document: base the dir permissions on ir.rule, not on sql call.
bzr revid: p_christ@hol.gr-20101027102428-6n2huvvv2o1tiyh6
This commit is contained in:
parent
d0b6bf1181
commit
4dae4d0dbf
|
@ -21,6 +21,7 @@
|
|||
|
||||
|
||||
from osv import osv, fields
|
||||
from osv.orm import except_orm
|
||||
|
||||
import os
|
||||
import nodes
|
||||
|
@ -212,22 +213,20 @@ class document_directory(osv.osv):
|
|||
"""
|
||||
return
|
||||
|
||||
def get_dir_permissions(self, cr, uid, ids ):
|
||||
def get_dir_permissions(self, cr, uid, ids, context=None ):
|
||||
"""Check what permission user 'uid' has on directory 'id'
|
||||
"""
|
||||
assert len(ids) == 1
|
||||
id = ids[0]
|
||||
|
||||
cr.execute( "SELECT count(dg.item_id) AS needs, count(ug.uid) AS has " \
|
||||
" FROM document_directory_group_rel dg " \
|
||||
" LEFT OUTER JOIN res_groups_users_rel ug " \
|
||||
" ON (dg.group_id = ug.gid AND ug.uid = %s) " \
|
||||
" WHERE dg.item_id = %s ", (uid, id))
|
||||
needs, has = cr.fetchone()
|
||||
if needs and not has:
|
||||
return 1 # still allow to descend into.
|
||||
else:
|
||||
return 15
|
||||
res = 0
|
||||
for pperms in [('read', 5), ('write', 2), ('unlink', 8)]:
|
||||
try:
|
||||
self.check_access_rule(cr, uid, ids, pperms[0], context=context)
|
||||
res |= pperms[1]
|
||||
except except_orm:
|
||||
pass
|
||||
return res
|
||||
|
||||
def _locate_child(self, cr, uid, root_id, uri,nparent, ncontext):
|
||||
""" try to locate the node in uri,
|
||||
|
|
|
@ -478,6 +478,16 @@ def mkdosname(company_name, default='noname'):
|
|||
return n
|
||||
|
||||
|
||||
def _uid2unixperms(perms, has_owner):
|
||||
""" Convert the uidperms and the owner flag to full unix bits
|
||||
"""
|
||||
res = 0
|
||||
res |= (perms & 0x07) << 6
|
||||
res |= (perms & 0x05) << 3
|
||||
if not has_owner:
|
||||
res |= 0x05
|
||||
return res
|
||||
|
||||
class node_dir(node_database):
|
||||
our_type = 'collection'
|
||||
def __init__(self, path, parent, context, dirr, dctx=None):
|
||||
|
@ -492,13 +502,13 @@ class node_dir(node_database):
|
|||
# TODO: the write date should be MAX(file.write)..
|
||||
self.write_date = dirr and (dirr.write_date or dirr.create_date) or False
|
||||
self.content_length = 0
|
||||
self.unixperms = 040750
|
||||
try:
|
||||
self.uuser = (dirr.user_id and dirr.user_id.login) or 'nobody'
|
||||
except Exception:
|
||||
self.uuser = 'nobody'
|
||||
self.ugroup = mkdosname(dirr.company_id and dirr.company_id.name, default='nogroup')
|
||||
self.uidperms = dirr.get_dir_permissions()
|
||||
self.unixperms = 040000 | _uid2unixperms(self.uidperms, dirr and dirr.user_id)
|
||||
if dctx:
|
||||
self.dctx.update(dctx)
|
||||
dc2 = self.context.context
|
||||
|
@ -731,13 +741,13 @@ class node_res_dir(node_class):
|
|||
# TODO: the write date should be MAX(file.write)..
|
||||
self.write_date = dirr.write_date or dirr.create_date
|
||||
self.content_length = 0
|
||||
self.unixperms = 040750
|
||||
try:
|
||||
self.uuser = (dirr.user_id and dirr.user_id.login) or 'nobody'
|
||||
except Exception:
|
||||
self.uuser = 'nobody'
|
||||
self.ugroup = mkdosname(dirr.company_id and dirr.company_id.name, default='nogroup')
|
||||
self.uidperms = dirr.get_dir_permissions()
|
||||
self.unixperms = 040000 | _uid2unixperms(self.uidperms, dirr and dirr.user_id)
|
||||
self.res_model = dirr.ressource_type_id and dirr.ressource_type_id.model or False
|
||||
self.resm_id = dirr.ressource_id
|
||||
self.res_find_all = dirr.resource_find_all
|
||||
|
@ -855,8 +865,8 @@ class node_res_obj(node_class):
|
|||
# TODO: the write date should be MAX(file.write)..
|
||||
self.write_date = parent.write_date
|
||||
self.content_length = 0
|
||||
self.unixperms = 040750
|
||||
self.uidperms = parent.uidperms & 15
|
||||
self.unixperms = 040000 | _uid2unixperms(self.uidperms, True)
|
||||
self.uuser = parent.uuser
|
||||
self.ugroup = parent.ugroup
|
||||
self.res_model = res_model
|
||||
|
|
Loading…
Reference in New Issue