X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=PLC%2FPersons.py;h=d2bb510d392c15dc76717be023b56334eabb4d02;hb=refs%2Fheads%2Fplanetlab-4_0-branch;hp=01ba8225d242aee8b640efa5ea40c45bf1662a9a;hpb=8443b752189a6e8e834f92bef995d4e7a32441bf;p=plcapi.git diff --git a/PLC/Persons.py b/PLC/Persons.py index 01ba822..d2bb510 100644 --- a/PLC/Persons.py +++ b/PLC/Persons.py @@ -4,7 +4,7 @@ # Mark Huang # Copyright (C) 2006 The Trustees of Princeton University # -# $Id: Persons.py,v 1.3 2006/09/08 19:45:46 mlhuang Exp $ +# $Id: Persons.py 5652 2007-11-06 03:42:57Z tmack $ # from types import StringTypes @@ -16,13 +16,13 @@ import re import crypt from PLC.Faults import * -from PLC.Parameter import Parameter -from PLC.Debug import profile +from PLC.Debug import log +from PLC.Parameter import Parameter, Mixed +from PLC.Filter import Filter from PLC.Table import Row, Table -from PLC.Roles import Roles -from PLC.Addresses import Address, Addresses +from PLC.Roles import Role, Roles from PLC.Keys import Key, Keys -import PLC.Sites +from PLC.Messages import Message, Messages class Person(Row): """ @@ -31,31 +31,58 @@ class Person(Row): dict. Commit to the database with sync(). """ + table_name = 'persons' + primary_key = 'person_id' + join_tables = ['person_key', 'person_role', 'person_site', 'slice_person', 'person_session', 'peer_person'] fields = { - 'person_id': Parameter(int, "Account identifier"), + 'person_id': Parameter(int, "User identifier"), 'first_name': Parameter(str, "Given name", max = 128), 'last_name': Parameter(str, "Surname", max = 128), - 'title': Parameter(str, "Title", max = 128), + 'title': Parameter(str, "Title", max = 128, nullok = True), 'email': Parameter(str, "Primary e-mail address", max = 254), - 'phone': Parameter(str, "Telephone number", max = 64), - 'url': Parameter(str, "Home page", max = 254), - 'bio': Parameter(str, "Biography", max = 254), + 'phone': Parameter(str, "Telephone number", max = 64, nullok = True), + 'url': Parameter(str, "Home page", max = 254, nullok = True), + 'bio': Parameter(str, "Biography", max = 254, nullok = True), 'enabled': Parameter(bool, "Has been enabled"), - 'deleted': Parameter(bool, "Has been deleted"), 'password': Parameter(str, "Account password in crypt() form", max = 254), - 'last_updated': Parameter(str, "Date and time of last update"), - 'date_created': Parameter(str, "Date and time when account was created"), + 'verification_key': Parameter(str, "Reset password key", max = 254, nullok = True), + 'verification_expires': Parameter(int, "Date and time when verification_key expires", nullok = True), + 'last_updated': Parameter(int, "Date and time of last update", ro = True), + 'date_created': Parameter(int, "Date and time when account was created", ro = True), 'role_ids': Parameter([int], "List of role identifiers"), 'roles': Parameter([str], "List of roles"), 'site_ids': Parameter([int], "List of site identifiers"), - 'address_ids': Parameter([int], "List of address identifiers"), 'key_ids': Parameter([int], "List of key identifiers"), - # 'slice_ids': Parameter([int], "List of slice identifiers"), + 'slice_ids': Parameter([int], "List of slice identifiers"), + 'peer_id': Parameter(int, "Peer to which this user belongs", nullok = True), + 'peer_person_id': Parameter(int, "Foreign user identifier at peer", nullok = True), } - - def __init__(self, api, fields): - Row.