[ckan-changes] commit/ckan: 2 new changesets
Bitbucket
commits-noreply at bitbucket.org
Fri Jun 24 09:45:07 UTC 2011
2 new changesets in ckan:
http://bitbucket.org/okfn/ckan/changeset/e8364197a338/
changeset: e8364197a338
branch: feature-1198-publisher-hierarcy
user: kindly
date: 2011-06-23 21:50:12
summary: [merge] default
affected #: 12 files (311 bytes)
--- a/CHANGELOG.txt Thu Jun 23 17:26:36 2011 +0100
+++ b/CHANGELOG.txt Thu Jun 23 20:50:12 2011 +0100
@@ -1,6 +1,13 @@
CKAN CHANGELOG
++++++++++++++
+v1.4.2 2011-XX-XX
+=================
+Major:
+ * Packages revisions can be marked as 'moderated' (#1141)
+ * Viewing of a package at any revision (#1141)
+
+
v1.4.1 2011-XX-XX
=================
Minor:
@@ -13,6 +20,7 @@
Bug fixes
* Duplicate authorization roles were difficult to delete (#1083)
+
v1.4 2011-05-19
===============
Major:
--- a/ckan/controllers/group_formalchemy.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/controllers/group_formalchemy.py Thu Jun 23 20:50:12 2011 +0100
@@ -65,7 +65,7 @@
for extension in self.extensions:
extension.create(group)
model.repo.commit_and_remove()
- h.redirect_to(action='read', id=c.groupname)
+ h.redirect_to(controller='group', action='read', id=c.groupname)
if request.params:
data = forms.edit_group_dict(ckan.forms.get_group_dict(), request.params)
@@ -122,4 +122,4 @@
for extension in self.extensions:
extension.edit(group)
model.repo.commit_and_remove()
- h.redirect_to(action='read', id=c.groupname)
+ h.redirect_to(controller='group', action='read', id=c.groupname)
--- a/ckan/controllers/user.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/controllers/user.py Thu Jun 23 20:50:12 2011 +0100
@@ -163,8 +163,7 @@
c.user_fullname = request.params.getone('fullname')
c.user_email = request.params.getone('email')
return render('user/edit.html')
-
- user.about = request.params.getone('about')
+ user.about = about
user.fullname = request.params.getone('fullname')
user.email = request.params.getone('email')
try:
--- a/ckan/model/authorization_group.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/model/authorization_group.py Thu Jun 23 20:50:12 2011 +0100
@@ -8,7 +8,7 @@
authorization_group_table = Table('authorization_group', metadata,
Column('id', UnicodeText, primary_key=True, default=make_uuid),
Column('name', UnicodeText),
- Column('created', DateTime, default=datetime.now),
+ Column('created', DateTime, default=datetime.datetime.now),
)
authorization_group_user_table = Table('authorization_group_user', metadata,
--- a/ckan/model/group.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/model/group.py Thu Jun 23 20:50:12 2011 +0100
@@ -1,5 +1,3 @@
-from datetime import datetime
-
from meta import *
from core import *
from sqlalchemy.orm import eagerload_all
@@ -42,7 +40,7 @@
Column('name', UnicodeText, nullable=False, unique=True),
Column('title', UnicodeText),
Column('description', UnicodeText),
- Column('created', DateTime, default=datetime.now),
+ Column('created', DateTime, default=datetime.datetime.now),
Column('parent_id', UnicodeText),
)
--- a/ckan/model/meta.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/model/meta.py Thu Jun 23 20:50:12 2011 +0100
@@ -1,4 +1,4 @@
-from datetime import datetime
+import datetime
"""SQLAlchemy Metadata and Session object"""
from sqlalchemy import MetaData, __version__ as sqav
from sqlalchemy.orm import scoped_session, sessionmaker
@@ -51,7 +51,7 @@
## when a normal active transaction happens
if 'pending' not in obj.state:
