvain.thenault@logilab.fr
parents: 0
diff changeset
    20
__docformat__ = "restructuredtext en"
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
    21
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    22
from logilab.common.decorators import cached
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    23
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    24
from cubicweb import Unauthorized
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    25
from cubicweb.entities import AnyEntity, fetch_config
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    26
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
    27
class CWGroup(AnyEntity):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2784
diff changeset
    28
    __regid__ = 'CWGroup'
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    29
    fetch_attrs, fetch_order = fetch_config(['name'])
1343
659d3dc42e68 sort on EUser.login/EGroup.name in vocabulary
sylvain.thenault@logilab.fr
parents: 1154
diff changeset
    30
    fetch_unrelated_order = fetch_order
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    31
7371
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    32
    def grant_permission(self, entity, pname, plabel=None):
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    33
        """grant local `pname` permission on `entity` to this group using
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    34
        :class:`CWPermission`.
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    35
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    36
        If a similar permission already exists, add the group to it, else create
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    37
        a new one.
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    38
        """
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    39
        if not self._cw.execute(
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    40
            'SET X require_group G WHERE E eid %(e)s, G eid %(g)s, '
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    41
            'E require_permission X, X name %(name)s, X label %(label)s',
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    42
            {'e': entity.eid, 'g': self.eid,
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    43
             'name': pname, 'label': plabel}):
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    44
            self._cw.create_entity('CWPermission', name=pname, label=plabel,
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    45
                                   require_group=self,
233b761201e4 [cwpermission, cwgroup] convenience method on CWGroup to grant a local permission (ie CWPermission) on an entity
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7370
diff changeset
    46
                                   reverse_require_permission=entity)
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
    47
4246
c95b8c7e5fb2 don't use matching_groups() for is_in_group implementation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4212
diff changeset
    48
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
    49
class CWUser(AnyEntity):
3377
dd9d292b6a6d use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 2784
diff changeset
    50
    __regid__ = 'CWUser'
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    51
    fetch_attrs, fetch_order = fetch_config(['login', 'firstname', 'surname'])
1343
659d3dc42e68 sort on EUser.login/EGroup.name in vocabulary
sylvain.thenault@logilab.fr
parents: 1154
diff changeset
    52
    fetch_unrelated_order = fetch_order
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    53
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    54
    # used by repository to check if  the user can log in or not
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    55
    AUTHENTICABLE_STATES = ('activated',)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    56
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    57
    # low level utilities #####################################################
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    58
    def __init__(self, *args, **kwargs):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    59
        groups = kwargs.pop('groups', None)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    60
        properties = kwargs.pop('properties', None)
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
    61
        super(CWUser, self).__init__(*args, **kwargs)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    62
        if groups is not None:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    63
            self._groups = groups
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    64
        if properties is not None:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    65
            self._properties = properties
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    66
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    67
    @property
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    68
    def groups(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    69
        try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    70
            return self._groups
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    71
        except AttributeError:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    72
            self._groups = set(g.name for g in self.in_group)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    73
            return self._groups
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    74
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    75
    @property
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    76
    def properties(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    77
        try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    78
            return self._properties
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    79
        except AttributeError:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    80
            self._properties = dict((p.pkey, p.value) for p in self.reverse_for_user)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    81
            return self._properties
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    82
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    83
    def property_value(self, key):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    84
        try:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    85
            # properties stored on the user aren't correctly typed
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    86
            # (e.g. all values are unicode string)
3380
3be33dc83d8b use ._cw.vreg instead of vreg on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3378
diff changeset
    87
            return self._cw.vreg.typed_value(key, self.properties[key])
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    88
        except KeyError:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    89
            pass
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
    90
        except ValueError:
3380
3be33dc83d8b use ._cw.vreg instead of vreg on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3378
diff changeset
    91
            self.warning('incorrect value for eproperty %s of user %s',
3be33dc83d8b use ._cw.vreg instead of vreg on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3378
diff changeset
    92
                         key, self.login)
3be33dc83d8b use ._cw.vreg instead of vreg on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3378
diff changeset
    93
        return self._cw.vreg.property_value(key)
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
    94
7110
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
    95
    def set_property(self, pkey, value):
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
    96
        value = unicode(value)
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
    97
        try:
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
    98
            prop = self._cw.execute(
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
    99
                'CWProperty X WHERE X pkey %(k)s, X for_user U, U eid %(u)s',
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
   100
                {'k': pkey, 'u': self.eid}).get_entity(0, 0)
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
   101
        except:
7120
e8b6fc55df2d [cwuser, persistent properties] fix recent set_property implementation on CWUser: for_user is automatically handled for non-managers users (this is seriously debatable though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7110
