author | Sylvain Thénault <sylvain.thenault@logilab.fr> |
Tue, 13 Oct 2009 08:47:41 +0200 | |
changeset 3645 | 7272b793d7c9 |
parent 3451 | 6b46d73823f5 |
child 3733 | c3feb6a33f58 |
permissions | -rw-r--r-- |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
1 |
"""security management and error screens |
0 | 2 |
|
3 |
||
4 |
:organization: Logilab |
|
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1941
diff
changeset
|
5 |
:copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2. |
0 | 6 |
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1941
diff
changeset
|
7 |
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses |
0 | 8 |
""" |
9 |
__docformat__ = "restructuredtext en" |
|
1641 | 10 |
_ = unicode |
0 | 11 |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
12 |
from logilab.mtconverter import xml_escape |
0 | 13 |
|
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
14 |
from cubicweb.selectors import yes, none_rset, match_user_groups, authenticated_user |
836 | 15 |
from cubicweb.view import AnyRsetView, StartupView, EntityView |
604
e85042d18b48
[preferences] preferences sections will now remember their collapsed/open status
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
602
diff
changeset
|
16 |
from cubicweb.common.uilib import html_traceback, rest_traceback |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
17 |
from cubicweb.web import formwidgets as wdgs |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
18 |
from cubicweb.web.formfields import guess_field |
0 | 19 |
|
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
20 |
SUBMIT_MSGID = _('Submit bug report') |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
21 |
MAIL_SUBMIT_MSGID = _('Submit bug report by mail') |
0 | 22 |
|
2005
e8032965f37a
turn every form class into appobject. They should not be instantiated manually anymore.
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1995
diff
changeset
|
23 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
24 |
class SecurityViewMixIn(object): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
25 |
"""display security information for a given schema """ |
1941
4f38e8b81a1a
egroup -> cwgroup #343418
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1877
diff
changeset
|
26 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
27 |
def schema_definition(self, eschema, link=True, access_types=None): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
28 |
w = self.w |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
29 |
_ = self._cw._ |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
30 |
if not access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
31 |
access_types = eschema.ACTIONS |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
32 |
w(u'<table class="schemaInfo">') |
1641 | 33 |
w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % ( |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
34 |
_("permission"), _('granted to groups'), _('rql expressions'))) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
35 |
for access_type in access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
36 |
w(u'<tr>') |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
37 |
w(u'<td>%s</td>' % self._cw.__('%s_perm' % access_type)) |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
38 |
groups = eschema.get_groups(access_type) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
39 |
l = [] |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
40 |
groups = [(_(group), group) for group in groups] |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
41 |
for trad, group in sorted(groups): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
42 |
if link: |
2047 | 43 |
# XXX we should get a group entity and call its absolute_url |
44 |
# method |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
45 |
l.append(u'<a href="%s" class="%s">%s</a><br/>' % ( |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
46 |
self._cw.build_url('cwgroup/%s' % group), group, trad)) |
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
47 |
else: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
48 |
l.append(u'<div class="%s">%s</div>' % (group, trad)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
49 |
w(u'<td>%s</td>' % u''.join(l)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
50 |
rqlexprs = eschema.get_rqlexprs(access_type) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
51 |
w(u'<td>%s</td>' % u'<br/><br/>'.join(expr.expression for expr in rqlexprs)) |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
52 |
w(u'</tr>\n') |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
53 |
w(u'</table>') |
0 | 54 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
55 |
def has_schema_modified_permissions(self, eschema, access_types): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
56 |
""" return True if eschema's actual permissions are diffrents |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
57 |
from the default ones |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
58 |
""" |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
59 |
for access_type in access_types: |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
60 |
if eschema.get_rqlexprs(access_type): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
61 |
return True |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
62 |