- revision.approved_timestamp = datetime.now()
+ revision.approved_timestamp = datetime.datetime.now()
old = session.query(revision_cls).filter_by(
current='1',
id = obj.id
@@ -61,7 +61,7 @@
session.add(old)
q = session.query(revision_cls)
- q = q.filter_by(expired_timestamp=datetime(9999, 12, 31), id=obj.id)
+ q = q.filter_by(expired_timestamp=datetime.datetime(9999, 12, 31), id=obj.id)
results = q.all()
for rev_obj in results:
--- a/ckan/model/rating.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/model/rating.py Thu Jun 23 20:50:12 2011 +0100
@@ -1,3 +1,5 @@
+import datetime
+
from meta import *
from core import *
from package import *
@@ -12,7 +14,7 @@
Column('user_ip_address', UnicodeText), # alternative to user_id if not logged in
Column('package_id', UnicodeText, ForeignKey('package.id')),
Column('rating', Float),
- Column('created', DateTime, default=datetime.now),
+ Column('created', DateTime, default=datetime.datetime.now),
)
class Rating(DomainObject):
--- a/ckan/model/user.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/model/user.py Thu Jun 23 20:50:12 2011 +0100
@@ -17,7 +17,7 @@
Column('fullname', UnicodeText),
Column('email', UnicodeText),
Column('apikey', UnicodeText, default=make_uuid),
- Column('created', DateTime, default=datetime.now),
+ Column('created', DateTime, default=datetime.datetime.now),
Column('about', UnicodeText),
)
--- a/ckan/tests/models/test_group.py Thu Jun 23 17:26:36 2011 +0100
+++ b/ckan/tests/models/test_group.py Thu Jun 23 20:50:12 2011 +0100
@@ -40,7 +40,7 @@
assert grp.title == u'Russian Group'
anna = model.Package.by_name(u'annakarenina')
war = model.Package.by_name(u'warandpeace')
- assert grp.packages == [anna, war], grp.packages
+ assert set(grp.packages) == set((anna, war)), grp.packages
assert grp in anna.groups
--- a/doc/design.rst Thu Jun 23 17:26:36 2011 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,53 +0,0 @@
-===========
-CKAN Design
-===========
-
-Overview
-========
-
-As a system CKAN functions as a synthesis of several different services:
-
-.. image:: ckan-features.png
- :alt: CKAN Features
-
-CKAN is part of a larger set of tools and services designed to enable automated
-use and reuse of content and data:
-
-.. image:: ckan-vision.png
- :alt: The Debian of Data Services Stack
-
-Architecture
-============
-
-The key entity in CKAN is a Package. The data model for a package is pretty
-much what you see on: http://www.ckan.net/package/new
-
-This in turn is heavily based on the kind of packaging information provided for
-software but with some modifications. One of our aims is to keep things simple
-and as generic as possible as we have data from a lot of different domains.
-Thus we've tried to keep the core metadata pretty restricted but allow for
-additional info either via tags or via "extra" arbitrary key/value fields. So
-very roughly:
-
- * unique name
- * title
- * url + download url
- * author/maintainer info
- * license
- * notes
- * tags
- * [extendable with "extra" fields]
-
-All, the code is open-source and if you want to see the actual
-model definitions in code see here (probably start with core.py):
-
-<https://bitbucket.org/okfn/ckan/src/default/ckan/model/>
-
-One thing to note here is that all changes to package data are versioned in a
-wiki-like manner. This gives us a lot of flexibility in how we manage access to
-the system (as well as providing features like change logging for free!).