__init__(self, fields) - self.api = api + related_fields = { + 'roles': [Mixed(Parameter(int, "Role identifier"), + Parameter(str, "Role name"))], + 'sites': [Mixed(Parameter(int, "Site identifier"), + Parameter(str, "Site name"))], + 'keys': [Mixed(Parameter(int, "Key identifier"), + Filter(Key.fields))], + 'slices': [Mixed(Parameter(int, "Slice identifier"), + Parameter(str, "Slice name"))] + } + + + + # for Cache + class_key = 'email' + foreign_fields = ['first_name', 'last_name', 'title', 'email', 'phone', 'url', + 'bio', 'enabled', 'password', ] + # forget about these ones, they are read-only anyway + # handling them causes Cache to re-sync all over again + # 'last_updated', 'date_created' + foreign_xrefs = [ + {'field' : 'key_ids', 'class': 'Key', 'table' : 'person_key' } , + {'field' : 'site_ids', 'class': 'Site', 'table' : 'person_site'}, +# xxx this is not handled by Cache yet +# 'role_ids': Parameter([int], "List of role identifiers"), +] def validate_email(self, email): """ @@ -79,15 +106,22 @@ class Person(Row): rest = email[at_sign+1:] domain = rest.split('.') - # This means local, unqualified addresses, are no allowed + # This means local, unqualified addresses, are not allowed if not domain: raise invalid_email if len(domain) < 2: raise invalid_email - conflicts = Persons(self.api, [email]) - for person_id, person in conflicts.iteritems(): - if not person['deleted'] and ('person_id' not in self or self['person_id'] != person_id): + # check only against users on the same peer + if 'peer_id' in self: + namespace_peer_id = self['peer_id'] + else: + namespace_peer_id = None + + conflicts = Persons(self.api, {'email':email,'peer_id':namespace_peer_id}) + + for person in conflicts: + if 'person_id' not in self or self['person_id'] != person['person_id']: raise PLCInvalidArgument, "E-mail address already in use" return email @@ -109,6 +143,10 @@ class Person(Row): salt = md5.md5(salt).hexdigest()[:8] return crypt.crypt(password.encode(self.api.encoding), magic + salt + "$") + validate_date_created = Row.validate_timestamp + validate_last_updated = Row.validate_timestamp + validate_verification_expires = Row.validate_timestamp + def can_update(self, person): """ Returns true if we can update the specified person. We can @@ -157,52 +195,18 @@ class Person(Row): return False - def add_role(self, role_id, commit = True): - """ - Add role to existing account. - """ - - assert 'person_id' in self - - person_id = self['person_id'] - self.api.db.do("INSERT INTO person_role (person_id, role_id)" \ - " VALUES(%(person_id)d, %(role_id)d)", - locals()) - - if commit: - self.api.db.commit() + add_role = Row.add_object(Role, 'person_role') + remove_role = Row.remove_object(Role, 'person_role') - assert 'role_ids' in self - if role_id not in self['role_ids']: - self['role_ids'].append(role_id) - - def remove_role(self, role_id, commit = True): - """ - Remove role from existing account. - """ - - assert 'person_id' in self - - person_id = self['person_id'] - self.api.db.do("DELETE FROM person_role" \ - " WHERE person_id = %(person_id)d" \ - " AND role_id = %(role_id)d", - locals()) - - if commit: - self.api.db.commit() - - assert 'role_ids' in self - if role_id in self['role_ids']: - self['role_ids'].remove(role_id) + add_key = Row.add_object(Key, 'person_key') + remove_key = Row.remove_object(Key, 'person_key') def set_primary_site(self, site, commit = True): """ - Set the primary site for an existing account. + Set the primary site for an existing user. """ assert 'person_id' in self - assert isinstance(site, PLC.Sites.Site) assert 'site_id' in site person_id = self['person_id'] @@ -225,67 +229,157 @@ class Person(Row): self['site_ids'].remove(site_id) self['site_ids'].insert(0, site_id) - def sync(self, commit = True): + def update_last_updated(self, commit = True): + """ + Update last_updated field with current time + """ + + assert 'person_id' in self + assert self.table_name + + self.api.db.do("UPDATE %s SET last_updated = CURRENT_TIMESTAMP " % (self.table_name) + \ + " where person_id = %d" % (self['person_id']) ) + self.sync(commit) + + def associate_roles(self, auth, field, value): + """ + Adds roles found in value list to this person (using