diff changeset
   102
            kwargs = dict(pkey=unicode(pkey), value=value)
e8b6fc55df2d [cwuser, persistent properties] fix recent set_property implementation on CWUser: for_user is automatically handled for non-managers users (this is seriously debatable though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7110
diff changeset
   103
            if self.is_in_group('managers'):
e8b6fc55df2d [cwuser, persistent properties] fix recent set_property implementation on CWUser: for_user is automatically handled for non-managers users (this is seriously debatable though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7110
diff changeset
   104
                kwargs['for_user'] = self
e8b6fc55df2d [cwuser, persistent properties] fix recent set_property implementation on CWUser: for_user is automatically handled for non-managers users (this is seriously debatable though)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 7110
diff changeset
   105
            self._cw.create_entity('CWProperty', **kwargs)
7110
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
   106
        else:
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
   107
            prop.set_attributes(value=value)
73b3e0e095d3 [cwprops] add set_property method on CWUser instances, to ease setting of user specific properties
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 5556
diff changeset
   108
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   109
    def matching_groups(self, groups):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   110
        """return the number of the given group(s) in which the user is
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   111
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   112
        :type groups: str or iterable(str)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   113
        :param groups: a group name or an iterable on group names
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   114
        """
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   115
        if isinstance(groups, basestring):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   116
            groups = frozenset((groups,))
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   117
        elif isinstance(groups, (tuple, list)):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   118
            groups = frozenset(groups)
4246
c95b8c7e5fb2 don't use matching_groups() for is_in_group implementation
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4212
diff changeset
   119
        return len(groups & self.groups) # XXX return the resulting set instead of its size
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   120
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   121
    def is_in_group(self, group):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   122
        """convience / shortcut method to test if the user belongs to `group`
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   123
        """
4402
360c532070f5 [entities] fix CWUser.is_in_group implementation
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents: 4246
diff changeset
   124
        return group in self.groups
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   125
590
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   126
    def is_anonymous(self):
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   127
        """ checks if user is an anonymous user"""
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   128
        #FIXME on the web-side anonymous user is detected according
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   129
        # to config['anonymous-user'], we don't have this info on
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   130
        # the server side.
590
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   131
        return self.groups == frozenset(('guests', ))
bbf6d47a2e9b test if anonymous
Arthur Lutz <arthur.lutz@logilab.fr>
parents: 0
diff changeset
   132
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   133
    def owns(self, eid):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   134
        try:
4835
13b0b96d7982 [repo] enhanced security handling: deprecates unsafe_execute, in favor of explicit read/write security control using the `enabled_security` context manager. Also code executed on the repository side is now unsafe by default.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4436
diff changeset
   135
            return self._cw.execute(
13b0b96d7982 [repo] enhanced security handling: deprecates unsafe_execute, in favor of explicit read/write security control using the `enabled_security` context manager. Also code executed on the repository side is now unsafe by default.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4436
diff changeset
   136
                'Any X WHERE X eid %(x)s, X owned_by U, U eid %(u)s',
5174
78438ad513ca #759035: Automate addition of eid cachekey in RQL analysis
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
   137
                {'x': eid, 'u': self.eid})
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   138
        except Unauthorized:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   139
            return False
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   140
    owns = cached(owns, keyarg=1)
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   141
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   142
    def has_permission(self, pname, contexteid=None):
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
   143
        rql = 'Any P WHERE P is CWPermission, U eid %(u)s, U in_group G, '\
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   144
              'P name %(pname)s, P require_group G'
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   145
        kwargs = {'pname': pname, 'u': self.eid}
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   146
        if contexteid is not None:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   147
            rql += ', X require_permission P, X eid %(x)s'
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   148
            kwargs['x'] = contexteid
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   149
        try:
5174
78438ad513ca #759035: Automate addition of eid cachekey in RQL analysis
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 4835
diff changeset
   150
            return self._cw.execute(rql, kwargs)
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   151
        except Unauthorized:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   152
            return False
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   153
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   154
    # presentation utilities ##################################################
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   155
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   156
    def name(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   157
        """construct a name using firstname / surname or login if not defined"""
1553
3f91ef2397d0 delete-trailing-whitespaces
sylvain.thenault@logilab.fr
parents: 1398
diff changeset
   158
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   159
        if self.firstname and self.surname:
3378
2f25f701301d use ._cw instead of req on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents: 3377
diff changeset
   160
            return self._cw._('%(firstname)s %(surname)s') % {
0
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   161
                'firstname': self.firstname, 'surname' : self.surname}
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   162
        if self.firstname:
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   163
            return self.firstname
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   164
        return self.login
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   165
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   166
    def dc_title(self):
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   167
        return self.login
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   168
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   169
    dc_long_title = name
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   170
b97547f5f1fa Showtime !
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
diff changeset
   171
from logilab.common.deprecation import class_renamed
1398
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
   172
EUser = class_renamed('EUser', CWUser)
5fe84a5f7035 rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents: 1343
diff changeset
   173
EGroup = class_renamed('EGroup', CWGroup)