Revision 0f9d752c pithos/backends/lib/permissions.py
b/pithos/backends/lib/permissions.py | ||
---|---|---|
48 | 48 |
Public.__init__(self, **params) |
49 | 49 |
|
50 | 50 |
def access_grant(self, path, access, members=()): |
51 |
"""Grant members with access to path.""" |
|
51 |
"""Grant members with access to path. |
|
52 |
Members can also be '*' (all), |
|
53 |
or some group specified as 'owner:group'.""" |
|
52 | 54 |
|
55 |
if not members: |
|
56 |
return |
|
53 | 57 |
feature = self.xfeature_create(path) |
54 | 58 |
if feature is None: |
55 | 59 |
return |
56 | 60 |
self.feature_setmany(feature, access, members) |
57 | 61 |
|
58 |
def access_revoke_all(self, path): |
|
59 |
"""Revoke access to path.""" |
|
62 |
def access_set(self, path, permissions): |
|
63 |
"""Set permissions for path. The permissions dict |
|
64 |
maps 'read', 'write' keys to member lists.""" |
|
65 |
|
|
66 |
self.xfeature_destroy(path) |
|
67 |
self.access_grant(path, READ, permissions.get('read', [])) |
|
68 |
self.access_grant(path, WRITE, permissions.get('write', [])) |
|
69 |
|
|
70 |
def access_clear(self, path): |
|
71 |
"""Revoke access to path (both permissions and public).""" |
|
60 | 72 |
|
61 | 73 |
self.xfeature_destroy(path) |
74 |
self.public_unset(path) |
|
62 | 75 |
|
63 | 76 |
def access_check(self, path, access, member): |
64 | 77 |
"""Return true if the member has this access to the path.""" |
... | ... | |
85 | 98 |
if not r: |
86 | 99 |
return (path, {}) |
87 | 100 |
fpath, feature = r |
88 |
return (fpath, self.feature_dict(feature)) |
|
101 |
permissions = self.feature_dict(feature) |
|
102 |
if READ in permissions: |
|
103 |
permissions['read'] = permissions[READ] |
|
104 |
del(permissions[READ]) |
|
105 |
if WRITE in permissions: |
|
106 |
permissions['write'] = permissions[WRITE] |
|
107 |
del(permissions[WRITE]) |
|
108 |
return (fpath, permissions) |
|
89 | 109 |
|
90 | 110 |
def access_list(self, path): |
91 | 111 |
"""List all permission paths inherited by or inheriting from path.""" |
... | ... | |
97 | 117 |
|
98 | 118 |
q = ("select distinct path from xfeatures inner join " |
99 | 119 |
" (select distinct feature_id, key from xfeaturevals inner join " |
100 |
" (select owner || ':' || name as value from members "
|
|
120 |
" (select owner || ':' || name as value from groups "
|
|
101 | 121 |
" where member = ? union select ?) " |
102 | 122 |
" using (value)) " |
103 | 123 |
"using (feature_id)") |
Also available in: Unified diff