AddRoleToPerson). + Deletes roles not found in value list from this person (using DeleteRoleFromPerson). + """ + + assert 'role_ids' in self + assert 'person_id' in self + assert isinstance(value, list) + + (role_ids, roles_names) = self.separate_types(value)[0:2] + + # Translate roles into role_ids + if roles_names: + roles = Roles(self.api, role_names, ['role_id']).dict('role_id') + role_ids += roles.keys() + + # Add new ids, remove stale ids + if self['role_ids'] != role_ids: + from PLC.Methods.AddRoleToPerson import AddRoleToPerson + from PLC.Methods.DeleteRoleFromPerson import DeleteRoleFromPerson + new_roles = set(role_ids).difference(self['role_ids']) + stale_roles = set(self['role_ids']).difference(role_ids) + + for new_role in new_roles: + AddRoleToPerson.__call__(AddRoleToPerson(self.api), auth, new_role, self['person_id']) + for stale_role in stale_roles: + DeleteRoleFromPerson.__call__(DeleteRoleFromPerson(self.api), auth, stale_role, self['person_id']) + + + def associate_sites(self, auth, field, value): """ - Commit changes back to the database. + Adds person to sites found in value list (using AddPersonToSite). + Deletes person from site not found in value list (using DeletePersonFromSite). """ - self.validate() + from PLC.Sites import Sites - # Fetch a new person_id if necessary - if 'person_id' not in self: - rows = self.api.db.selectall("SELECT NEXTVAL('persons_person_id_seq') AS person_id") - if not rows: - raise PLCDBError, "Unable to fetch new person_id" - self['person_id'] = rows[0]['person_id'] - insert = True - else: - insert = False + assert 'site_ids' in self + assert 'person_id' in self + assert isinstance(value, list) - # Filter out fields that cannot be set or updated directly - persons_fields = self.api.db.fields('persons') - fields = dict(filter(lambda (key, value): key in persons_fields, - self.items())) + (site_ids, site_names) = self.separate_types(value)[0:2] - # Parameterize for safety - keys = fields.keys() - values = [self.api.db.param(key, value) for (key, value) in fields.items()] + # Translate roles into role_ids + if site_names: + sites = Sites(self.api, site_names, ['site_id']).dict('site_id') + site_ids += sites.keys() - if insert: - # Insert new row in persons table - sql = "INSERT INTO persons (%s) VALUES (%s)" % \ - (", ".join(keys), ", ".join(values)) - else: - # Update existing row in persons table - columns = ["%s = %s" % (key, value) for (key, value) in zip(keys, values)] - sql = "UPDATE persons SET " + \ - ", ".join(columns) + \ - " WHERE person_id = %(person_id)d" + # Add new ids, remove stale ids + if self['site_ids'] != site_ids: + from PLC.Methods.AddPersonToSite import AddPersonToSite + from PLC.Methods.DeletePersonFromSite import DeletePersonFromSite + new_sites = set(site_ids).difference(self['site_ids']) + stale_sites = set(self['site_ids']).difference(site_ids) - self.api.db.do(sql, fields) + for new_site in new_sites: + AddPersonToSite.__call__(AddPersonToSite(self.api), auth, self['person_id'], new_site) + for stale_site in stale_sites: + DeletePersonFromSite.__call__(DeletePersonFromSite(self.api), auth, self['person_id'], stale_site) - if commit: - self.api.db.commit() - def delete(self, commit = True): + def associate_keys(self, auth, field, value): + """ + Deletes key_ids not found in value list (using DeleteKey). + Adds key if key_fields w/o key_id is found (using AddPersonKey). + Updates key if key_fields w/ key_id is found (using UpdateKey). """ - Delete existing account. + assert 'key_ids' in self + assert 'person_id' in self + assert isinstance(value, list) + + (key_ids, blank, keys) = self.separate_types(value) + + if self['key_ids'] != key_ids: + from PLC.Methods.DeleteKey import DeleteKey + stale_keys = set(self['key_ids']).difference(key_ids) + + for stale_key in stale_keys: + DeleteKey.