author | Sandrine Ribeau <sandrine.ribeau@logilab.fr> |
Thu, 16 Jul 2009 12:54:46 -0700 | |
changeset 2540 | fba943784b1c |
parent 2297 | 4cf57dd80650 |
child 2434 | ed85d69576b4 |
child 2438 | 576f4d51f826 |
permissions | -rw-r--r-- |
0 | 1 |
"""core CubicWeb schema, but not necessary at bootstrap time |
2 |
||
3 |
:organization: Logilab |
|
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1742
diff
changeset
|
4 |
:copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), license is LGPL v2. |
0 | 5 |
:contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
1977
606923dff11b
big bunch of copyright / docstring update
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1742
diff
changeset
|
6 |
:license: GNU Lesser General Public License, v2.1 - http://www.gnu.org/licenses |
0 | 7 |
""" |
8 |
__docformat__ = "restructuredtext en" |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
9 |
_ = unicode |
0 | 10 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
11 |
from yams.buildobjs import (EntityType, RelationType, SubjectRelation, |
2297
4cf57dd80650
missing imports
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2140
diff
changeset
|
12 |
String, Boolean, Datetime, Password) |
4cf57dd80650
missing imports
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2140
diff
changeset
|
13 |
from cubicweb.schema import (RQLConstraint, WorkflowableEntityType, |
4cf57dd80650
missing imports
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
2140
diff
changeset
|
14 |
ERQLExpression, RRQLExpression) |
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
15 |
from cubicweb.schemas import META_ETYPE_PERMS, META_RTYPE_PERMS |
0 | 16 |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
17 |
class CWUser(WorkflowableEntityType): |
0 | 18 |
"""define a CubicWeb user""" |
19 |
permissions = { |
|
20 |
'read': ('managers', 'users', ERQLExpression('X identity U')), |
|
21 |
'add': ('managers',), |
|
22 |
'delete': ('managers',), |
|
23 |
'update': ('managers', ERQLExpression('X identity U, NOT U in_group G, G name "guests"'),), |
|
24 |
} |
|
25 |
||
26 |
login = String(required=True, unique=True, maxsize=64, |
|
27 |
description=_('unique identifier used to connect to the application')) |
|
28 |
upassword = Password(required=True) # password is a reserved word for mysql |
|
29 |
firstname = String(maxsize=64) |
|
30 |
surname = String(maxsize=64) |
|
31 |
last_login_time = Datetime(description=_('last connection date')) |
|
32 |
# allowing an email to be the primary email of multiple entities is necessary for |
|
1451 | 33 |
# test at least :-/ |
0 | 34 |
primary_email = SubjectRelation('EmailAddress', cardinality='??', |
35 |
description=_('email address to use for notification')) |
|
36 |
use_email = SubjectRelation('EmailAddress', cardinality='*?', composite='subject') |
|
37 |
||
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
38 |
in_group = SubjectRelation('CWGroup', cardinality='+*', |
0 | 39 |
constraints=[RQLConstraint('NOT O name "owners"')], |
40 |
description=_('groups grant permissions to the user')) |
|
41 |
||
42 |
||
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
43 |
class EmailAddress(EntityType): |
0 | 44 |
"""an electronic mail address associated to a short alias""" |
45 |
permissions = { |
|
46 |
'read': ('managers', 'users', 'guests',), # XXX if P use_email X, U has_read_permission P |
|
47 |
'add': ('managers', 'users',), |
|
48 |
'delete': ('managers', 'owners', ERQLExpression('P use_email X, U has_update_permission P')), |
|
49 |
'update': ('managers', 'owners', ERQLExpression('P use_email X, U has_update_permission P')), |
|
50 |
} |
|
1451 | 51 |
|
0 | 52 |
alias = String(fulltextindexed=True, maxsize=56) |
1451 | 53 |
address = String(required=True, fulltextindexed=True, |
0 | 54 |
indexed=True, unique=True, maxsize=128) |
55 |
canonical = Boolean(default=False, |
|
56 |
description=_('when multiple addresses are equivalent \ |
|
57 |
(such as python-projects@logilab.org and python-projects@lists.logilab.org), set this \ |
|
58 |
to true on one of them which is the preferred form.')) |
|
59 |
identical_to = SubjectRelation('EmailAddress') |
|
60 |
||
61 |
class use_email(RelationType): |
|
1742
25a765e756c4
fix self on initfunc
Aurelien Campeas <aurelien.campeas@logilab.fr>
parents:
1477
diff
changeset
|
62 |
""" """ |
0 | 63 |
permissions = { |
64 |
'read': ('managers', 'users', 'guests',), |
