# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
-# $Id: Persons.py,v 1.2 2006/09/07 23:45:31 mlhuang Exp $
+# $Id: Persons.py,v 1.12 2006/10/20 17:52:24 mlhuang Exp $
#
from types import StringTypes
from PLC.Parameter import Parameter
from PLC.Debug import profile
from PLC.Table import Row, Table
-from PLC.Roles import Roles
-from PLC.Addresses import Address, Addresses
from PLC.Keys import Key, Keys
import PLC.Sites
"""
Representation of a row in the persons table. To use, optionally
instantiate with a dict of values. Update as you would a
- dict. Commit to the database with flush().
+ dict. Commit to the database with sync().
"""
+ table_name = 'persons'
+ primary_key = 'person_id'
fields = {
'person_id': Parameter(int, "Account identifier"),
- 'first_name': Parameter(str, "Given name", max = 128),
- 'last_name': Parameter(str, "Surname", max = 128),
+ 'first_name': Parameter(str, "Given name", max = 128, optional = False),
+ 'last_name': Parameter(str, "Surname", max = 128, optional = False),
'title': Parameter(str, "Title", max = 128),
- 'email': Parameter(str, "Primary e-mail address", max = 254),
+ 'email': Parameter(str, "Primary e-mail address", max = 254, optional = False),
'phone': Parameter(str, "Telephone number", max = 64),
'url': Parameter(str, "Home page", max = 254),
'bio': Parameter(str, "Biography", max = 254),
- 'accepted_aup': Parameter(bool, "Has accepted the AUP"),
'enabled': Parameter(bool, "Has been enabled"),
- 'deleted': Parameter(bool, "Has been deleted"),
- 'password': Parameter(str, "Account password in crypt() form", max = 254),
- 'last_updated': Parameter(str, "Date and time of last update"),
- 'date_created': Parameter(str, "Date and time when account was created"),
+ 'password': Parameter(str, "Account password in crypt() form", max = 254, optional = False),
+ 'last_updated': Parameter(str, "Date and time of last update", ro = True),
+ 'date_created': Parameter(str, "Date and time when account was created", ro = True),
+ 'role_ids': Parameter([int], "List of role identifiers", ro = True),
+ 'roles': Parameter([str], "List of roles", ro = True),
+ 'site_ids': Parameter([int], "List of site identifiers", ro = True),
+ 'key_ids': Parameter([int], "List of key identifiers", ro = True),
+ 'slice_ids': Parameter([int], "List of slice identifiers", ro = True),
}
- # These fields are derived from join tables and are not actually
- # in the persons table.
- join_fields = {
- 'role_ids': Parameter([int], "List of role identifiers"),
- 'roles': Parameter([str], "List of roles"),
- 'site_ids': Parameter([int], "List of site identifiers"),
- }
-
- # These fields are derived from join tables and are not returned
- # by default unless specified.
- extra_fields = {
- 'address_ids': Parameter([int], "List of address identifiers"),
- 'key_ids': Parameter([int], "List of key identifiers"),
- 'slice_ids': Parameter([int], "List of slice identifiers"),
- }
-
- default_fields = dict(fields.items() + join_fields.items())
- all_fields = dict(default_fields.items() + extra_fields.items())
-
- def __init__(self, api, fields):
- Row.__init__(self, fields)
- self.api = api
-
def validate_email(self, email):
"""
Validate email address. Stolen from Mailman.
conflicts = Persons(self.api, [email])
for person_id, person in conflicts.iteritems():
- if not person['deleted'] and ('person_id' not in self or self['person_id'] != person_id):
+ if 'person_id' not in self or self['person_id'] != person_id:
raise PLCInvalidArgument, "E-mail address already in use"
return email
salt = md5.md5(salt).hexdigest()[:8]
return crypt.crypt(password.encode(self.api.encoding), magic + salt + "$")
- def validate_role_ids(self, role_ids):
- """
- Ensure that the specified role_ids are all valid.
- """
-
- roles = Roles(self.api)
- for role_id in role_ids:
- if role_id not in roles:
- raise PLCInvalidArgument, "No such role"
-
- return role_ids
-
- def validate_site_ids(self, site_ids):
- """
- Ensure that the specified site_ids are all valid.
