X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FPersons.py;h=5a0240379790c8c33badb819fbf9be12e31e69e3;hb=fe81b2c91b436b1882f63023413c7f51b29538ed;hp=ee01550e9fd5ce29ac296a247a1630604c74b151;hpb=3f5cfa865d7b3649445fbb9af290901bf65fd4fc;p=plcapi.git diff --git a/PLC/Persons.py b/PLC/Persons.py index ee01550..5a02403 100644 --- a/PLC/Persons.py +++ b/PLC/Persons.py @@ -5,11 +5,14 @@ # Copyright (C) 2006 The Trustees of Princeton University # # $Id$ +# $URL$ # from types import StringTypes -from datetime import datetime -import md5 +try: + from hashlib import md5 +except ImportError: + from md5 import md5 import time from random import Random import re @@ -56,6 +59,7 @@ class Person(Row): 'slice_ids': Parameter([int], "List of slice identifiers"), 'peer_id': Parameter(int, "Peer to which this user belongs", nullok = True), 'peer_person_id': Parameter(int, "Foreign user identifier at peer", nullok = True), + 'person_tag_ids' : Parameter ([int], "List of tags attached to this person"), } related_fields = { 'roles': [Mixed(Parameter(int, "Role identifier"), @@ -67,44 +71,34 @@ class Person(Row): 'slices': [Mixed(Parameter(int, "Slice identifier"), Parameter(str, "Slice name"))] } + view_tags_name = "view_person_tags" + # tags are used by the Add/Get/Update methods to expose tags + # this is initialized here and updated by the accessors factory + tags = { } def validate_email(self, email): """ Validate email address. Stolen from Mailman. """ - + email = email.lower() invalid_email = PLCInvalidArgument("Invalid e-mail address") - email_badchars = r'[][()<>|;^,\200-\377]' - - # Pretty minimal, cheesy check. We could do better... - if not email or email.count(' ') > 0: - raise invalid_email - if re.search(email_badchars, email) or email[0] == '-': - raise invalid_email - email = email.lower() - at_sign = email.find('@') - if at_sign < 1: + if not email: raise invalid_email - user = email[:at_sign] - rest = email[at_sign+1:] - domain = rest.split('.') - # This means local, unqualified addresses, are not allowed - if not domain: - raise invalid_email - if len(domain) < 2: + email_re = re.compile('\A[a-zA-Z0-9._%+\-]+@[a-zA-Z0-9._\-]+\.[a-zA-Z]+\Z') + if not email_re.match(email): raise invalid_email # check only against users on the same peer - if 'peer_id' in self: + if 'peer_id' in self: namespace_peer_id = self['peer_id'] else: namespace_peer_id = None - conflicts = Persons(self.api, {'email':email,'peer_id':namespace_peer_id}) + conflicts = Persons(self.api, {'email':email,'peer_id':namespace_peer_id}) - for person in conflicts: + for person in conflicts: if 'person_id' not in self or self['person_id'] != person['person_id']: raise PLCInvalidArgument, "E-mail address already in use" @@ -124,7 +118,7 @@ class Person(Row): else: # Generate a somewhat unique 8 character salt string salt = str(time.time()) + str(Random().random()) - salt = md5.md5(salt).hexdigest()[:8] + salt = md5(salt).hexdigest()[:8] return crypt.crypt(password.encode(self.api.encoding), magic + salt + "$") validate_date_created = Row.validate_timestamp @@ -152,8 +146,8 @@ class Person(Row): if 'pi' in self['roles']: if set(self['site_ids']).intersection(person['site_ids']): - # Can update people with higher role IDs - return min(self['role_ids']) < min(person['role_ids']) + # Can update person is neither a PI or ADMIN + return (not (('pi' in person['roles']) or ('admin' in person['roles']))) return False @@ -175,7 +169,7 @@ class Person(Row): if 'pi' in self['roles']: if set(self['site_ids']).intersection(person['site_ids']): # Can view people with equal or higher role IDs - return min(self['role_ids']) <= min(person['role_ids']) + return 'admin' not in person['roles'] return False @@ -239,7 +233,7 @@ class Person(Row): # Translate roles into role_ids if role_names: - roles = Roles(self.api, role_names, ['role_id']).dict('role_id') + roles = Roles(self.api, role_names).dict('role_id') role_ids += roles.keys() # Add new ids, remove stale ids @@ -379,64 +373,14 @@ class Persons(Table): def __init__(self, api, person_filter = None, columns = None): Table.