diff options
author | Leif Johansson <leifj@sunet.se> | 2011-06-14 17:47:31 +0200 |
---|---|---|
committer | Leif Johansson <leifj@sunet.se> | 2011-06-14 17:47:31 +0200 |
commit | c1f586f093e6ab3a37df1d3ea3e2f9c0185f9f62 (patch) | |
tree | d88281ac60aee52ffa3e645a0701d19ce107ad5f /coip | |
parent | 2b21584289cee6d7c5eb89fb26accfe9ad90c4d1 (diff) |
support for editing policy acls
Diffstat (limited to 'coip')
-rw-r--r-- | coip/apps/name/models.py | 32 | ||||
-rw-r--r-- | coip/apps/name/views.py | 11 |
2 files changed, 30 insertions, 13 deletions
diff --git a/coip/apps/name/models.py b/coip/apps/name/models.py index d8c089e..d7da547 100644 --- a/coip/apps/name/models.py +++ b/coip/apps/name/models.py @@ -123,10 +123,15 @@ class Name(models.Model): self.delete() def copyacl(self,name): - for ace in name.lsacl(): + found_ace = False + for ace in name.lspacl(): + found_ace = True self.setacl(ace.dst,ace.data) - + if not found_ace: + for ace in name.lsacl(): + self.setacl(ace.dst,ace.data) + def link(self,dst,type,data): if not self.has_link(dst,NameLink.part_of,data): link = NameLink(src=self,dst=dst,type=type,data=data) @@ -142,15 +147,18 @@ class Name(models.Model): def has_link(self,dst,type,data): return NameLink.objects.filter(src=self,dst=dst,type=type,data=data).count() > 0 - def setacl(self,name,perm): - (link,created) = NameLink.objects.get_or_create(src=self,dst=name,type=NameLink.access_control) + def setacl(self,name,perm,type=0): + (link,created) = NameLink.objects.get_or_create(src=self,dst=name,type=type) if not (link.data and link.data == perm): link.data = perm link.save() + + def setpacl(self,name,perm): + return self.setacl(name, perm, NameLink.access_control_policy) - def rmacl(self,name,perm): + def rmacl(self,name,perm,type=0): try: - link = NameLink.objects.get(src=self,dst=name,type=NameLink.access_control) + link = NameLink.objects.get(src=self,dst=name,type=type) save = False for p in perm: link.data = link.data.replace(p,'') @@ -163,8 +171,14 @@ class Name(models.Model): except ObjectDoesNotExist: pass - def lsacl(self): - return NameLink.objects.filter(src=self,type=NameLink.access_control) + def rmpacl(self,name,perm): + return self.rmacl(name,perm,NameLink.access_control_policy) + + def lspacl(self): + return self.lsacl(NameLink.access_control_policy) + + def lsacl(self,type=0): + return NameLink.objects.filter(src=self,type=type) def add_partof(self,part): self.link(part,NameLink.part_of,None) @@ -204,7 +218,7 @@ class NameLink(models.Model): access_control = 0 part_of = 1 - child_access_control = 2 + access_control_policy = 2 def __unicode__(self): return "%s -> %s [%s %s]" % (self.src,self.dst,self.type,self.data) diff --git a/coip/apps/name/views.py b/coip/apps/name/views.py index 1fb38e8..7be7501 100644 --- a/coip/apps/name/views.py +++ b/coip/apps/name/views.py @@ -89,6 +89,8 @@ def edit(request,id): return respond_to(request,{'text/html': 'apps/name/edit.html'},{'form': form,'name': name,'formtitle': 'Modify %s' % name.shortname(),'submitname': 'Update'}) +# Access Control + @login_required def lsacl(request,id,type=NameLink.access_control): name = get_object_or_404(Name,pk=id) @@ -98,7 +100,7 @@ def lsacl(request,id,type=NameLink.access_control): return respond_to(request, {'text/html': 'apps/name/acls.html'}, - {'name': name, 'acl': name.lsacl()}) + {'name': name, 'acl': name.lsacl(type), 'type': type, 'ispacl': type == NameLink.access_control_policy}) @login_required def addacl(request,id,type=NameLink.access_control): @@ -116,7 +118,7 @@ def addacl(request,id,type=NameLink.access_control): if not p: p = [] perms = "".join(p) - (link,created) = NameLink.objects.get_or_create(src=name,dst=dst,type=NameLink.access_control) + (link,created) = NameLink.objects.get_or_create(src=name,dst=dst,type=type) link.data = perms link.save() return HttpResponseRedirect("/name/%s/acl/%s" % (id,type)) @@ -156,6 +158,7 @@ def show_root(request): {'text/html': 'apps/name/name.html'}, {'name': None, 'memberships': None, 'edit': False}) +@login_required def show(request,name): if not name: raise Http404() @@ -175,7 +178,7 @@ def show(request,name): 'memberships':memberships, 'invitations':invitations}) - +@login_required def user_groups(request,username): user = get_object_or_404(User,username=username) return json_response([link.src.summary() for link in NameLink.objects.filter(dst__memberships__user=user,type=NameLink.access_control,data__contains='i').all()]) @@ -215,7 +218,7 @@ def _tree(request,id=None,includeroot=False): if request.GET.has_key('depth'): depth = request.GET['depth'] t = traverse(name,_tree_node,request.user,depth,includeroot) - logging.debug(t) + #logging.debug(t) return json_response(t) @login_required |