__call__(DeleteKey(self.api), auth, stale_key) + + if keys: + from PLC.Methods.AddPersonKey import AddPersonKey + from PLC.Methods.UpdateKey import UpdateKey + updated_keys = filter(lambda key: 'key_id' in key, keys) + added_keys = filter(lambda key: 'key_id' not in key, keys) + + for key in added_keys: + AddPersonKey.__call__(AddPersonKey(self.api), auth, self['person_id'], key) + for key in updated_keys: + key_id = key.pop('key_id') + UpdateKey.__call__(UpdateKey(self.api), auth, key_id, key) + + + def associate_slices(self, auth, field, value): """ + Adds person to slices found in value list (using AddPersonToSlice). + Deletes person from slices found in value list (using DeletePersonFromSlice). + """ + + from PLC.Slices import Slices + + assert 'slice_ids' in self + assert 'person_id' in self + assert isinstance(value, list) + + (slice_ids, slice_names) = self.separate_types(value)[0:2] + + # Translate roles into role_ids + if slice_names: + slices = Slices(self.api, slice_names, ['slice_id']).dict('slice_id') + slice_ids += slices.keys() - # Delete all addresses - addresses = Addresses(self.api, self['address_ids']) - for address in addresses.values(): - address.delete(commit = False) + # Add new ids, remove stale ids + if self['slice_ids'] != slice_ids: + from PLC.Methods.AddPersonToSlice import AddPersonToSlice + from PLC.Methods.DeletePersonFromSlice import DeletePersonFromSlice + new_slices = set(slice_ids).difference(self['slice_ids']) + stale_slices = set(self['slice_ids']).difference(slice_ids) + + for new_slice in new_slices: + AddPersonToSlice.__call__(AddPersonToSlice(self.api), auth, self['person_id'], new_slice) + for stale_slice in stale_slices: + DeletePersonFromSlice.__call__(DeletePersonFromSlice(self.api), auth, self['person_id'], stale_slice) + + + def delete(self, commit = True): + """ + Delete existing user. + """ # Delete all keys keys = Keys(self.api, self['key_ids']) - for key in keys.values(): + for key in keys: key.delete(commit = False) # Clean up miscellaneous join tables - for table in ['person_role', 'person_site']: - self.api.db.do("DELETE FROM %s" \ - " WHERE person_id = %d" % \ + for table in self.join_tables: + self.api.db.do("DELETE FROM %s WHERE person_id = %d" % \ (table, self['person_id'])) # Mark as deleted @@ -295,47 +389,113 @@ class Person(Row): class Persons(Table): """ Representation of row(s) from the persons table in the - database. Specify deleted and/or enabled to force a match on - whether a person is deleted and/or enabled. Default is to match on - non-deleted accounts. + database. """ - def __init__(self, api, person_id_or_email_list = None, fields = Person.fields, deleted = False, enabled = None): - self.api = api - - sql = "SELECT %s FROM view_persons WHERE TRUE" % \ - ", ".join(fields) - - if deleted is not None: - sql += " AND deleted IS %(deleted)s" - - if enabled is not None: - sql += " AND enabled IS %(enabled)s" - - if person_id_or_email_list: - # Separate the list into integers and strings - person_ids = filter(lambda person_id: isinstance(person_id, (int, long)), - person_id_or_email_list) - emails = filter(lambda email: isinstance(email, StringTypes), - person_id_or_email_list) - sql += " AND (False" - if person_ids: - sql += " OR person_id IN (%s)" % ", ".join(map(str, person_ids)) - if emails: - # Case insensitive e-mail address comparison - sql += " OR lower(email) IN (%s)" % ", ".join(api.db.quote(emails)).lower() - sql += ")" - - rows = self.api.db.selectall(sql, locals()) - - for row in rows: - self[row['person_id']] = person = Person(api, row) - for aggregate in 'role_ids', 'roles', 'site_ids', 'address_ids', 'key_ids': - if not person.has_key(aggregate) or person[aggregate] is None: - person[aggregate] = [] - else: - elements = person[aggregate].split(',') - try: - person[aggregate] = map(int, elements) - except ValueError: - person[aggregate] = elements + def __init__(self, api, person_filter = None, columns = None): + Table.