Revision d3c34119 snf-pithos-backend/pithos/backends/lib/sqlite/permissions.py
| b/snf-pithos-backend/pithos/backends/lib/sqlite/permissions.py | ||
|---|---|---|
| 35 | 35 |
from groups import Groups |
| 36 | 36 |
from public import Public |
| 37 | 37 |
from node import Node |
| 38 |
from collections import defaultdict |
|
| 38 | 39 |
|
| 39 | 40 |
|
| 40 | 41 |
READ = 0 |
| ... | ... | |
| 76 | 77 |
if w: |
| 77 | 78 |
self.feature_setmany(feature, WRITE, w) |
| 78 | 79 |
|
| 80 |
def access_get_for_bulk(self, perms): |
|
| 81 |
"""Get permissions for paths.""" |
|
| 82 |
|
|
| 83 |
allowed = None |
|
| 84 |
d = defaultdict(list) |
|
| 85 |
for value, feature_id, key in perms: |
|
| 86 |
d[key].append(value) |
|
| 87 |
permissions = d |
|
| 88 |
if READ in permissions: |
|
| 89 |
allowed = 0 |
|
| 90 |
permissions['read'] = permissions[READ] |
|
| 91 |
del(permissions[READ]) |
|
| 92 |
if WRITE in permissions: |
|
| 93 |
allowed = 1 |
|
| 94 |
permissions['write'] = permissions[WRITE] |
|
| 95 |
del(permissions[WRITE]) |
|
| 96 |
return (permissions, allowed) |
|
| 97 |
|
|
| 79 | 98 |
def access_get(self, path): |
| 80 | 99 |
"""Get permissions for path.""" |
| 81 | 100 |
|
| ... | ... | |
| 134 | 153 |
return True |
| 135 | 154 |
return False |
| 136 | 155 |
|
| 156 |
def access_check_bulk(self, paths, member): |
|
| 157 |
rows = None |
|
| 158 |
q = ("select x.path, xvals.value, xvals.feature_id, xvals.key "
|
|
| 159 |
"from xfeaturevals xvals join xfeatures x " |
|
| 160 |
"on xvals.feature_id = x.feature_id " |
|
| 161 |
"where x.path in (%s)") % ','.join('?' for _ in paths)
|
|
| 162 |
self.execute(q, paths) |
|
| 163 |
rows = self.fetchall() |
|
| 164 |
if rows: |
|
| 165 |
access_check_paths = {}
|
|
| 166 |
for path, value, feature_id, key in rows: |
|
| 167 |
try: |
|
| 168 |
access_check_paths[path].append((value, feature_id, key)) |
|
| 169 |
except KeyError: |
|
| 170 |
access_check_paths[path] = [(value, feature_id, key)] |
|
| 171 |
return access_check_paths |
|
| 172 |
return None |
|
| 173 |
|
|
| 137 | 174 |
def access_inherit(self, path): |
| 138 | 175 |
"""Return the paths influencing the access for path.""" |
| 139 | 176 |
|
| ... | ... | |
| 153 | 190 |
valid.append(subp + '/') |
| 154 | 191 |
return [x for x in valid if self.xfeature_get(x)] |
| 155 | 192 |
|
| 193 |
def access_inherit_bulk(self, paths): |
|
| 194 |
"""Return the paths influencing the access for paths.""" |
|
| 195 |
|
|
| 196 |
# Only keep path components. |
|
| 197 |
valid = [] |
|
| 198 |
for path in paths: |
|
| 199 |
parts = path.rstrip('/').split('/')
|
|
| 200 |
for i in range(1, len(parts)): |
|
| 201 |
subp = '/'.join(parts[:i + 1]) |
|
| 202 |
valid.append(subp) |
|
| 203 |
if subp != path: |
|
| 204 |
valid.append(subp + '/') |
|
| 205 |
valid = self.xfeature_get_bulk(valid) |
|
| 206 |
return [x[1] for x in valid] |
|
| 207 |
|
|
| 156 | 208 |
def access_list_paths(self, member, prefix=None, include_owned=False, |
| 157 | 209 |
include_containers=True): |
| 158 | 210 |
"""Return the list of paths granted to member. |
| ... | ... | |
| 173 | 225 |
"using (feature_id)") |
| 174 | 226 |
p = (member, member) |
| 175 | 227 |
if prefix: |
| 176 |
q += " where" |
|
| 177 |
for path in self.access_inherit(prefix) or [prefix]:
|
|
| 178 |
q += " path like ? escape '\\'"
|
|
| 179 |
p += (self.escape_like(path) + '%',)
|
|
| 228 |
q += " where "
|
|
| 229 |
paths = self.access_inherit(prefix) or [prefix]
|
|
| 230 |
q += ' or '.join("path like ? escape '\\'" for _ in paths)
|
|
| 231 |
p += tuple(self.escape_like(path) + '%' for path in paths)
|
|
| 180 | 232 |
self.execute(q, p) |
| 181 | 233 |
|
| 182 | 234 |
l = [r[0] for r in self.fetchall()] |
| ... | ... | |
| 196 | 248 |
def access_list_shared(self, prefix=''): |
| 197 | 249 |
"""Return the list of shared paths.""" |
| 198 | 250 |
|
| 199 |
q = "select path from xfeatures where" |
|
| 200 |
p = [] |
|
| 201 |
for path in self.access_inherit(prefix) or [prefix]: |
|
| 202 |
q += " path like ? escape '\\'" |
|
| 203 |
p += (self.escape_like(path) + '%',) |
|
| 251 |
q = "select path from xfeatures where " |
|
| 252 |
paths = self.access_inherit(prefix) or [prefix] |
|
| 253 |
q += ' or '.join("path like ? escape '\\'" for _ in paths)
|
|
| 254 |
p = tuple(self.escape_like(path) + '%' for path in paths) |
|
| 204 | 255 |
self.execute(q, p) |
| 205 | 256 |
return [r[0] for r in self.fetchall()] |
Also available in: Unified diff