__init__(self, api, Person, columns) - foreign_fields = {'role_ids': ('role_id', 'person_role'), - 'roles': ('name', 'roles'), - 'site_ids': ('site_id', 'person_site'), - 'key_ids': ('key_id', 'person_key'), - 'slice_ids': ('slice_id', 'slice_person') - } - foreign_keys = {} - db_fields = filter(lambda field: field not in foreign_fields.keys(), Person.fields.keys()) - all_fields = db_fields + [value[0] for value in foreign_fields.values()] - fields = [] - _select = "SELECT " - _from = " FROM persons " - _join = " LEFT JOIN peer_person USING (person_id) " - _where = " WHERE deleted IS False " - - if not columns: - # include all columns - fields = all_fields - tables = [value[1] for value in foreign_fields.values()] - tables.sort() - for key in foreign_fields.keys(): - foreign_keys[foreign_fields[key][0]] = key - for table in tables: - if table in ['roles']: - _join += " LEFT JOIN roles USING(role_id) " - else: - _join += " LEFT JOIN %s USING (person_id) " % (table) - else: - tables = set() - columns = filter(lambda column: column in db_fields+foreign_fields.keys(), columns) - columns.sort() - for column in columns: - if column in foreign_fields.keys(): - (field, table) = foreign_fields[column] - foreign_keys[field] = column - fields += [field] - tables.add(table) - if column in ['roles']: - _join += " LEFT JOIN roles USING(role_id) " - else: - _join += " LEFT JOIN %s USING (person_id)" % \ - (foreign_fields[column][1]) - - else: - fields += [column] - - # postgres will return timestamps as datetime objects. - # XMLPRC cannot marshal datetime so convert to int - timestamps = ['date_created', 'last_updated', 'verification_expires'] - for field in fields: - if field in timestamps: - fields[fields.index(field)] = \ - "CAST(date_part('epoch', %s) AS bigint) AS %s" % (field, field) - - _select += ", ".join(fields) - sql = _select + _from + _join + _where - - # deal with filter + view = "view_persons" + for tagname in self.tag_columns: + view= "%s left join %s using (%s)"%(view,Person.tagvalue_view_name(tagname), + Person.primary_key) + + sql = "SELECT %s FROM %s WHERE deleted IS False" % \ + (", ".join(self.columns.keys()+self.tag_columns.keys()),view) + if person_filter is not None: if isinstance(person_filter, (list, tuple, set)): # Separate the list into integers and strings @@ -456,29 +400,4 @@ class Persons(Table): else: raise PLCInvalidArgument, "Wrong person filter %r"%person_filter - # aggregate data - all_persons = {} - for row in self.api.db.selectall(sql): - person_id = row['person_id'] - - if all_persons.has_key(person_id): - for (key, key_list) in foreign_keys.items(): - data = row.pop(key) - row[key_list] = [data] - if data and data not in all_persons[person_id][key_list]: - all_persons[person_id][key_list].append(data) - else: - for key in foreign_keys.keys(): - value = row.pop(key) - if value: - row[foreign_keys[key]] = [value] - else: - row[foreign_keys[key]] = [] - if row: - all_persons[person_id] = row - - # populate self - for row in all_persons.values(): - obj = self.classobj(self.api, row) - self.append(obj) - + self.selectall(sql)