-
-The rdfizing code can be found here:
-
-<https://bitbucket.org/okfn/ckan/src/default/ckan/lib/rdf.py>
-
--- a/doc/index.rst Thu Jun 23 17:26:36 2011 +0100
+++ b/doc/index.rst Thu Jun 23 20:50:12 2011 +0100
@@ -11,7 +11,6 @@
:maxdepth: 2
README
- design
deployment
configuration
paster
--- a/doc/kforge/index.html Thu Jun 23 17:26:36 2011 +0100
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,14 +0,0 @@
-<html>
- <head>
- <title>CKAN - Comprehensive Knowledge Archive Network</title>
- <link rel="stylesheet" href="http://m.okfn.org/okftext/css/okftext/text_basic.css" type="text/css" media="screen" charset="utf-8">
- <meta http-equiv="REFRESH" content="0;url=/ckan/trac">
- </head>
- <body>
- <h1>
- CKAN
- </h1>
- <p>Redirecting to CKAN project homepage: <a href="http://knowledgeforge.net/ckan/trac/">http://knowledgeforge.net/ckan/trac/</a></p>
- </body>
-</html>
-
http://bitbucket.org/okfn/ckan/changeset/ab18632004af/
changeset: ab18632004af
branch: feature-1094-authz
user: kindly
date: 2011-06-24 11:44:53
summary: overide queries fixing, and delete system
affected #: 6 files (3.1 KB)
--- a/ckan/authz.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/authz.py Fri Jun 24 10:44:53 2011 +0100
@@ -157,11 +157,7 @@
return True
user = model.User.by_name(username, autoflush=False)
- if user:
- q = model.Session.query(model.SystemRole)
- q = q.autoflush(False)
- q = q.filter_by(role=model.Role.ADMIN, user=user)
- return q.count() > 0
+ return user.sysadmin
@classmethod
def get_admins(cls, domain_obj):
--- a/ckan/lib/create_test_data.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/lib/create_test_data.py Fri Jun 24 10:44:53 2011 +0100
@@ -401,36 +401,38 @@
model.setup_default_user_roles(roger, [russianfan])
model.add_user_to_role(visitor, model.Role.ADMIN, roger)
testsysadmin = model.User.by_name(u'testsysadmin')
- model.add_user_to_role(testsysadmin, model.Role.ADMIN, model.System())
+ testsysadmin.sysadmin = True
+ model.Session.add(testsysadmin)
+ #model.add_user_to_role(testsysadmin, model.Role.ADMIN, model.System())
model.repo.commit_and_remove()
- if commit_changesets:
- from ckan.model.changeset import ChangesetRegister
- changeset_ids = ChangesetRegister().commit()
+# if commit_changesets:
+# from ckan.model.changeset import ChangesetRegister
+# changeset_ids = ChangesetRegister().commit()
# Create a couple of authorization groups
- for ag_name in [u'anauthzgroup', u'anotherauthzgroup']:
- ag=model.AuthorizationGroup.by_name(ag_name)
- if not ag: #may already exist, if not create
- ag=model.AuthorizationGroup(name=ag_name)
- model.Session.add(ag)
+ #for ag_name in [u'anauthzgroup', u'anotherauthzgroup']:
+ # ag=model.AuthorizationGroup.by_name(ag_name)
+ # if not ag: #may already exist, if not create
+ # ag=model.AuthorizationGroup(name=ag_name)
+ # model.Session.add(ag)
- model.repo.commit_and_remove()
+ #model.repo.commit_and_remove()
# and give them a range of roles on various things
- ag = model.AuthorizationGroup.by_name(u'anauthzgroup')
- aag = model.AuthorizationGroup.by_name(u'anotherauthzgroup')
- pkg = model.Package.by_name(u'warandpeace')
- g = model.Group.by_name('david')
+ #ag = model.AuthorizationGroup.by_name(u'anauthzgroup')
+ #aag = model.AuthorizationGroup.by_name(u'anotherauthzgroup')
+ #pkg = model.Package.by_name(u'warandpeace')
+ #g = model.Group.by_name('david')
+#
+# model.add_authorization_group_to_role(ag, u'editor', model.System())
+# model.add_authorization_group_to_role(ag, u'reader', pkg)
+# model.add_authorization_group_to_role(ag, u'admin', aag)
+# model.add_authorization_group_to_role(aag, u'editor', ag)
+# model.add_authorization_group_to_role(ag, u'editor', g)
- model.add_authorization_group_to_role(ag, u'editor', model.System())
- model.add_authorization_group_to_role(ag, u'reader', pkg)
- model.add_authorization_group_to_role(ag, u'admin', aag)
- model.add_authorization_group_to_role(aag, u'editor', ag)
- model.add_authorization_group_to_role(ag, u'editor', g)
-
- model.repo.commit_and_remove()
+# model.repo.commit_and_remove()
--- a/ckan/model/__init__.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/model/__init__.py Fri Jun 24 10:44:53 2011 +0100
@@ -95,7 +95,7 @@
def init_configuration_data(self):
'''Default configuration, for when CKAN is first used out of the box.
This state may be subsequently configured by the user.'''
- init_authz_configuration_data()
+ #init_authz_configuration_data()
if Session.query(Revision).count() == 0:
rev = Revision()
rev.author = 'system'
@@ -109,7 +109,6 @@
has shortcuts.
