[ckan-changes] commit/ckan: 2 new changesets
Bitbucket
commits-noreply at bitbucket.org
Wed Jun 22 11:33:31 UTC 2011
2 new changesets in ckan:
http://bitbucket.org/okfn/ckan/changeset/5f705a610656/
changeset: 5f705a610656
branch: feature-1094-authz
user: kindly
date: 2011-06-22 13:02:21
summary: [authz] add migration for authorization_override
affected #: 4 files (4.8 KB)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/ckan/migration/versions/040_auth_refactor.py Wed Jun 22 12:02:21 2011 +0100
@@ -0,0 +1,115 @@
+from migrate import *
+
+def upgrade(migrate_engine):
+
+ migrate_engine.execute('''
+--to drop
+--DROP TABLE authorization_group;
+--DROP TABLE authorization_group_role;
+--DROP TABLE authorization_group_user;
+--DROP TABLE user_object_role;
+--DROP TABLE group_role;
+--DROP TABLE package_role;
+--DROP TABLE system_role;
+BEGIN;
+
+alter table group_role drop constraint group_role_group_id_fkey;
+alter table package_role drop constraint package_role_package_id_fkey;
+alter table user_object_role drop constraint user_object_role_authorized_group_id_fkey;
+alter table user_object_role drop constraint user_object_role_user_id_fkey;
+
+CREATE TABLE authorization_override (
+ id text NOT NULL,
+ user_id text,
+ object_id text NOT NULL,
+ object_type text NOT NULL,
+ "role" text
+);
+
+insert into authorization_override
+select
+ user_object_role.id,
+ user_object_role.user_id,
+ package_id,
+ 'package',
+ user_object_role.role
+from
+ user_object_role
+join
+ package_role on package_role.user_object_role_id = user_object_role.id;
+
+insert into authorization_override
+select
+ user_object_role.id,
+ user_object_role.user_id,
+ group_id,
+ 'group',
+ user_object_role.role
+from
+ user_object_role
+join
+ group_role on group_role.user_object_role_id = user_object_role.id;
+
+
+CREATE TABLE user_group (
+ id text NOT NULL,
+ name text NOT NULL,
+ parent_id text
+);
+
+CREATE TABLE user_group_extra (
+ id text NOT NULL,
+ user_group_id text NOT NULL,
+ "key" text NOT NULL,
+ "value" text NOT NULL
+);
+
+CREATE TABLE user_group_package (
+ id text NOT NULL,
+ user_group_id text NOT NULL,
+ package_id text NOT NULL,
+ capacity text
+);
+
+CREATE TABLE user_group_user (
+ id text NOT NULL,
+ user_group_id text NOT NULL,
+ user_id text NOT NULL,
+ capacity text
+);
+
+ALTER TABLE authorization_override
+ ADD CONSTRAINT authorization_override_pkey PRIMARY KEY (id);
+
+ALTER TABLE user_group
+ ADD CONSTRAINT user_group_pkey PRIMARY KEY (id);
+
+ALTER TABLE user_group_extra
+ ADD CONSTRAINT user_group_extra_pkey PRIMARY KEY (id);
+
+ALTER TABLE user_group_package
+ ADD CONSTRAINT user_group_package_pkey PRIMARY KEY (id);
+
+ALTER TABLE user_group_user
+ ADD CONSTRAINT user_group_user_pkey PRIMARY KEY (id);
+
+ALTER TABLE authorization_override
+ ADD CONSTRAINT authorization_override_user_id_fkey FOREIGN KEY (user_id) REFERENCES "user"(id);
+
+ALTER TABLE user_group_extra
+ ADD CONSTRAINT user_group_extra_user_group_id_fkey FOREIGN KEY (user_group_id) REFERENCES user_group(id);
+
+ALTER TABLE user_group_package
+ ADD CONSTRAINT user_group_package_package_id_fkey FOREIGN KEY (package_id) REFERENCES package(id);
+
+ALTER TABLE user_group_package
+ ADD CONSTRAINT user_group_package_user_group_id_fkey FOREIGN KEY (user_group_id) REFERENCES user_group(id);
+
+ALTER TABLE user_group_user
+ ADD CONSTRAINT user_group_user_user_group_id_fkey FOREIGN KEY (user_group_id) REFERENCES user_group(id);
+
+ALTER TABLE user_group_user
+ ADD CONSTRAINT user_group_user_user_id_fkey FOREIGN KEY (user_id) REFERENCES "user"(id);
+
+COMMIT;
+''')
--- a/ckan/model/__init__.py Tue Jun 21 15:20:10 2011 +0100
+++ b/ckan/model/__init__.py Wed Jun 22 12:02:21 2011 +0100
@@ -109,6 +109,7 @@
has shortcuts.