if eschema.get_groups(access_type) != \ |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
63 |
frozenset(eschema.get_default_groups()[access_type]): |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
64 |
return True |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
65 |
return False |
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
66 |
|
1525
cc2e2cbd7019
include dom id of the form in __errorurl in case there are multiple forms in a page
sylvain.thenault@logilab.fr
parents:
1522
diff
changeset
|
67 |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
68 |
class SecurityManagementView(EntityView, SecurityViewMixIn): |
0 | 69 |
"""display security information for a given entity""" |
3377
dd9d292b6a6d
use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3230
diff
changeset
|
70 |
__regid__ = 'security' |
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
71 |
__select__ = EntityView.__select__ & authenticated_user() |
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
72 |
|
0 | 73 |
title = _('security') |
1941
4f38e8b81a1a
egroup -> cwgroup #343418
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1877
diff
changeset
|
74 |
|
1569
99a19875ef1e
set progress div in call() to avoid duplication when applied on multiple entities
sylvain.thenault@logilab.fr
parents:
1568
diff
changeset
|
75 |
def call(self): |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
76 |
self.w(u'<div id="progress">%s</div>' % self._cw._('validating...')) |
1569
99a19875ef1e
set progress div in call() to avoid duplication when applied on multiple entities
sylvain.thenault@logilab.fr
parents:
1568
diff
changeset
|
77 |
super(SecurityManagementView, self).call() |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
78 |
|
0 | 79 |
def cell_call(self, row, col): |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
80 |
self._cw.add_js('cubicweb.edition.js') |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
81 |
self._cw.add_css('cubicweb.acl.css') |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
82 |
entity = self.cw_rset.get_entity(row, col) |
0 | 83 |
w = self.w |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
84 |
_ = self._cw._ |
0 | 85 |
w(u'<h1><span class="etype">%s</span> <a href="%s">%s</a></h1>' |
86 |
% (entity.dc_type().capitalize(), |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
87 |
xml_escape(entity.absolute_url()), |
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
88 |
xml_escape(entity.dc_title()))) |
0 | 89 |
# first show permissions defined by the schema |
90 |
self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
|
1494
d68aac1cda0d
#342695: add new security section to the schema view
Katia Saurfelt <katia.saurfelt@logilab.fr>
parents:
1333
diff
changeset
|
91 |
self.schema_definition(entity.e_schema) |
0 | 92 |
self.w('<h2>%s</h2>' % _('manage security')) |
93 |
# ownership information |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
94 |
if self._cw.schema.rschema('owned_by').has_perm(self._cw, 'add', |
0 | 95 |
fromeid=entity.eid): |
96 |
self.owned_by_edit_form(entity) |
|
97 |
else: |
|
98 |
self.owned_by_information(entity) |
|
1518 | 99 |
# cwpermissions |
0 | 100 |
if 'require_permission' in entity.e_schema.subject_relations(): |
101 |
w('<h3>%s</h3>' % _('permissions for this entity')) |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
102 |
reqpermschema = self._cw.schema.rschema('require_permission') |
0 | 103 |
self.require_permission_information(entity, reqpermschema) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
104 |
if reqpermschema.has_perm(self._cw, 'add', fromeid=entity.eid): |
0 | 105 |
self.require_permission_edit_form(entity) |
106 |
||
107 |
def owned_by_edit_form(self, entity): |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
108 |
self.w('<h3>%s</h3>' % self._cw._('ownership')) |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
109 |
msg = self._cw._('ownerships have been changed') |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
110 |
form = self._cw.vreg['forms'].select('base', self._cw, entity=entity, |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
111 |
form_renderer_id='base', submitmsg=msg, |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
112 |
form_buttons=[wdgs.SubmitButton()], |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
113 |
domid='ownership%s' % entity.eid, |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
114 |
__redirectvid='security', |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
115 |
__redirectpath=entity.rest_path()) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
116 |
field = guess_field(entity.e_schema, self._cw.schema.rschema('owned_by')) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
117 |
form.append_field(field) |
1567 | 118 |
self.w(form.form_render(display_progress_div=False)) |
0 | 119 |
|
120 |
def owned_by_information(self, entity): |
|
121 |
ownersrset = entity.related('owned_by') |
|
122 |
if ownersrset: |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
123 |
self.w('<h3>%s</h3>' % self._cw._('ownership')) |
0 | 124 |
self.w(u'<div class="ownerInfo">') |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
125 |
self.w(self._cw._('this entity is currently owned by') + ' ') |
0 | 126 |
self.wview('csv', entity.related('owned_by'), 'null') |
127 |
self.w(u'</div>') |
|
128 |
# else we don't know if this is because entity has no owner or becayse |
|
129 |
