Infrastructure/fedora-infrastructure
1
0
Fork 0
Code Issues 70 Pull requests Projects Releases Packages Wiki Activity Actions

edit page now uses the new sql

Browse source
This commit is contained in:
Michael McGrath 2008-02-20 16:13:08 -06:00
parent bb30c881a0
commit 810f1c433f
5 changed files with 61 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

38
fas/fas/auth.py
View file

@ -2,24 +2,26 @@ from turbogears import config
from fas.fasLDAP import UserAccount from fas.fasLDAP import UserAccount
from fas.fasLDAP import Person from fas.fasLDAP import Person
from fas.fasLDAP import Groups #from fas.fasLDAP import Groups
from fas.fasLDAP import UserGroup from fas.fasLDAP import UserGroup
from fas.model import Groups
import re import re
def isAdmin(userName, g=None): def isAdmin(userName, g=None):
admingroup = config.get('admingroup') admingroup = config.get('admingroup')
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_name(admingroup)
try: try:
g[admingroup].cn g.people[0].by_username(userName)
return True return True
except KeyError: except KeyError:
return False return False
def canAdminGroup(userName, groupName, g=None): def canAdminGroup(userName, groupName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
group = Groups.groups(groupName)[groupName] group = Groups.groups(groupName)[groupName]
try: try:
if isAdmin(userName, g) or \ if isAdmin(userName, g) or \
@ -33,7 +35,7 @@ def canAdminGroup(userName, groupName, g=None):
def canSponsorGroup(userName, groupName, g=None): def canSponsorGroup(userName, groupName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
try: try:
if isAdmin(userName, g) or \ if isAdmin(userName, g) or \
canAdminGroup(userName, groupName, g) or \ canAdminGroup(userName, groupName, g) or \
@ -46,7 +48,7 @@ def canSponsorGroup(userName, groupName, g=None):
def isApproved(userName, groupName, g=None): def isApproved(userName, groupName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
try: try:
if (g[groupName].fedoraRoleStatus.lower() == 'approved'): if (g[groupName].fedoraRoleStatus.lower() == 'approved'):
return True return True
@ -57,7 +59,7 @@ def isApproved(userName, groupName, g=None):
def signedCLAPrivs(userName, g=None): def signedCLAPrivs(userName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
if isApproved(userName, config.get('cla_sign_group'), g): if isApproved(userName, config.get('cla_sign_group'), g):
return True return True
else: else:
@ -65,7 +67,7 @@ def signedCLAPrivs(userName, g=None):
def clickedCLAPrivs(userName, g=None): def clickedCLAPrivs(userName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
if signedCLAPrivs(userName, g) or \ if signedCLAPrivs(userName, g) or \
isApproved(userName, config.get('cla_click_group'), g): isApproved(userName, config.get('cla_click_group'), g):
return True return True
@ -73,8 +75,8 @@ def clickedCLAPrivs(userName, g=None):
return False return False
def canEditUser(userName, editUserName, g=None): def canEditUser(userName, editUserName, g=None):
if not g: # if not g:
g = Groups.byUserName(userName) # g = Groups.by_usname(userName)
if userName == editUserName: if userName == editUserName:
return True return True
elif isAdmin(userName, g): elif isAdmin(userName, g):
@ -84,7 +86,7 @@ def canEditUser(userName, editUserName, g=None):
def canCreateGroup(userName, g=None): def canCreateGroup(userName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
if isAdmin(userName, g): if isAdmin(userName, g):
return True return True
else: else:
@ -92,7 +94,7 @@ def canCreateGroup(userName, g=None):
def canEditGroup(userName, groupName, g=None): def canEditGroup(userName, groupName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
if canAdminGroup(userName, groupName): if canAdminGroup(userName, groupName):
return True return True
else: else:
@ -104,7 +106,7 @@ def canViewGroup(userName, groupName, g=None):
privilegedViewGroups = config.get('privileged_view_groups') privilegedViewGroups = config.get('privileged_view_groups')
if re.compile(privilegedViewGroups).match(groupName): if re.compile(privilegedViewGroups).match(groupName):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
if canAdminGroup(userName, groupName, g): if canAdminGroup(userName, groupName, g):
return True return True
else: else:
@ -114,7 +116,7 @@ def canViewGroup(userName, groupName, g=None):
def canApplyGroup(userName, groupName, applyUserName, g=None): def canApplyGroup(userName, groupName, applyUserName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
# User must satisfy all dependencies to join. # User must satisfy all dependencies to join.
# This is bypassed for people already in the group and for the # This is bypassed for people already in the group and for the
# owner of the group (when they initially make it). # owner of the group (when they initially make it).
@ -134,7 +136,7 @@ def canApplyGroup(userName, groupName, applyUserName, g=None):
def canSponsorUser(userName, groupName, sponsorUserName, g=None): def canSponsorUser(userName, groupName, sponsorUserName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
# This is just here in case we want to add more complex checks in the future # This is just here in case we want to add more complex checks in the future
if canSponsorGroup(userName, groupName, g): if canSponsorGroup(userName, groupName, g):
return True return True
@ -143,7 +145,7 @@ def canSponsorUser(userName, groupName, sponsorUserName, g=None):
def canRemoveUser(userName, groupName, removeUserName, g=None): def canRemoveUser(userName, groupName, removeUserName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
group = Groups.groups(groupName)[groupName] group = Groups.groups(groupName)[groupName]
# Only administrators can remove administrators. # Only administrators can remove administrators.
if canAdminGroup(removeUserName, groupName) and \ if canAdminGroup(removeUserName, groupName) and \
@ -159,7 +161,7 @@ def canRemoveUser(userName, groupName, removeUserName, g=None):
def canUpgradeUser(userName, groupName, sponsorUserName, g=None): def canUpgradeUser(userName, groupName, sponsorUserName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
# Group admins can upgrade anybody (fasLDAP.py has the checks to prevent # Group admins can upgrade anybody (fasLDAP.py has the checks to prevent
# upgrading admins, etc. # upgrading admins, etc.
if canAdminGroup(userName, groupName, g): if canAdminGroup(userName, groupName, g):
@ -174,7 +176,7 @@ def canUpgradeUser(userName, groupName, sponsorUserName, g=None):
def canDowngradeUser(userName, groupName, sponsorUserName, g=None): def canDowngradeUser(userName, groupName, sponsorUserName, g=None):
if not g: if not g:
g = Groups.byUserName(userName) g = Groups.by_username(userName)
# Group admins can downgrade anybody. # Group admins can downgrade anybody.
if canAdminGroup(userName, groupName, g): if canAdminGroup(userName, groupName, g):
return True return True

