odoo
/
odoo
2
0
Fork 0
Code Pull Requests Releases Activity

Document API: framework for permisssion bits. 

The nodes may have extra permission attributes, rather than the ir.rule
system. Store those bits in a 'uidperms' attribute of each node.

bzr revid: p_christ@hol.gr-20100711142527-5o4v68yeuhgqvog4
This commit is contained in:
P. Christeas 2010-07-11 17:25:27 +03:00
parent d6f1e1f29f
commit 661a6818d8
2 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
addons/document/document_directory.py
View File

@ -198,6 +198,22 @@ class document_directory(osv.osv):
return nodes.get_node_context(cr, uid, context).get_uri(cr, uri)
def get_dir_permissions(self, cr, uid, ids ):
"""Check what permission user 'uid' has on directory 'id'
"""
assert len(ids) == 1
id = ids[0]
cr.execute( "SELECT count(dg.item_id) AS needs, count(ug.uid) AS has " \
" FROM document_directory_group_rel dg " \
" LEFT OUTER JOIN res_groups_users_rel ug " \
" ON (dg.group_id = ug.gid AND ug.uid = %s) " \
" WHERE dg.item_id = %s ", (uid, id))
needs, has = cr.fetchone()
if needs and not has:
return 1 # still allow to descend into.
else:
return 7
def _locate_child(self, cr, uid, root_id, uri,nparent, ncontext):
""" try to locate the node in uri,

42
addons/document/nodes.py
View File

@ -163,6 +163,7 @@ class node_class(object):
self.context = context
self.type=self.our_type
self.parent = parent
self.uidperms = 5 # computed permissions for our uid, in unix bits
self.mimetype = 'application/octet-stream'
self.create_date = None
self.write_date = None
@ -316,6 +317,33 @@ class node_class(object):
def get_domain(self, cr, filters):
return []
def check_perms(self, perms):
""" Check the permissions of the current node.
@param perms either an integers of the bits to check, or
a string with the permission letters
Permissions of nodes are (in a unix way):
1, x : allow descend into dir
2, w : allow write into file, or modification to dir
4, r : allow read of file, or listing of dir contents
8, u : allow remove (unlink)
"""
if isinstance(perms, str):
pe2 = 0
chars = { 'x': 1, 'w': 2, 'r': 4, 'u': 8 }
for c in perms:
pe2 = pe2 | chars[c]
perms = pe2
elif isinstance(perms, int):
if perms < 0 or perms > 15:
raise ValueError("Invalid permission bits")
else:
raise ValueError("Invalid permission attribute")
return ((self.uidperms & perms) == perms)
class node_database(node_class):
""" A node representing the database directory
@ -324,6 +352,7 @@ class node_database(node_class):
def __init__(self, path=[], parent=False, context=None):
super(node_database,self).__init__(path, parent, context)
self.unixperms = 040750
self.uidperms = 5
def children(self, cr, domain=None):
res = self._child_get(cr, domain=domain) + self._file_get(cr)
@ -374,6 +403,16 @@ class node_database(node_class):
def _get_ttag(self,cr):
return 'db-%s' % cr.dbname
def mkdosname(company_name, default='noname'):
""" convert a string to a dos-like name"""
if not company_name:
return default
badchars = ' !@#$%^`~*()+={}[];:\'"/?.<>'
n = ''
for c in company_name[:8]:
n += (c in badchars and '_') or c
return n
class node_dir(node_database):
our_type = 'collection'
@ -390,6 +429,9 @@ class node_dir(node_database):
self.write_date = dirr and (dirr.write_date or dirr.create_date) or False
self.content_length = 0
self.unixperms = 040750
self.uuser = (dirr.user_id and dirr.user_id.login) or 'nobody'
self.ugroup = mkdosname(dirr.company_id and dirr.company_id.name, default='nogroup')
self.uidperms = dirr.get_dir_permissions()
if dctx:
self.dctx.update(dctx)
dc2 = self.context.context