app/soc/logic/rights.py
author Sverre Rabbelier <srabbelier@gmail.com>
Fri, 13 Feb 2009 21:54:10 +0000
changeset 1305 9567bb475d6d
parent 1299 e209bda5addb
child 1307 091a21cf3627
permissions -rw-r--r--
Do access checks on the pick url for documents Patch by: Sverre Rabbelier
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
1133
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     1
#!/usr/bin/python2.5
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     2
#
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     3
# Copyright 2008 the Melange authors.
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     4
#
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     5
# Licensed under the Apache License, Version 2.0 (the "License");
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     6
# you may not use this file except in compliance with the License.
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     7
# You may obtain a copy of the License at
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     8
#
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
     9
#   http://www.apache.org/licenses/LICENSE-2.0
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    10
#
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    11
# Unless required by applicable law or agreed to in writing, software
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    12
# distributed under the License is distributed on an "AS IS" BASIS,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    13
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    14
# See the License for the specific language governing permissions and
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    15
# limitations under the License.
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    16
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    17
"""Module with rights related methods.
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    18
"""
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    19
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    20
__authors__ = [
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    21
  '"Sverre Rabbelier" <sverre@rabbelier.nl>',
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    22
  ]
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    23
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    24
1299
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    25
from soc.logic import dicts
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    26
1133
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    27
class Checker(object):
1136
aaf75aa8eca5 Added two forgotten comments in rights.Checker
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1133
diff changeset
    28
  """Checker class that maps from prefix and status to membership.
1133
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    29
  """
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    30
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    31
  SITE_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    32
      'admin': [],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    33
      'restricted': ['host'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    34
      'member': ['user'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    35
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    36
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    37
  CLUB_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    38
      'admin': ['host', 'club_admin'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    39
      'restricted': ['host', 'club_admin'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    40
      'member': ['host', 'club_admin', 'club_member'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    41
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    42
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    43
  SPONSOR_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    44
      'admin': ['host'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    45
      'restricted': ['host'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    46
      'member': ['host'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    47
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    48
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    49
  PROGRAM_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    50
      'admin': ['host'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    51
      'restricted': ['host', 'org_admin'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    52
      'member': ['host', 'org_admin', 'org_mentor', 'org_student'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    53
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    54
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    55
  ORGANIZATION_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    56
      'admin': ['host', 'org_admin'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    57
      'restricted': ['host', 'org_admin', 'org_mentor'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    58
      'member': ['host', 'org_admin', 'org_mentor', 'org_student'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    59
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    60
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    61
  USER_MEMBERSHIP = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    62
      'admin': ['user_self'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    63
      'restricted': ['user_self'], # ,'friends'
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    64
      'member': ['user'],
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    65
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    66
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    67
  RIGHTS = {
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    68
      'site': SITE_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    69
      'club': CLUB_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    70
      'sponsor': SPONSOR_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    71
      'program': PROGRAM_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    72
      'organization': ORGANIZATION_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    73
      'user': USER_MEMBERSHIP,
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    74
      }
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    75
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    76
  def __init__(self, prefix):
1143
b07b7d5b3e27 Fix missing dots and blank lines to soc.logic modules.
Pawel Solyga <Pawel.Solyga@gmail.com>
parents: 1136
diff changeset
    77
    """Constructs a Checker for the specified prefix.
1133
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    78
    """
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    79
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    80
    self.prefix = prefix
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    81
    self.rights = self.RIGHTS[prefix]
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    82
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    83
  def getMembership(self, status):
1136
aaf75aa8eca5 Added two forgotten comments in rights.Checker
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1133
diff changeset
    84
    """Retrieves the membership list for the specified status.
1133
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    85
    """
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    86
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    87
    if status == 'user':
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    88
      return ['user']
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    89
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    90
    if status == 'public':
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    91
      return ['anyone']
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    92
4bb31d9a58e0 Added a rights module
Sverre Rabbelier <srabbelier@gmail.com>
parents:
diff changeset
    93
    return self.rights[status]
1299
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    94
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    95
  def getMemberships(self):
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    96
    """Returns all memberships for the configured prefix.
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    97
    """
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    98
e209bda5addb Add a getMemberships method to logic/rights.py
Sverre Rabbelier <srabbelier@gmail.com>
parents: 1143
diff changeset
    99
    return dicts.merge(self.rights, {'user': ['user'], 'public': ['anyone']})