# user as no access to owner users entities |
|
130 |
||
131 |
def require_permission_information(self, entity, reqpermschema): |
|
132 |
if entity.require_permission: |
|
133 |
w = self.w |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
134 |
_ = self._cw._ |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
135 |
if reqpermschema.has_perm(self._cw, 'delete', fromeid=entity.eid): |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
136 |
delurl = self._cw.build_url('edit', __redirectvid='security', |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
137 |
__redirectpath=entity.rest_path()) |
0 | 138 |
delurl = delurl.replace('%', '%%') |
139 |
# don't give __delete value to build_url else it will be urlquoted |
|
140 |
# and this will replace %s by %25s |
|
141 |
delurl += '&__delete=%s:require_permission:%%s' % entity.eid |
|
2996
866a2c135c33
B #345282 xhtml requires to use   instead of
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents:
2670
diff
changeset
|
142 |
dellinktempl = u'[<a href="%s" title="%s">-</a>] ' % ( |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
143 |
xml_escape(delurl), _('delete this permission')) |
0 | 144 |
else: |
145 |
dellinktempl = None |
|
146 |
w(u'<table class="schemaInfo">') |
|
147 |
w(u'<tr><th>%s</th><th>%s</th></tr>' % (_("permission"), |
|
148 |
_('granted to groups'))) |
|
1518 | 149 |
for cwperm in entity.require_permission: |
0 | 150 |
w(u'<tr>') |
151 |
if dellinktempl: |
|
1518 | 152 |
w(u'<td>%s%s</td>' % (dellinktempl % cwperm.eid, |
153 |
cwperm.view('oneline'))) |
|
0 | 154 |
else: |
1518 | 155 |
w(u'<td>%s</td>' % cwperm.view('oneline')) |
156 |
w(u'<td>%s</td>' % self.view('csv', cwperm.related('require_group'), 'null')) |
|
0 | 157 |
w(u'</tr>\n') |
158 |
w(u'</table>') |
|
159 |
else: |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
160 |
self.w(self._cw._('no associated permissions')) |
0 | 161 |
|
162 |
def require_permission_edit_form(self, entity): |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
163 |
newperm = self._cw.vreg['etypes'].etype_class('CWPermission')(self._cw) |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
164 |
newperm.eid = self._cw.varmaker.next() |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
165 |
self.w(u'<p>%s</p>' % self._cw._('add a new permission')) |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
166 |
form = self._cw.vreg['forms'].select('base', self._cw, entity=newperm, |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
167 |
form_buttons=[wdgs.SubmitButton()], |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
168 |
domid='reqperm%s' % entity.eid, |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
169 |
__redirectvid='security', |
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
170 |
__redirectpath=entity.rest_path()) |
1531 | 171 |
form.form_add_hidden('require_permission', entity.eid, role='object', |
172 |
eidparam=True) |
|
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
173 |
permnames = getattr(entity, '__permissions__', None) |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
174 |
cwpermschema = newperm.e_schema |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
175 |
if permnames is not None: |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
176 |
field = guess_field(cwpermschema, self._cw.schema.rschema('name'), |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
177 |
widget=wdgs.Select({'size': 1}), |
1531 | 178 |
choices=permnames) |
0 | 179 |
else: |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
180 |
field = guess_field(cwpermschema, self._cw.schema.rschema('name')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
181 |
form.append_field(field) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
182 |
field = guess_field(cwpermschema, self._cw.schema.rschema('label')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
183 |
form.append_field(field) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
184 |
field = guess_field(cwpermschema, self._cw.schema.rschema('require_group')) |
1402
04b7afb14b50
new style security management forms
sylvain.thenault@logilab.fr
parents:
1398
diff
changeset
|
185 |
form.append_field(field) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
186 |
renderer = self._cw.vreg['formrenderers'].select( |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
187 |
'htable', self._cw, rset=None, display_progress_div=False) |
1995
ec95eaa2b711
turn renderers into appobjects
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
188 |
self.w(form.form_render(renderer=renderer)) |
0 | 189 |
|
190 |
||
191 |
class ErrorView(AnyRsetView): |
|
192 |
"""default view when no result has been found""" |
|
731
ac4a94e50b60
some more s/__selectors__/__select__ but still more to come
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
691
diff
changeset
|
193 |
__select__ = yes() |
3377
dd9d292b6a6d
use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3230
diff
changeset
|
194 |
__regid__ = 'error' |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
195 |
|
0 | 196 |
def page_title(self): |
197 |
"""returns a title according to the result set - used for the |
|
198 |
title in the HTML header |
|
199 |
""" |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
200 |
return self._cw._('an error occured') |
0 | 201 |
|
202 |
def call(self): |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
203 |