- """
-
- sites = PLC.Sites.Sites(self.api, site_ids)
- for site_id in site_ids:
- if site_id not in sites:
- raise PLCInvalidArgument, "No such site"
-
- return site_ids
-
def can_update(self, person):
"""
Returns true if we can update the specified person. We can
assert 'person_id' in self
person_id = self['person_id']
- self.api.db.do("INSERT INTO person_roles (person_id, role_id)" \
- " VALUES(%(person_id)d, %(role_id)d)",
- locals())
-
- if commit:
- self.api.db.commit()
- assert 'role_ids' in self
if role_id not in self['role_ids']:
+ self.api.db.do("INSERT INTO person_role (person_id, role_id)" \
+ " VALUES(%(person_id)d, %(role_id)d)",
+ locals())
+
+ if commit:
+ self.api.db.commit()
+
self['role_ids'].append(role_id)
def remove_role(self, role_id, commit = True):
assert 'person_id' in self
person_id = self['person_id']
- self.api.db.do("DELETE FROM person_roles" \
- " WHERE person_id = %(person_id)d" \
- " AND role_id = %(role_id)d",
- locals())
- if commit:
- self.api.db.commit()
-
- assert 'role_ids' in self
if role_id in self['role_ids']:
+ self.api.db.do("DELETE FROM person_role" \
+ " WHERE person_id = %(person_id)d" \
+ " AND role_id = %(role_id)d",
+ locals())
+
+ if commit:
+ self.api.db.commit()
+
self['role_ids'].remove(role_id)
+
+ def add_key(self, key, commit = True):
+ """
+ Add key to existing account.
+ """
+
+ assert 'person_id' in self
+ assert isinstance(key, Key)
+ assert 'key_id' in key
+
+ person_id = self['person_id']
+ key_id = key['key_id']
+
+ if key_id not in self['key_ids']:
+ self.api.db.do("INSERT INTO person_key (person_id, key_id)" \
+ " VALUES(%(person_id)d, %(key_id)d)",
+ locals())
+
+ if commit:
+ self.api.db.commit()
+
+ self['key_ids'].append(key_id)
+
+ def remove_key(self, key, commit = True):
+ """
+ Remove key from existing account.
+ """
+
+ assert 'person_id' in self
+ assert isinstance(key, Key)
+ assert 'key_id' in key
+
+ person_id = self['person_id']
+ key_id = key['key_id']
+
+ if key_id in self['key_ids']:
+ self.api.db.do("DELETE FROM person_key" \
+ " WHERE person_id = %(person_id)d" \
+ " AND key_id = %(key_id)d",
+ locals())
+
+ if commit:
+ self.api.db.commit()
+
+ self['key_ids'].remove(key_id)
def set_primary_site(self, site, commit = True):
"""
self['site_ids'].remove(site_id)
self['site_ids'].insert(0, site_id)
- def flush(self, commit = True):
- """
- Commit changes back to the database.
- """
-
- self.validate()
-
- # Fetch a new person_id if necessary
- if 'person_id' not in self:
- rows = self.api.db.selectall("SELECT NEXTVAL('persons_person_id_seq') AS person_id")
- if not rows:
- raise PLCDBError, "Unable to fetch new person_id"
- self['person_id'] = rows[0]['person_id']
- insert = True
- else:
- insert = False
-
- # Filter out fields that cannot be set or updated directly
- fields = dict(filter(lambda (key, value): key in self.fields,
- self.items()))
-
- # Parameterize for safety
- keys = fields.keys()
- values = [self.api.db.param(key, value) for (key, value) in fields.items()]
-
- if insert:
- # Insert new row in persons table
- sql = "INSERT INTO persons (%s) VALUES (%s)" % \
- (", ".join(keys), ", ".join(values))
- else:
- # Update existing row in persons table
- columns = ["%s = %s" % (key, value) for (key, value) in zip(keys, values)]
- sql = "UPDATE persons SET " + \
- ", ".join(columns) + \
- " WHERE person_id = %(person_id)d"
-
- self.api.db.do(sql, fields)
-
- if commit:
- self.api.db.commit()
-
def delete(self, commit = True):
"""
Delete existing account.
