Revision 18d46d23 snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py
b/snf-pithos-backend/pithos/backends/lib/sqlalchemy/permissions.py | ||
---|---|---|
31 | 31 |
# interpreted as representing official policies, either expressed |
32 | 32 |
# or implied, of GRNET S.A. |
33 | 33 |
|
34 |
from sqlalchemy.sql import select, literal |
|
34 |
from sqlalchemy.sql import select, literal, or_
|
|
35 | 35 |
from sqlalchemy.sql.expression import join, union |
36 | 36 |
|
37 | 37 |
from xfeatures import XFeatures |
38 | 38 |
from groups import Groups |
39 | 39 |
from public import Public |
40 |
from node import Node |
|
40 | 41 |
|
41 | 42 |
from dbworker import ESCAPE_CHAR |
42 | 43 |
|
... | ... | |
45 | 46 |
WRITE = 1 |
46 | 47 |
|
47 | 48 |
|
48 |
class Permissions(XFeatures, Groups, Public): |
|
49 |
class Permissions(XFeatures, Groups, Public, Node):
|
|
49 | 50 |
|
50 | 51 |
def __init__(self, **params): |
51 | 52 |
XFeatures.__init__(self, **params) |
52 | 53 |
Groups.__init__(self, **params) |
53 | 54 |
Public.__init__(self, **params) |
55 |
Node.__init__(self, **params) |
|
54 | 56 |
|
55 | 57 |
def access_grant(self, path, access, members=()): |
56 | 58 |
"""Grant members with access to path. |
... | ... | |
156 | 158 |
valid.append(subp + '/') |
157 | 159 |
return [x for x in valid if self.xfeature_get(x)] |
158 | 160 |
|
159 |
def access_list_paths(self, member, prefix=None): |
|
160 |
"""Return the list of paths granted to member.""" |
|
161 |
def access_list_paths(self, member, prefix=None, include_owned=False, |
|
162 |
include_containers=True): |
|
163 |
"""Return the list of paths granted to member. |
|
164 |
|
|
165 |
Keyword arguments: |
|
166 |
prefix -- return only paths starting with prefix (default None) |
|
167 |
include_owned -- return also paths owned by member (default False) |
|
168 |
include_containers -- return also container paths owned by member |
|
169 |
(default True) |
|
170 |
|
|
171 |
""" |
|
161 | 172 |
|
162 | 173 |
xfeatures_xfeaturevals = self.xfeatures.join(self.xfeaturevals) |
163 | 174 |
|
... | ... | |
179 | 190 |
r = self.conn.execute(s) |
180 | 191 |
l = [row[0] for row in r.fetchall()] |
181 | 192 |
r.close() |
193 |
|
|
194 |
if include_owned: |
|
195 |
container_nodes = select( |
|
196 |
[self.nodes.c.node], |
|
197 |
self.nodes.c.parent == self.node_lookup(member)) |
|
198 |
condition = self.nodes.c.parent.in_(container_nodes) |
|
199 |
if include_containers: |
|
200 |
condition = or_(condition, |
|
201 |
self.nodes.c.node.in_(container_nodes)) |
|
202 |
s = select([self.nodes.c.path], condition) |
|
203 |
r = self.conn.execute(s) |
|
204 |
l += [row[0] for row in r.fetchall() if row[0] not in l] |
|
205 |
r.close() |
|
182 | 206 |
return l |
183 | 207 |
|
184 | 208 |
def access_list_shared(self, prefix=''): |
Also available in: Unified diff