__init__(self, api, Person, columns) + #sql = "SELECT %s FROM view_persons WHERE deleted IS False" % \ + # ", ".join(self.columns) + foreign_fields = {'role_ids': ('role_id', 'person_role'), + 'roles': ('name', 'roles'), + 'site_ids': ('site_id', 'person_site'), + 'key_ids': ('key_id', 'person_key'), + 'slice_ids': ('slice_id', 'slice_person') + } + foreign_keys = {} + db_fields = filter(lambda field: field not in foreign_fields.keys(), Person.fields.keys()) + all_fields = db_fields + [value[0] for value in foreign_fields.values()] + fields = [] + _select = "SELECT " + _from = " FROM persons " + _join = " LEFT JOIN peer_person USING (person_id) " + _where = " WHERE deleted IS False " + + if not columns: + # include all columns + fields = all_fields + tables = [value[1] for value in foreign_fields.values()] + tables.sort() + for key in foreign_fields.keys(): + foreign_keys[foreign_fields[key][0]] = key + for table in tables: + if table in ['roles']: + _join += " LEFT JOIN roles USING(role_id) " + else: + _join += " LEFT JOIN %s USING (person_id) " % (table) + else: + tables = set() + columns = filter(lambda column: column in db_fields+foreign_fields.keys(), columns) + columns.sort() + for column in columns: + if column in foreign_fields.keys(): + (field, table) = foreign_fields[column] + foreign_keys[field] = column + fields += [field] + tables.add(table) + if column in ['roles']: + _join += " LEFT JOIN roles USING(role_id) " + else: + _join += " LEFT JOIN %s USING (person_id)" % \ + (foreign_fields[column][1]) + + else: + fields += [column] + + # postgres will return timestamps as datetime objects. + # XMLPRC cannot marshal datetime so convert to int + timestamps = ['date_created', 'last_updated', 'verification_expires'] + for field in fields: + if field in timestamps: + fields[fields.index(field)] = \ + "CAST(date_part('epoch', %s) AS bigint) AS %s" % (field, field) + + _select += ", ".join(fields) + sql = _select + _from + _join + _where + + # deal with filter + if person_filter is not None: + if isinstance(person_filter, (list, tuple, set)): + # Separate the list into integers and strings + ints = filter(lambda x: isinstance(x, (int, long)), person_filter) + strs = filter(lambda x: isinstance(x, StringTypes), person_filter) + person_filter = Filter(Person.fields, {'person_id': ints, 'email': strs}) + sql += " AND (%s) %s" % person_filter.sql(api, "OR") + elif isinstance(person_filter, dict): + person_filter = Filter(Person.fields, person_filter) + sql += " AND (%s) %s" % person_filter.sql(api, "AND") + elif isinstance (person_filter, StringTypes): + person_filter = Filter(Person.fields, {'email':[person_filter]}) + sql += " AND (%s) %s" % person_filter.sql(api, "AND") + elif isinstance (person_filter, int): + person_filter = Filter(Person.fields, {'person_id':[person_filter]}) + sql += " AND (%s) %s" % person_filter.sql(api, "AND") + else: + raise PLCInvalidArgument, "Wrong person filter %r"%person_filter + + # aggregate data + all_persons = {} + for row in self.api.db.selectall(sql): + person_id = row['person_id'] + + if all_persons.has_key(person_id): + for (key, key_list) in foreign_keys.items(): + data = row.pop(key) + row[key_list] = [data] + if data and data not in all_persons[person_id][key_list]: + all_persons[person_id][key_list].append(data) + else: + for key in foreign_keys.keys(): + value = row.pop(key) + if value: + row[foreign_keys[key]] = [value] + else: + row[foreign_keys[key]] = [] + if row: + all_persons[person_id] = row + + # populate self + for row in all_persons.values(): + obj = self.classobj(self.api, row) + self.append(obj) +