3 :organization: Logilab |
3 :organization: Logilab |
4 :copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
4 :copyright: 2001-2009 LOGILAB S.A. (Paris, FRANCE), all rights reserved. |
5 :contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
5 :contact: http://www.logilab.fr/ -- mailto:contact@logilab.fr |
6 """ |
6 """ |
7 __docformat__ = "restructuredtext en" |
7 __docformat__ = "restructuredtext en" |
|
8 |
8 from logilab.common.decorators import cached |
9 from logilab.common.decorators import cached |
9 |
10 |
10 from cubicweb import Unauthorized |
11 from cubicweb import Unauthorized |
11 from cubicweb.entities import AnyEntity, fetch_config |
12 from cubicweb.entities import AnyEntity, fetch_config |
12 |
13 |
13 class EGroup(AnyEntity): |
14 class CWGroup(AnyEntity): |
14 id = 'EGroup' |
15 id = 'CWGroup' |
15 fetch_attrs, fetch_order = fetch_config(['name']) |
16 fetch_attrs, fetch_order = fetch_config(['name']) |
16 __rtags__ = dict(in_group='create') |
17 fetch_unrelated_order = fetch_order |
17 |
18 |
18 def db_key_name(self): |
19 def db_key_name(self): |
19 """XXX goa specific""" |
20 """XXX goa specific""" |
20 return self.get('name') |
21 return self.get('name') |
21 |
22 |
22 |
23 class CWUser(AnyEntity): |
23 class EUser(AnyEntity): |
24 id = 'CWUser' |
24 id = 'EUser' |
|
25 fetch_attrs, fetch_order = fetch_config(['login', 'firstname', 'surname']) |
25 fetch_attrs, fetch_order = fetch_config(['login', 'firstname', 'surname']) |
26 |
26 fetch_unrelated_order = fetch_order |
27 __rtags__ = { 'firstname' : 'secondary', |
27 |
28 'surname' : 'secondary', |
|
29 'last_login_time' : 'generated', |
|
30 'todo_by' : 'create', |
|
31 'use_email' : 'inlineview', # 'primary', |
|
32 'in_state' : 'primary', |
|
33 'in_group' : 'primary', |
|
34 ('owned_by', '*', 'object') : ('generated', 'link'), |
|
35 ('created_by','*','object') : ('generated', 'link'), |
|
36 ('bookmarked_by', '*', 'object'): ('generated', 'create'), |
|
37 } |
|
38 |
|
39 # used by repository to check if the user can log in or not |
28 # used by repository to check if the user can log in or not |
40 AUTHENTICABLE_STATES = ('activated',) |
29 AUTHENTICABLE_STATES = ('activated',) |
41 |
30 |
42 # low level utilities ##################################################### |
31 # low level utilities ##################################################### |
43 def __init__(self, *args, **kwargs): |
32 def __init__(self, *args, **kwargs): |
44 groups = kwargs.pop('groups', None) |
33 groups = kwargs.pop('groups', None) |
45 properties = kwargs.pop('properties', None) |
34 properties = kwargs.pop('properties', None) |
46 super(EUser, self).__init__(*args, **kwargs) |
35 super(CWUser, self).__init__(*args, **kwargs) |
47 if groups is not None: |
36 if groups is not None: |
48 self._groups = groups |
37 self._groups = groups |
49 if properties is not None: |
38 if properties is not None: |
50 self._properties = properties |
39 self._properties = properties |
51 |
40 |
52 @property |
41 @property |
53 def groups(self): |
42 def groups(self): |
54 try: |
43 try: |
55 return self._groups |
44 return self._groups |
56 except AttributeError: |
45 except AttributeError: |
57 self._groups = set(g.name for g in self.in_group) |
46 self._groups = set(g.name for g in self.in_group) |
58 return self._groups |
47 return self._groups |
59 |
48 |
60 @property |
49 @property |
61 def properties(self): |
50 def properties(self): |
62 try: |
51 try: |
63 return self._properties |
52 return self._properties |
64 except AttributeError: |
53 except AttributeError: |
95 |
84 |
96 def is_anonymous(self): |
85 def is_anonymous(self): |
97 """ checks if user is an anonymous user""" |
86 """ checks if user is an anonymous user""" |
98 #FIXME on the web-side anonymous user is detected according |
87 #FIXME on the web-side anonymous user is detected according |
99 # to config['anonymous-user'], we don't have this info on |
88 # to config['anonymous-user'], we don't have this info on |
100 # the server side. |
89 # the server side. |
101 return self.groups == frozenset(('guests', )) |
90 return self.groups == frozenset(('guests', )) |
102 |
91 |
103 def owns(self, eid): |
92 def owns(self, eid): |
104 if hasattr(self.req, 'unsafe_execute'): |
93 if hasattr(self.req, 'unsafe_execute'): |
105 # use unsafe_execute on the repository side, in case |
94 # use unsafe_execute on the repository side, in case |
106 # session's user doesn't have access to EUser |
95 # session's user doesn't have access to CWUser |
107 execute = self.req.unsafe_execute |
96 execute = self.req.unsafe_execute |
108 else: |
97 else: |
109 execute = self.req.execute |
98 execute = self.req.execute |
110 try: |
99 try: |
111 return execute('Any X WHERE X eid %(x)s, X owned_by U, U eid %(u)s', |
100 return execute('Any X WHERE X eid %(x)s, X owned_by U, U eid %(u)s', |
113 except Unauthorized: |
102 except Unauthorized: |
114 return False |
103 return False |
115 owns = cached(owns, keyarg=1) |
104 owns = cached(owns, keyarg=1) |
116 |
105 |
117 def has_permission(self, pname, contexteid=None): |
106 def has_permission(self, pname, contexteid=None): |
118 rql = 'Any P WHERE P is EPermission, U eid %(u)s, U in_group G, '\ |
107 rql = 'Any P WHERE P is CWPermission, U eid %(u)s, U in_group G, '\ |
119 'P name %(pname)s, P require_group G' |
108 'P name %(pname)s, P require_group G' |
120 kwargs = {'pname': pname, 'u': self.eid} |
109 kwargs = {'pname': pname, 'u': self.eid} |
121 cachekey = None |
110 cachekey = None |
122 if contexteid is not None: |
111 if contexteid is not None: |
123 rql += ', X require_permission P, X eid %(x)s' |
112 rql += ', X require_permission P, X eid %(x)s' |