|
65 |
'add': ('managers', RRQLExpression('U has_update_permission S'),), |
|
66 |
'delete': ('managers', RRQLExpression('U has_update_permission S'),), |
|
67 |
} |
|
68 |
fulltext_container = 'subject' |
|
69 |
||
70 |
class primary_email(RelationType): |
|
71 |
"""the prefered email""" |
|
72 |
permissions = use_email.permissions |
|
1451 | 73 |
|
0 | 74 |
class identical_to(RelationType): |
75 |
"""identical_to""" |
|
76 |
symetric = True |
|
77 |
permissions = { |
|
78 |
'read': ('managers', 'users', 'guests',), |
|
79 |
# XXX should have update permissions on both subject and object, |
|
80 |
# though by doing this we will probably have no way to add |
|
81 |
# this relation in the web ui. The easiest way to acheive this |
|
82 |
# is probably to be able to have "U has_update_permission O" as |
|
83 |
# RQLConstraint of the relation definition, though this is not yet |
|
84 |
# possible |
|
85 |
'add': ('managers', RRQLExpression('U has_update_permission S'),), |
|
86 |
'delete': ('managers', RRQLExpression('U has_update_permission S'),), |
|
87 |
} |
|
88 |
||
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
89 |
class in_group(RelationType): |
0 | 90 |
"""core relation indicating a user's groups""" |
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
91 |
permissions = META_RTYPE_PERMS |
1451 | 92 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
93 |
class owned_by(RelationType): |
0 | 94 |
"""core relation indicating owners of an entity. This relation |
95 |
implicitly put the owner into the owners group for the entity |
|
96 |
""" |
|
97 |
permissions = { |
|
98 |
'read': ('managers', 'users', 'guests'), |
|
1451 | 99 |
'add': ('managers', RRQLExpression('S owned_by U'),), |
0 | 100 |
'delete': ('managers', RRQLExpression('S owned_by U'),), |
101 |
} |
|
102 |
# 0..n cardinality for entities created by internal session (no attached user) |
|
103 |
# and to support later deletion of a user which has created some entities |
|
104 |
cardinality = '**' |
|
105 |
subject = '**' |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
106 |
object = 'CWUser' |
1451 | 107 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
108 |
class created_by(RelationType): |
0 | 109 |
"""core relation indicating the original creator of an entity""" |
110 |
permissions = { |
|
111 |
'read': ('managers', 'users', 'guests'), |
|
112 |
'add': ('managers',), |
|
113 |
'delete': ('managers',), |
|
114 |
} |
|
115 |
# 0..1 cardinality for entities created by internal session (no attached user) |
|
116 |
# and to support later deletion of a user which has created some entities |
|
1451 | 117 |
cardinality = '?*' |
0 | 118 |
subject = '**' |
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
119 |
object = 'CWUser' |
0 | 120 |
|
1451 | 121 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
122 |
class creation_date(RelationType): |
0 | 123 |
"""creation time of an entity""" |
124 |
cardinality = '11' |
|
125 |
subject = '**' |
|
126 |
object = 'Datetime' |
|
127 |
||
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
128 |
class modification_date(RelationType): |
0 | 129 |
"""latest modification time of an entity""" |
130 |
cardinality = '11' |
|
131 |
subject = '**' |
|
132 |
object = 'Datetime' |
|
133 |
||
134 |
||
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
135 |
class CWProperty(EntityType): |
0 | 136 |
"""used for cubicweb configuration. Once a property has been created you |
137 |
can't change the key. |
|
138 |
""" |
|
139 |
permissions = { |
|
140 |
'read': ('managers', 'users', 'guests'), |
|
141 |
'add': ('managers', 'users',), |
|
142 |
'update': ('managers', 'owners',), |
|
143 |
'delete': ('managers', 'owners',), |
|
144 |
} |
|
145 |
# key is a reserved word for mysql |
|
146 |
pkey = String(required=True, internationalizable=True, maxsize=256, |
|
147 |
description=_('defines what\'s the property is applied for. ' |
|
148 |
'You must select this first to be able to set ' |
|
149 |
'value')) |
|
150 |
value = String(internationalizable=True, maxsize=256) |
|
1451 | 151 |
|
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
152 |
for_user = SubjectRelation('CWUser', cardinality='?*', composite='object', |
0 | 153 |
description=_('user for which this property is ' |
154 |
'applying. If this relation is not ' |
|
155 |
'set, the property is considered as' |
|
156 |
' a global property')) |
|
157 |
||