11
fas/fas/model.py
View file

@ -86,6 +86,7 @@ class People(SABase):
A class method that can be used to search users A class method that can be used to search users
based on their email addresses since it is unique. based on their email addresses since it is unique.
''' '''
# Note: Need to figure out how to filter this one at some point
return cls.query.filter_by(email_address=email).first() return cls.query.filter_by(email_address=email).first()
by_email_address = classmethod(by_email_address) by_email_address = classmethod(by_email_address)
@ -141,7 +142,15 @@ class Configs(SABase):
class Groups(SABase): class Groups(SABase):
'''Group that people can belong to.''' '''Group that people can belong to.'''
pass def by_name(cls, name):
'''
A class method that permits to search groups
based on their name attribute.
'''
return cls.query.filter_by(name=name).one()
by_name = classmethod(by_name)
# People in the group # People in the group
people = association_proxy('roles', 'member') people = association_proxy('roles', 'member')
# Groups in the group # Groups in the group

6
fas/fas/templates/master.html
View file

@ -50,11 +50,11 @@
<div id="sidebar"> <div id="sidebar">
<ul> <ul>
<li class="first"><a href="${tg.url('/group/list')}">${_('Group List')}</a></li> <li class="first"><a href="${tg.url('/group/list')}">${_('Group List')}</a></li>
<div py:if="'accounts' in tg.identity.groups" py:strip=''> <!--<div py:if="'accounts' in tg.identity.groups" py:strip=''> -->
<!-- TODO: Make these use auth.py --> <!-- TODO: Make these use auth.py -->
<li><a href="${tg.url('/user/list')}">${_('User List')}</a></li> <!-- <li><a href="${tg.url('/user/list')}">${_('User List')}</a></li>
<li><a href="${tg.url('/group/new')}">${_('New Group')}</a></li> <li><a href="${tg.url('/group/new')}">${_('New Group')}</a></li>
</div> </div>-->
<li><a href="${tg.url('/group/list/A*')}">${_('Apply For a new Group')}</a></li> <li><a href="${tg.url('/group/list/A*')}">${_('Apply For a new Group')}</a></li>
<li><a href="http://fedoraproject.org/wiki/FWN/LatestIssue">${_('News')}</a></li> <li><a href="http://fedoraproject.org/wiki/FWN/LatestIssue">${_('News')}</a></li>
</ul> </ul>

