Lines 63-75
Link Here
|
63 |
def close(self): |
63 |
def close(self): |
64 |
"""Close the database, after committing any changes, if needed.""" |
64 |
"""Close the database, after committing any changes, if needed.""" |
65 |
|
65 |
|
66 |
if getattr(self, 'db'): |
66 |
try: |
67 |
try: |
67 |
self.db.commit() |
68 |
if self.db.transactions: |
68 |
finally: |
69 |
self.db.commit() |
69 |
self.db.close() |
70 |
finally: |
|
|
71 |
self.db.close() |
72 |
|
73 |
|
70 |
|
74 |
def get_class(self, classname): |
71 |
def get_class(self, classname): |
75 |
"""Return the class for the given classname.""" |
72 |
"""Return the class for the given classname.""" |
Lines 115-165
Link Here
|
115 |
|
112 |
|
116 |
def list(self, username, password, classname, propname=None): |
113 |
def list(self, username, password, classname, propname=None): |
117 |
r = RoundupRequest(self.tracker, username, password) |
114 |
r = RoundupRequest(self.tracker, username, password) |
118 |
cl = r.get_class(classname) |
115 |
try: |
119 |
if not propname: |
116 |
cl = r.get_class(classname) |
120 |
propname = cl.labelprop() |
117 |
if not propname: |
121 |
def has_perm(itemid): |
118 |
propname = cl.labelprop() |
122 |
return True |
119 |
result = [ cl.get(itemid, propname) for itemid in cl.list() |
123 |
r.db.security.hasPermission('View', r.userid, classname, |
120 |
if r.db.security.hasPermission \ |
124 |
itemid=itemid, property=propname) |
121 |
('View', r.userid, classname, propname, itemid) |
125 |
result = [cl.get(id, propname) for id in cl.list() |
122 |
] |
126 |
if has_perm(id)] |
123 |
finally: |
127 |
r.close() |
124 |
r.close() |
128 |
return result |
125 |
return result |
129 |
|
126 |
|
130 |
def display(self, username, password, designator, *properties): |
127 |
def display(self, username, password, designator, *properties): |
131 |
r = RoundupRequest(self.tracker, username, password) |
128 |
r = RoundupRequest(self.tracker, username, password) |
132 |
classname, itemid = hyperdb.splitDesignator(designator) |
129 |
try: |
133 |
|
130 |
classname, itemid = hyperdb.splitDesignator(designator) |
134 |
if not r.db.security.hasPermission('View', r.userid, classname, |
131 |
cl = r.get_class(classname) |
135 |
itemid=itemid): |
132 |
props = properties and list(properties) or cl.properties.keys() |
136 |
raise Unauthorised('Permission to view %s denied'%designator) |
133 |
props.sort() |
137 |
|
134 |
for p in props: |
138 |
cl = r.get_class(classname) |
135 |
if not r.db.security.hasPermission \ |
139 |
props = properties and list(properties) or cl.properties.keys() |
136 |
('View', r.userid, classname, p, itemid): |
140 |
props.sort() |
137 |
raise Unauthorised \ |
141 |
result = [(property, cl.get(itemid, property)) for property in props] |
138 |
('Permission to view %s of %s denied' % (p, designator)) |
142 |
r.close() |
139 |
result = [(prop, cl.get(itemid, prop)) for prop in props] |
|
|
140 |
finally: |
141 |
r.close() |
143 |
return dict(result) |
142 |
return dict(result) |
144 |
|
143 |
|
145 |
def create(self, username, password, classname, *args): |
144 |
def create(self, username, password, classname, *args): |
146 |
r = RoundupRequest(self.tracker, username, password) |
145 |
r = RoundupRequest(self.tracker, username, password) |
|
|
146 |
try: |
147 |
if not r.db.security.hasPermission('Create', r.userid, classname): |
148 |
raise Unauthorised('Permission to create %s denied'%classname) |
147 |
|
149 |
|
148 |
if not r.db.security.hasPermission('Create', r.userid, classname): |
150 |
cl = r.get_class(classname) |
149 |
raise Unauthorised('Permission to create %s denied'%classname) |
|
|
150 |
|
151 |
cl = r.get_class(classname) |
152 |
|
151 |
|
153 |
# convert types |
152 |
# convert types |
154 |
props = r.props_from_args(cl, args) |
153 |
props = r.props_from_args(cl, args) |
155 |
|
154 |
|
156 |
# check for the key property |
155 |
# check for the key property |
157 |
key = cl.getkey() |
156 |
key = cl.getkey() |
158 |
if key and not props.has_key(key): |
157 |
if key and not props.has_key(key): |
159 |
raise UsageError, 'you must provide the "%s" property.'%key |
158 |
raise UsageError, 'you must provide the "%s" property.'%key |
160 |
|
159 |
|
161 |
# do the actual create |
160 |
# do the actual create |
162 |
try: |
|
|
163 |
try: |
161 |
try: |
164 |
result = cl.create(**props) |
162 |
result = cl.create(**props) |
165 |
except (TypeError, IndexError, ValueError), message: |
163 |
except (TypeError, IndexError, ValueError), message: |
Lines 170-188
Link Here
|
170 |
|
168 |
|
171 |
def set(self, username, password, designator, *args): |
169 |
def set(self, username, password, designator, *args): |
172 |
r = RoundupRequest(self.tracker, username, password) |
170 |
r = RoundupRequest(self.tracker, username, password) |
173 |
classname, itemid = hyperdb.splitDesignator(designator) |
|
|
174 |
|
175 |
if not r.db.security.hasPermission('Edit', r.userid, classname, |
176 |
itemid=itemid): |
177 |
raise Unauthorised('Permission to edit %s denied'%designator) |
178 |
|
179 |
cl = r.get_class(classname) |
180 |
|
181 |
# convert types |
182 |
props = r.props_from_args(cl, args) |
183 |
try: |
171 |
try: |
|
|
172 |
classname, itemid = hyperdb.splitDesignator(designator) |
173 |
cl = r.get_class(classname) |
174 |
props = r.props_from_args(cl, args) # convert types |
175 |
for p in props.iterkeys (): |
176 |
if not r.db.security.hasPermission \ |
177 |
('Edit', r.userid, classname, p, itemid): |
178 |
raise Unauthorised\ |
179 |
('Permission to edit %s of %s denied'%(p, designator)) |
184 |
try: |
180 |
try: |
185 |
cl.set(itemid, **props) |
181 |
return cl.set(itemid, **props) |
186 |
except (TypeError, IndexError, ValueError), message: |
182 |
except (TypeError, IndexError, ValueError), message: |
187 |
raise UsageError, message |
183 |
raise UsageError, message |
188 |
finally: |
184 |
finally: |