X-Git-Url: https://code.grnet.gr/git/pithos/blobdiff_plain/883536025464cbae9aa12ae97cf20706e8ef8bc5..8221c89de47bfc0f1217ef2cab3c4ae3581167d4:/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py diff --git a/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py b/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py index 2e03c95..9644e85 100644 --- a/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py +++ b/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py @@ -70,11 +70,11 @@ class Permissions(XFeatures, Groups, Public): self.xfeature_destroy(path) return feature = self.xfeature_create(path) + self.feature_clear(feature, READ) + self.feature_clear(feature, WRITE) if r: - self.feature_clear(feature, READ) self.feature_setmany(feature, READ, r) if w: - self.feature_clear(feature, WRITE) self.feature_setmany(feature, WRITE, w) def access_get(self, path): @@ -92,12 +92,35 @@ class Permissions(XFeatures, Groups, Public): del(permissions[WRITE]) return permissions + def access_members(self, path): + feature = self.xfeature_get(path) + if not feature: + return [] + permissions = self.feature_dict(feature) + members = set() + members.update(permissions.get(READ, [])) + members.update(permissions.get(WRITE, [])) + for m in set(members): + parts = m.split(':', 1) + if len(parts) != 2: + continue + user, group = parts + members.remove(m) + members.update(self.group_members(user, group)) + return list(members) + def access_clear(self, path): """Revoke access to path (both permissions and public).""" self.xfeature_destroy(path) self.public_unset(path) + def access_clear_bulk(self, paths): + """Revoke access to path (both permissions and public).""" + + self.xfeature_destroy_bulk(paths) + self.public_unset_bulk(paths) + def access_check(self, path, access, member): """Return true if the member has this access to the path."""