36
fas/fas/templates/user/edit.html
View file

@ -10,45 +10,45 @@
<h2>${_('Edit Account (%s)') % userName}</h2> <h2>${_('Edit Account (%s)') % userName}</h2>
<form action="${tg.url('/user/save/%s' % userName)}" method="post"> <form action="${tg.url('/user/save/%s' % userName)}" method="post">
<div class="field"> <div class="field">
<label for="givenName">${_('Full Name'):}</label> <label for="givenName">${_('Full Name')}:</label>
<input type="text" id="givenName" name="givenName" value="${user.givenName}" /> <input type="text" id="givenName" name="givenName" value="${user.human_name}" />
</div> </div>
<div class="field"> <div class="field">
<label for="mail">${_('Email'):}</label> <label for="mail">${_('Email')}:</label>
<input type="text" id="mail" name="mail" value="${user.mail}" /> <input type="text" id="mail" name="mail" value="${user.username}" />
</div> </div>
<div class="field"> <div class="field">
<label for="fedoraPersonBugzillaMail">${_('Bugzilla Email'):}</label> <label for="fedoraPersonBugzillaMail">${_('Bugzilla Email')}:</label>
<input type="text" id="fedoraPersonBugzillaMail" name="fedoraPersonBugzillaMail" value="${user.fedoraPersonBugzillaMail}" /> <input type="text" id="fedoraPersonBugzillaMail" name="fedoraPersonBugzillaMail" value="${user.username}" />
</div> </div>
<div class="field"> <div class="field">
<label for="fedoraPersonIrcNick">${_('IRC Nick'):}</label> <label for="fedoraPersonIrcNick">${_('IRC Nick')}:</label>
<input type="text" id="fedoraPersonIrcNick" name="fedoraPersonIrcNick" value="${user.fedoraPersonIrcNick}" /> <input type="text" id="fedoraPersonIrcNick" name="fedoraPersonIrcNick" value="${user.ircnick}" />
</div> </div>
<div class="field"> <div class="field">
<label for="fedoraPersonKeyId">${_('PGP Key'):}</label> <label for="fedoraPersonKeyId">${_('PGP Key')}:</label>
<input type="text" id="fedoraPersonKeyId" name="fedoraPersonKeyId" value="${user.fedoraPersonKeyId}" /> <input type="text" id="fedoraPersonKeyId" name="fedoraPersonKeyId" value="${user.gpg_keyid}" />
</div> </div>
<div class="field"> <div class="field">
<label for="telephoneNumber">${_('Telephone Number'):}</label> <label for="telephoneNumber">${_('Telephone Number')}:</label>
<input type="text" id="telephoneNumber" name="telephoneNumber" value="${user.telephoneNumber}" /> <input type="text" id="telephoneNumber" name="telephoneNumber" value="${user.telephone}" />
</div> </div>
<div class="field"> <div class="field">
<label for="postalAddress">${_('Postal Address'):}</label> <label for="postalAddress">${_('Postal Address')}:</label>
<textarea id="postalAddress" name="postalAddress">${user.postalAddress}</textarea> <textarea id="postalAddress" name="postalAddress">${user.postal_address}</textarea>
</div> </div>
<div class="field"> <div class="field">
<label for="fedoraPersonTimeZone">${_('Time Zone'):}</label> <label for="fedoraPersonTimeZone">${_('Time Zone')}:</label>
<select id="fedoraPersonTimeZone" name="fedoraPersonTimeZone"> <select id="fedoraPersonTimeZone" name="fedoraPersonTimeZone">
<?python <?python
from pytz import common_timezones from pytz import common_timezones
?> ?>
<option py:for="tz in common_timezones" value="${tz}" py:attrs="{'selected': user.fedoraPersonTimeZone == tz and 'selected' or None}">${tz}</option> <option py:for="tz in common_timezones" value="${tz}" py:attrs="{'selected': user.locale == tz and 'selected' or None}">${tz}</option>
</select> </select>
</div> </div>
<div class="field"> <div class="field">
<label for="description ">${_('Description'):}</label> <label for="description ">${_('Description')}:</label>
<textarea id="description" name="description">${user.description}</textarea> <textarea id="description" name="description">${user.comments}</textarea>
</div> </div>
<div class="field"> <div class="field">
<input type="submit" value="${_('Save!')}" /> <input type="submit" value="${_('Save!')}" />

15
fas/fas/user.py
View file

@ -15,6 +15,8 @@ from fas.fasLDAP import Person
from fas.fasLDAP import Groups from fas.fasLDAP import Groups
from fas.fasLDAP import UserGroup from fas.fasLDAP import UserGroup
from fas.model import People
from fas.auth import * from fas.auth import *
from textwrap import dedent from textwrap import dedent
@ -24,8 +26,9 @@ class knownUser(validators.FancyValidator):
def _to_python(self, value, state): def _to_python(self, value, state):
return value.strip() return value.strip()
def validate_python(self, value, state): def validate_python(self, value, state):
p = Person.byUserName(value) try:
if not p.cn: p = People.by_username(value)
except InvalidRequestError:
raise validators.Invalid(_("'%s' does not exist.") % value, value, state) raise validators.Invalid(_("'%s' does not exist.") % value, value, state)
class nonFedoraEmail(validators.FancyValidator): class nonFedoraEmail(validators.FancyValidator):
@ -160,12 +163,14 @@ class User(controllers.Controller):
def edit(self, userName=None): def edit(self, userName=None):
'''Edit a user '''Edit a user
''' '''
print "User: %s" % userName
if not userName: if not userName:
userName = turbogears.identity.current.user_name userName = turbogears.identity.current.username
if not canEditUser(turbogears.identity.current.user_name, userName): if not canEditUser(turbogears.identity.current.user_name, userName):
turbogears.flash(_('You cannot edit %s') % userName ) turbogears.flash(_('You cannot edit %s') % userName )
userName = turbogears.identity.current.user_name userName = turbogears.identity.current.username
user = Person.byUserName(userName) user = People.by_username(userName)
return dict(userName=userName, user=user) return dict(userName=userName, user=user)
@identity.require(turbogears.identity.not_anonymous()) @identity.require(turbogears.identity.not_anonymous())