req = self._cw.reset_headers() |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
204 |
w = self.w |
0 | 205 |
ex = req.data.get('ex')#_("unable to find exception information")) |
206 |
excinfo = req.data.get('excinfo') |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
207 |
title = self._cw._('an error occured') |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
208 |
w(u'<h2>%s</h2>' % title) |
0 | 209 |
if 'errmsg' in req.data: |
210 |
ex = req.data['errmsg'] |
|
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
211 |
exclass = None |
0 | 212 |
else: |
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
213 |
exclass = ex.__class__.__name__ |
0 | 214 |
ex = exc_message(ex, req.encoding) |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
215 |
if excinfo is not None and self._cw.config['print-traceback']: |
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
216 |
if exclass is None: |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
217 |
w(u'<div class="tb">%s</div>' |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
218 |
% xml_escape(ex).replace("\n","<br />")) |
174
a2966960d550
get actual exception class instead of 'unicode' in the error view
Sylvain Thenault <sylvain.thenault@logilab.fr>
parents:
0
diff
changeset
|
219 |
else: |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
220 |
w(u'<div class="tb">%s: %s</div>' |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
221 |
% (exclass, xml_escape(ex).replace("\n","<br />"))) |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
222 |
w(u'<hr />') |
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
223 |
w(u'<div class="tb">%s</div>' % html_traceback(excinfo, ex, '')) |
0 | 224 |
else: |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
225 |
w(u'<div class="tb">%s</div>' % (xml_escape(ex).replace("\n","<br />"))) |
0 | 226 |
# if excinfo is not None, it's probably not a bug |
227 |
if excinfo is None: |
|
228 |
return |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
229 |
vcconf = self._cw.config.vc_config() |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
230 |
w(u"<div>") |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
231 |
eversion = vcconf.get('cubicweb', self._cw._('no version information')) |
0 | 232 |
# NOTE: tuple wrapping needed since eversion is itself a tuple |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
233 |
w(u"<b>CubicWeb version:</b> %s<br/>\n" % (eversion,)) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
234 |
cversions = [] |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
235 |
for cube in self._cw.config.cubes(): |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
236 |
cubeversion = vcconf.get(cube, self._cw._('no version information')) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
237 |
w(u"<b>Package %s version:</b> %s<br/>\n" % (cube, cubeversion)) |
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
238 |
cversions.append((cube, cubeversion)) |
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
239 |
w(u"</div>") |
3200
747d17498cca
#345461: drop support for cube_eid / direct bug submission
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2996
diff
changeset
|
240 |
# creates a bug submission link if submit-mail is set |
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
241 |
if self._cw.config['submit-mail']: |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
242 |
form = self._cw.vreg['forms'].select('base', self._cw, rset=None, |
2650
18aec79ec3a3
R [vreg] important refactoring of the vregistry, moving behaviour to end dictionnary (and so leaving room for more flexibility ; keep bw compat ; update api usage in cw
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2433
diff
changeset
|
243 |
mainform=False) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
244 |
binfo = text_error_description(ex, excinfo, req, eversion, cversions) |
2270
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
245 |
form.form_add_hidden('description', binfo, |
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
246 |
# we must use a text area to keep line breaks |
70c0da0f2181
should use a hidden text area for error description, not an hidden input (else the browser may remove line breaks)
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2052
diff
changeset
|
247 |
widget=wdgs.TextArea({'class': 'hidden'})) |
1388
6d5f0ccf31b8
new style form for submitting bug reports
sylvain.thenault@logilab.fr
parents:
836
diff
changeset
|
248 |
form.form_add_hidden('__bugreporting', '1') |
3200
747d17498cca
#345461: drop support for cube_eid / direct bug submission
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2996
diff
changeset
|
249 |
form.form_buttons = [wdgs.SubmitButton(MAIL_SUBMIT_MSGID)] |
747d17498cca
#345461: drop support for cube_eid / direct bug submission
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2996
diff
changeset
|
250 |
form.action = req.build_url('reportbug') |
747d17498cca
#345461: drop support for cube_eid / direct bug submission
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2996
diff
changeset
|
251 |
w(form.form_render()) |
0 | 252 |
|
253 |
||
254 |
def exc_message(ex, encoding): |
|
255 |
try: |
|
256 |
return unicode(ex) |
|
257 |
except: |
|
258 |
try: |
|
259 |
return unicode(str(ex), encoding, 'replace') |
|
260 |
except: |
|
261 |
return unicode(repr(ex), encoding, 'replace') |
|
602
1454282a8b45
[views] cleanup, be less heavy with self.w ...