"""
- assert 'person_id' in self
-
- # Make sure extra fields are present
- persons = Persons(self.api, [self['person_id']],
- ['address_ids', 'key_ids'])
- assert persons
- self.update(persons.values()[0])
-
- # Delete all addresses
- addresses = Addresses(self.api, self['address_ids'])
- for address in addresses.values():
- address.delete(commit = False)
-
# Delete all keys
keys = Keys(self.api, self['key_ids'])
for key in keys.values():
key.delete(commit = False)
# Clean up miscellaneous join tables
- for table in ['person_roles', 'person_capabilities', 'person_site',
- 'node_root_access', 'dslice03_sliceuser']:
+ for table in ['person_role', 'person_site', 'slice_person']:
self.api.db.do("DELETE FROM %s" \
" WHERE person_id = %d" % \
(table, self['person_id']))
# Mark as deleted
self['deleted'] = True
- self.flush(commit)
+ self.sync(commit)
class Persons(Table):
"""
non-deleted accounts.
"""
- def __init__(self, api, person_id_or_email_list = None, extra_fields = [], deleted = False, enabled = None):
+ def __init__(self, api, person_id_or_email_list = None, enabled = None):
self.api = api
- role_max = Roles.role_max
-
- # N.B.: Site IDs returned may be deleted. Persons returned are
- # never deleted, but may not be enabled.
- sql = "SELECT persons.*" \
- ", roles.role_id, roles.name AS role" \
- ", person_site.site_id" \
-
- # N.B.: Joined IDs may be marked as deleted in their primary tables
- join_tables = {
- # extra_field: (extra_table, extra_column, join_using)
- 'address_ids': ('person_address', 'address_id', 'person_id'),
- 'key_ids': ('person_keys', 'key_id', 'person_id'),
- 'slice_ids': ('dslice03_sliceuser', 'slice_id', 'person_id'),
- }
-
- extra_fields = filter(join_tables.has_key, extra_fields)
- extra_tables = ["%s USING (%s)" % \
- (join_tables[field][0], join_tables[field][2]) \
- for field in extra_fields]
- extra_columns = ["%s.%s" % \
- (join_tables[field][0], join_tables[field][1]) \
- for field in extra_fields]
-
- if extra_columns:
- sql += ", " + ", ".join(extra_columns)
-
- sql += " FROM persons" \
- " LEFT JOIN person_roles USING (person_id)" \
- " LEFT JOIN roles USING (role_id)" \
- " LEFT JOIN person_site USING (person_id)"
-
- if extra_tables:
- sql += " LEFT JOIN " + " LEFT JOIN ".join(extra_tables)
-
- # So that people with no roles have empty role_ids and roles values
- sql += " WHERE (role_id IS NULL or role_id <= %(role_max)d)"
-
- if deleted is not None:
- sql += " AND persons.deleted IS %(deleted)s"
+ sql = "SELECT %s FROM view_persons WHERE deleted IS False" % \
+ ", ".join(Person.fields)
if enabled is not None:
- sql += " AND persons.enabled IS %(enabled)s"
+ sql += " AND enabled IS %(enabled)s"
if person_id_or_email_list:
# Separate the list into integers and strings
sql += " OR person_id IN (%s)" % ", ".join(map(str, person_ids))
if emails:
# Case insensitive e-mail address comparison
- sql += " OR lower(email) IN (%s)" % ", ".join(api.db.quote(emails)).lower()
+ sql += " OR email IN (%s)" % ", ".join(api.db.quote(emails)).lower()
sql += ")"
- # The first site_id in the site_ids list is the primary site
- # of the user. See AdmGetPersonSites().
- sql += " ORDER BY person_site.is_primary DESC"
-
rows = self.api.db.selectall(sql, locals())
+
for row in rows:
- if self.has_key(row['person_id']):
- person = self[row['person_id']]
- person.update(row)
- else:
- self[row['person_id']] = Person(api, row)
+ self[row['person_id']] = person = Person(api, row)
+ for aggregate in 'role_ids', 'roles', 'site_ids', 'key_ids', 'slice_ids':
+ if not person.has_key(aggregate) or person[aggregate] is None:
+ person[aggregate] = []
+ else:
+ elements = person[aggregate].split(',')
+ try:
+ person[aggregate] = map(int, elements)
+ except ValueError:
+ person[aggregate] = elements
git://git.onelab.eu / plcapi.git / blobdiff