158 |
||
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
159 |
class for_user(RelationType): |
0 | 160 |
"""link a property to the user which want this property customization. Unless |
161 |
you're a site manager, this relation will be handled automatically. |
|
162 |
""" |
|
163 |
permissions = { |
|
164 |
'read': ('managers', 'users', 'guests'), |
|
165 |
'add': ('managers',), |
|
166 |
'delete': ('managers',), |
|
167 |
} |
|
168 |
inlined = True |
|
169 |
||
170 |
||
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
171 |
class CWPermission(EntityType): |
0 | 172 |
"""entity type that may be used to construct some advanced security configuration |
173 |
""" |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
174 |
permissions = META_ETYPE_PERMS |
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
175 |
|
0 | 176 |
name = String(required=True, indexed=True, internationalizable=True, maxsize=100, |
177 |
description=_('name or identifier of the permission')) |
|
178 |
label = String(required=True, internationalizable=True, maxsize=100, |
|
179 |
description=_('distinct label to distinguate between other permission entity of the same name')) |
|
1451 | 180 |
require_group = SubjectRelation('CWGroup', |
0 | 181 |
description=_('groups to which the permission is granted')) |
182 |
||
1398
5fe84a5f7035
rename internal entity types to have CW prefix instead of E
sylvain.thenault@logilab.fr
parents:
1303
diff
changeset
|
183 |
# explicitly add X require_permission CWPermission for each entity that should have |
0 | 184 |
# configurable security |
185 |
class require_permission(RelationType): |
|
186 |
"""link a permission to the entity. This permission should be used in the |
|
187 |
security definition of the entity's type to be useful. |
|
188 |
""" |
|
189 |
permissions = { |
|
190 |
'read': ('managers', 'users', 'guests'), |
|
191 |
'add': ('managers',), |
|
192 |
'delete': ('managers',), |
|
193 |
} |
|
1451 | 194 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
195 |
class require_group(RelationType): |
0 | 196 |
"""used to grant a permission to a group""" |
197 |
permissions = { |
|
198 |
'read': ('managers', 'users', 'guests'), |
|
199 |
'add': ('managers',), |
|
200 |
'delete': ('managers',), |
|
201 |
} |
|
202 |
||
1451 | 203 |
|
0 | 204 |
class see_also(RelationType): |
205 |
"""generic relation to link one entity to another""" |
|
206 |
symetric = True |
|
207 |
||
1477 | 208 |
|
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
209 |
class CWCache(EntityType): |
59
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
210 |
"""a simple cache entity characterized by a name and |
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
211 |
a validity date. |
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
212 |
|
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
213 |
The target application is responsible for updating timestamp |
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
214 |
when necessary to invalidate the cache (typically in hooks). |
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
215 |
|
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
216 |
Also, checkout the AppRsetObject.get_cache() method. |
9660bd221553
ECache should be a meta entity
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
6
diff
changeset
|
217 |
""" |
6
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
218 |
permissions = { |
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
219 |
'read': ('managers', 'users', 'guests'), |
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
220 |
'add': ('managers',), |
2140
1cba3393ba01
update schema definition to avoid deprecation warning with new yams api
Sylvain Thénault <sylvain.thenault@logilab.fr>
parents:
1977
diff
changeset
|
221 |
'update': ('managers', 'users',), # XXX |
6
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
222 |
'delete': ('managers',), |
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
223 |
} |
29ab115b9fcb
change permissions for Ecache
Stephanie Marcu <stephanie.marcu@logilab.fr>
parents:
0
diff
changeset
|
224 |
|
1445
d3c9b075ceb7
set a size constraint on ECache's title
Adrien Di Mascio <Adrien.DiMascio@logilab.fr>
parents:
1281
diff
changeset
|
225 |
name = String(required=True, unique=True, indexed=True, maxsize=128, |
0 | 226 |
description=_('name of the cache')) |
227 |
timestamp = Datetime(default='NOW') |