Synnefo » Pithos

        # Access control tables.

                    account text, gname text, user text)'''

                    name text, op text, user text)'''

        self._check_groups(groups)

        self._put_groups(account, groups, replace)

        self._del_groups(account)

            self._put_permissions(path, r, w)

            self._put_permissions(dest_path, r, w)

    def _list_objects(self, path, prefix='', delimiter=None, marker=None, limit=10000, virtual=True, keys=[], until=None):

        cont_prefix = path + '/'

        if keys and len(keys) > 0:

            sql = '''select distinct o.name, o.version_id from (%s) o, metadata m where o.name like ? and

                        m.version_id = o.version_id and m.key in (%s) order by o.name'''

            sql = sql % (self._sql_until(until), ', '.join('?' * len(keys)))

            param = (cont_prefix + prefix + '%',) + tuple(keys)

        else:

            sql = 'select name, version_id from (%s) where name like ? order by name'

            sql = sql % self._sql_until(until)

            param = (cont_prefix + prefix + '%',)

        c = self.con.execute(sql, param)

        objects = [(x[0][len(cont_prefix):], x[1]) for x in c.fetchall()]

        if delimiter:

            pseudo_objects = []

            for x in objects:

                pseudo_name = x[0]

                i = pseudo_name.find(delimiter, len(prefix))

                if not virtual:

                    # If the delimiter is not found, or the name ends

                    # with the delimiter's first occurence.

                    if i == -1 or len(pseudo_name) == i + len(delimiter):

                        pseudo_objects.append(x)

                else:

                    # If the delimiter is found, keep up to (and including) the delimiter.

                    if i != -1:

                        pseudo_name = pseudo_name[:i + len(delimiter)]

                    if pseudo_name not in [y[0] for y in pseudo_objects]:

                        if pseudo_name == x[0]:

                            pseudo_objects.append(x)

                        else:

                            pseudo_objects.append((pseudo_name, None))

            objects = pseudo_objects

        start = 0

        if marker:

            try:

                start = [x[0] for x in objects].index(marker) + 1

            except ValueError:

                pass

        if not limit or limit > 10000:

            limit = 10000

        return objects[start:start + limit]

    def _del_version(self, version):

        self.mapper.map_remv(version)

        sql = 'delete from versions where version_id = ?'

        self.con.execute(sql, (version,))

    # Access control functions.

    def _check_groups(self, groups):

        # Example follows.

        # for k, v in groups.iteritems():

        #     if True in [False or ',' in x for x in v]:

        #         raise ValueError('Bad characters in groups')

        pass

    def _get_groups(self, account):

        sql = 'select gname, user from groups where account = ?'

        c = self.con.execute(sql, (account,))

        groups = {}

        for row in c.fetchall():

            if row[0] not in groups:

                groups[row[0]] = []

            groups[row[0]].append(row[1])

        return groups

    def _put_groups(self, account, groups, replace=False):

        if replace:

            self._del_groups(account)

        for k, v in groups.iteritems():

            sql = 'delete from groups where account = ? and gname = ?'

            self.con.execute(sql, (account, k))

            if v:

                sql = 'insert into groups (account, gname, user) values (?, ?, ?)'

                self.con.executemany(sql, [(account, k, x) for x in v])

        self.con.commit()

    def _del_groups(self, account):

        sql = 'delete from groups where account = ?'

        self.con.execute(sql, (account,))

            g_perms = set()

                if ':' in y:

                    g_account, g_name = y.split(':', 1)

                    groups = self._get_groups(g_account)

                    if g_name in groups:

                        g_perms.update(groups[g_name])

                else:

                    g_perms.add(y)

        if op == 'read' and ('*' in perms['read'] or user in perms['read']):

        if '*' in perms['write'] or user in perms['write']:

            return [], []

        # Examples follow.

        # if True in [False or ',' in x for x in r]:

        #     raise ValueError('Bad characters in read permissions')

        # if True in [False or ',' in x for x in w]:

        #     raise ValueError('Bad characters in write permissions')

        return r, w

        sql = 'select name, op, user from permissions where ? like name || ?'

        name = path

        perms = {} # Return nothing, if nothing is set.

        for row in c.fetchall():

            name = row[0]

            if row[1] not in perms:

                perms[row[1]] = []

            perms[row[1]].append(row[2])

        return name, perms

        sql = 'delete from permissions where name = ?'

        self.con.execute(sql, (path,))

        sql = 'insert into permissions (name, op, user) values (?, ?, ?)'

        if r:

            self.con.executemany(sql, [(path, 'read', x) for x in r])

        if w:

            self.con.executemany(sql, [(path, 'write', x) for x in w])