'''
self.metadata.create_all(bind=self.metadata.bind)
+ return
self.init_const_data()
self.init_configuration_data()
--- a/ckan/model/authorization_group.py Tue Jun 21 15:20:10 2011 +0100
+++ b/ckan/model/authorization_group.py Wed Jun 22 12:02:21 2011 +0100
@@ -5,18 +5,18 @@
from user import User, user_table
from types import make_uuid
-authorization_group_table = Table('authorization_group', metadata,
- Column('id', UnicodeText, primary_key=True, default=make_uuid),
- Column('name', UnicodeText),
- Column('created', DateTime, default=datetime.now),
- )
+#authorization_group_table = Table('authorization_group', metadata,
+# Column('id', UnicodeText, primary_key=True, default=make_uuid),
+# Column('name', UnicodeText),
+# Column('created', DateTime, default=datetime.now),
+# )
-authorization_group_user_table = Table('authorization_group_user', metadata,
- Column('id', UnicodeText, primary_key=True, default=make_uuid),
- Column('authorization_group_id', UnicodeText, ForeignKey('authorization_group.id'),
- nullable=False),
- Column('user_id', UnicodeText, ForeignKey('user.id'), nullable=False)
- )
+#authorization_group_user_table = Table('authorization_group_user', metadata,
+# Column('id', UnicodeText, primary_key=True, default=make_uuid),
+# Column('authorization_group_id', UnicodeText, ForeignKey('authorization_group.id'),
+# nullable=False),
+# Column('user_id', UnicodeText, ForeignKey('user.id'), nullable=False)
+# )
class AuthorizationGroup(DomainObject):
@@ -65,10 +65,10 @@
-mapper(AuthorizationGroup, authorization_group_table, properties={
- 'users': relation(User, lazy=True, secondary=authorization_group_user_table,
- backref=backref('authorization_groups', lazy=True))
- },
- order_by=authorization_group_table.c.name)
-
-mapper(AuthorizationGroupUser, authorization_group_user_table)
+#mapper(AuthorizationGroup, authorization_group_table, properties={
+# 'users': relation(User, lazy=True, secondary=authorization_group_user_table,
+# backref=backref('authorization_groups', lazy=True))
+# },
+# order_by=authorization_group_table.c.name)
+#
+#mapper(AuthorizationGroupUser, authorization_group_user_table)
--- a/ckan/model/authz.py Tue Jun 21 15:20:10 2011 +0100
+++ b/ckan/model/authz.py Wed Jun 22 12:02:21 2011 +0100
@@ -9,7 +9,7 @@
from types import make_uuid
from user import User
from core import System
-from authorization_group import AuthorizationGroup, authorization_group_table
+#from authorization_group import AuthorizationGroup, authorization_group_table
PSEUDO_USER__LOGGED_IN = u'logged_in'
PSEUDO_USER__VISITOR = u'visitor'
@@ -90,32 +90,47 @@
Column('action', UnicodeText),
)
-user_object_role_table = Table('user_object_role', metadata,
+authorization_override_table = Table(
+ 'authorization_override', metadata,
Column('id', UnicodeText, primary_key=True, default=make_uuid),
Column('user_id', UnicodeText, ForeignKey('user.id'), nullable=True),
- Column('authorized_group_id', UnicodeText, ForeignKey('authorization_group.id'), nullable=True),
- Column('context', UnicodeText, nullable=False),
+ #Column('authorized_group_id', UnicodeText, ForeignKey('authorization_group.id'), nullable=True),
+ Column('object_id', UnicodeText, nullable=False),
+ Column('object_type', UnicodeText, nullable=False),
Column('role', UnicodeText)
)
-package_role_table = Table('package_role', metadata,
- Column('user_object_role_id', UnicodeText, ForeignKey('user_object_role.id'), primary_key=True),
- Column('package_id', UnicodeText, ForeignKey('package.id')),
- )
+user_group_table = Table(
+ 'user_group', metadata,
+ Column('id', UnicodeText, primary_key=True, default=make_uuid),
+ Column('name', UnicodeText, nullable=False),
+ Column('parent_id', UnicodeText, nullable=True),
+)
-group_role_table = Table('group_role', metadata,
- Column('user_object_role_id', UnicodeText, ForeignKey('user_object_role.id'), primary_key=True),
- Column('group_id', UnicodeText, ForeignKey('group.id')),
- )
-
-authorization_group_role_table = Table('authorization_group_role', metadata,
- Column('user_object_role_id', UnicodeText, ForeignKey('user_object_role.id'), primary_key=True),
- Column('authorization_group_id', UnicodeText, ForeignKey('authorization_group.id')),
- )
+user_group_extra_table = Table(
+ 'user_group_extra', metadata,
+ Column('id', UnicodeText, primary_key=True, default=make_uuid),
+ Column('user_group_id', UnicodeText, ForeignKey('user_group.id'), nullable=False),