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
431
diff
changeset
|
262 |
|
0 | 263 |
def text_error_description(ex, excinfo, req, eversion, cubes): |
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
264 |
binfo = rest_traceback(excinfo, xml_escape(ex)) |
0 | 265 |
binfo += u'\n\n:URL: %s\n' % req.url() |
266 |
if not '__bugreporting' in req.form: |
|
267 |
binfo += u'\n:form params:\n' |
|
268 |
binfo += u'\n'.join(u' * %s = %s' % (k, v) for k, v in req.form.iteritems()) |
|
269 |
binfo += u'\n\n:CubicWeb version: %s\n' % (eversion,) |
|
270 |
for pkg, pkgversion in cubes: |
|
271 |
binfo += u":Package %s version: %s\n" % (pkg, pkgversion) |
|
272 |
binfo += '\n' |
|
273 |
return binfo |
|
274 |
||
1877
10b9feeb7905
anon should not see security management view
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1806
diff
changeset
|
275 |
|
0 | 276 |
class ProcessInformationView(StartupView): |
3377
dd9d292b6a6d
use __regid__ instead of id on appobject classes
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
3230
diff
changeset
|
277 |
__regid__ = 'info' |
2433
1d46c016a564
#197873: quick access to info for bug report
Nicolas Chauvat <nicolas.chauvat@logilab.fr>
parents:
2381
diff
changeset
|
278 |
__select__ = none_rset() & match_user_groups('users', 'managers') |
1453
a9841184be7c
guess_field now takes an entity schema as first argument, not an entity class
sylvain.thenault@logilab.fr
parents:
1402
diff
changeset
|
279 |
|
0 | 280 |
title = _('server information') |
281 |
||
282 |
def call(self, **kwargs): |
|
283 |
"""display server information""" |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
284 |
vcconf = self._cw.config.vc_config() |
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
285 |
req = self._cw |
0 | 286 |
_ = req._ |
287 |
# display main information |
|
288 |
self.w(u'<h3>%s</h3>' % _('Application')) |
|
289 |
self.w(u'<table border="1">') |
|
290 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
291 |
'CubicWeb', vcconf.get('cubicweb', _('no version information')))) |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
292 |
for pkg in self._cw.config.cubes(): |
0 | 293 |
pkgversion = vcconf.get(pkg, _('no version information')) |
294 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
295 |
pkg, pkgversion)) |
|
296 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
3451
6b46d73823f5
[api] work in progress, use __regid__, cw_*, etc.
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
3377
diff
changeset
|
297 |
_('home'), self._cw.config.apphome)) |
0 | 298 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
299 |
_('base url'), req.base_url())) |
|
300 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' % ( |
|
301 |
_('data directory url'), req.datadir_url)) |
|
302 |
self.w(u'</table>') |
|
303 |
self.w(u'<br/>') |
|
304 |
# environment and request and server information |
|
305 |
try: |
|
306 |
# need to remove our adapter and then modpython-apache wrapper... |
|
307 |
env = req._areq._req.subprocess_env |
|
308 |
except AttributeError: |
|
309 |
return |
|
310 |
self.w(u'<h3>%s</h3>' % _('Environment')) |
|
311 |
self.w(u'<table border="1">') |
|
312 |
for attr in env.keys(): |
|
313 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
314 |
% (attr, xml_escape(env[attr]))) |
0 | 315 |
self.w(u'</table>') |
316 |
self.w(u'<h3>%s</h3>' % _('Request')) |
|
317 |
self.w(u'<table border="1">') |
|
318 |
for attr in ('filename', 'form', 'hostname', 'main', 'method', |
|
319 |
'path_info', 'protocol', |
|
320 |
'search_state', 'the_request', 'unparsed_uri', 'uri'): |
|
321 |
val = getattr(req, attr) |
|
322 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
323 |
% (attr, xml_escape(val))) |
0 | 324 |
self.w(u'</table>') |
325 |
server = req.server |
|
326 |
self.w(u'<h3>%s</h3>' % _('Server')) |
|
327 |
self.w(u'<table border="1">') |
|
328 |
for attr in dir(server): |
|
329 |
val = getattr(server, attr) |
|
330 |
if attr.startswith('_') or callable(val): |
|
331 |
continue |
|
332 |
self.w(u'<tr><th align="left">%s</th><td>%s</td></tr>' |
|
2312
af4d8f75c5db
use xml_escape
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2270
diff
changeset
|
333 |
% (attr, xml_escape(val))) |
0 | 334 |
self.w(u'</table>') |
335 |