+ Column('key', UnicodeText, nullable=False),
+ Column('value', UnicodeText, nullable=False),
+)
-system_role_table = Table('system_role', metadata,
- Column('user_object_role_id', UnicodeText, ForeignKey('user_object_role.id'), primary_key=True),
- )
+user_group_user_table = Table(
+ 'user_group_user', metadata,
+ Column('id', UnicodeText, primary_key=True, default=make_uuid),
+ Column('user_group_id', UnicodeText, ForeignKey('user_group.id'), nullable=False),
+ Column('user_id', UnicodeText, ForeignKey('user.id'), nullable=False),
+ Column('capacity', UnicodeText),
+)
+
+user_group_package_table = Table(
+ 'user_group_package', metadata,
+ Column('id', UnicodeText, primary_key=True, default=make_uuid),
+ Column('user_group_id', UnicodeText, ForeignKey('user_group.id'), nullable=False),
+ Column('package_id', UnicodeText, ForeignKey('package.id'), nullable=False),
+ Column('capacity', UnicodeText),
+)
+
class RoleAction(DomainObject):
@@ -127,7 +142,7 @@
# dictionary mapping protected objects (e.g. Package) to related ObjectRole
protected_objects = {}
-class UserObjectRole(DomainObject):
+class AuthorizationOverride(DomainObject):
name = None
protected_object = None
@@ -233,25 +248,6 @@
Session.commit()
Session.remove()
-class PackageRole(UserObjectRole):
- protected_object = Package
- name = 'package'
-protected_objects[PackageRole.protected_object] = PackageRole
-
-class GroupRole(UserObjectRole):
- protected_object = Group
- name = 'group'
-protected_objects[GroupRole.protected_object] = GroupRole
-
-class AuthorizationGroupRole(UserObjectRole):
- protected_object = AuthorizationGroup
- name = 'authorization_group'
-protected_objects[AuthorizationGroupRole.protected_object] = AuthorizationGroupRole
-
-class SystemRole(UserObjectRole):
- protected_object = System
- name = None
-protected_objects[SystemRole.protected_object] = SystemRole
@@ -422,62 +418,14 @@
mapper(RoleAction, role_action_table)
-mapper(UserObjectRole, user_object_role_table,
- polymorphic_on=user_object_role_table.c.context,
- polymorphic_identity=u'user_object',
+mapper(AuthorizationOverride, authorization_override_table,
properties={
'user': orm.relation(User,
backref=orm.backref('roles',
cascade='all, delete, delete-orphan'
)
),
- 'authorized_group': orm.relation(AuthorizationGroup,
- backref=orm.backref('authorized_roles',
- cascade='all, delete, delete-orphan'
- )
- )
},
- order_by=[user_object_role_table.c.id],
+ order_by=[authorization_override_table.c.id],
)
-mapper(PackageRole, package_role_table, inherits=UserObjectRole,
- polymorphic_identity=unicode(Package.__name__),
- properties={
- 'package': orm.relation(Package,
- backref=orm.backref('roles',
- cascade='all, delete, delete-orphan'
- )
- ),
- },
- order_by=[package_role_table.c.user_object_role_id],
-)
-
-mapper(GroupRole, group_role_table, inherits=UserObjectRole,
- polymorphic_identity=unicode(Group.__name__),
- properties={
- 'group': orm.relation(Group,
- backref=orm.backref('roles',
- cascade='all, delete, delete-orphan'
- ),
- )
- },
- order_by=[group_role_table.c.user_object_role_id],
-)
-
-mapper(AuthorizationGroupRole, authorization_group_role_table, inherits=UserObjectRole,
- polymorphic_identity=unicode(AuthorizationGroup.__name__),
- properties={
- 'authorization_group': orm.relation(AuthorizationGroup,
- backref=orm.backref('roles',
- primaryjoin=authorization_group_table.c.id==authorization_group_role_table.c.authorization_group_id,
- cascade='all, delete, delete-orphan'
- ),
- )
- },
- order_by=[authorization_group_role_table.c.user_object_role_id],
-)
-
-mapper(SystemRole, system_role_table, inherits=UserObjectRole,
- polymorphic_identity=unicode(System.__name__),
- order_by=[system_role_table.c.user_object_role_id],
-)
http://bitbucket.org/okfn/ckan/changeset/5793f3420488/
changeset: 5793f3420488
branch: feature-1141-moderated-edits-ajax
user: kindly
date: 2011-06-22 13:32:56
summary: [home] sort out ordering of last 5 packages
affected #: 1 file (77 bytes)
--- a/ckan/logic/action/get.py Wed Jun 22 09:42:30 2011 +0100
+++ b/ckan/logic/action/get.py Wed Jun 22 12:32:56 2011 +0100
@@ -30,6 +30,7 @@
limit = context.get("limit")
q = ckan.authz.Authorizer().authorized_query(user, model.PackageRevision)
+ q = q.order_by(model.package_revision_table.c.revision_timestamp.desc())
if limit:
q = q.limit(limit)
pack_rev = q.all()
Repository URL: https://bitbucket.org/okfn/ckan/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list