'''
self.metadata.create_all(bind=self.metadata.bind)
- return
self.init_const_data()
self.init_configuration_data()
--- a/ckan/model/authz.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/model/authz.py Fri Jun 24 10:44:53 2011 +0100
@@ -8,7 +8,6 @@
from group import Group
from types import make_uuid
from user import User
-from core import System
#from authorization_group import AuthorizationGroup, authorization_group_table
PSEUDO_USER__LOGGED_IN = u'logged_in'
@@ -122,20 +121,9 @@
return '<%s group="%s" role="%s" context="%s">' % \
(self.__class__.__name__, self.authorized_group.name, self.role, self.context)
else:
- assert False, "UserObjectRole is neither for an authzgroup or for a user"
+ assert False, "AuthorizationOverride is neither for an authzgroup or for a user"
-
- @classmethod
- def get_object_role_class(cls, domain_obj):
- protected_object = protected_objects.get(domain_obj.__class__, None)
- if protected_object is None:
- # TODO: make into an authz exception
- msg = '%s is not a protected object, i.e. a subject of authorization' % domain_obj
- raise Exception(msg)
- else:
- return protected_object
-
@classmethod
def user_has_role(cls, user, role, domain_obj):
assert isinstance(user, User), user
@@ -143,32 +131,15 @@
return q.count() == 1
@classmethod
- def authorization_group_has_role(cls, authorized_group, role, domain_obj):
- assert isinstance(authorized_group, AuthorizationGroup), authorized_group
- q = cls._authorized_group_query(authorized_group, role, domain_obj)
- return q.count() == 1
-
- @classmethod
def _user_query(cls, user, role, domain_obj):
- q = Session.query(cls).filter_by(role=role)
+ q = Session.query(cls).filter_by(
+ role=role,
+ object_id=domain_obj.id,
+ user_id=user.id)
# some protected objects are not "contextual"
- if cls.name is not None:
- # e.g. filter_by(package=domain_obj)
- q = q.filter_by(**dict({cls.name: domain_obj}))
- q = q.filter_by(user=user)
return q
@classmethod
- def _authorized_group_query(cls, authorized_group, role, domain_obj):
- q = Session.query(cls).filter_by(role=role)
- # some protected objects are not "contextual"
- if cls.name is not None:
- # e.g. filter_by(package=domain_obj)
- q = q.filter_by(**dict({cls.name: domain_obj}))
- q = q.filter_by(authorized_group=authorized_group)
- return q
-
- @classmethod
def add_user_to_role(cls, user, role, domain_obj):
'''NB: Leaves the caller to commit the change. If called twice without a
commit, will add the role to the database twice. Since some other
@@ -180,24 +151,8 @@
# that won't work if the transaction hasn't been committed yet, which allows a role to be added twice (you can do this from the interface)
if cls.user_has_role(user, role, domain_obj):
return
- objectrole = cls(role=role, user=user)
- if cls.name is not None:
- setattr(objectrole, cls.name, domain_obj)
- Session.add(objectrole)
-
- @classmethod
- def add_authorization_group_to_role(cls, authorization_group, role, domain_obj):
- '''NB: Leaves the caller to commit the change. If called twice without a
- commit, will add the role to the database twice. Since some other
- functions count the number of occurrences, that leaves a fairly obvious
- bug. But adding a commit here seems to break various tests.
- So don't call this twice without committing, I guess...
- '''
- if cls.authorization_group_has_role(authorization_group, role, domain_obj):
- return
- objectrole = cls(role=role, authorized_group=authorization_group)
- if cls.name is not None:
- setattr(objectrole, cls.name, domain_obj)
+ objectrole = cls(role=role, user=user, object_id=domain_obj.id,
+ object_type=domain_obj.__class__.__name__.lower())
Session.add(objectrole)
@classmethod
@@ -208,50 +163,28 @@
Session.commit()
Session.remove()
- @classmethod
- def remove_authorization_group_from_role(cls, authorization_group, role, domain_obj):
- q = cls._authorized_group_query(authorization_group, role, domain_obj)
- for ago_role in q.all():
- Session.delete(ago_role)
- Session.commit()
- Session.remove()
-
-
-
-
## ======================================
## Helpers
def user_has_role(user, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- return objectrole.user_has_role(user, role, domain_obj)
+ return AuthorizationOverride.user_has_role(user, role, domain_obj)
def add_user_to_role(user, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- objectrole.add_user_to_role(user, role, domain_obj)
+ AuthorizationOverride.add_user_to_role(user, role, domain_obj)
def remove_user_from_role(user, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- objectrole.remove_user_from_role(user, role, domain_obj)
+ AuthorizationOverride.remove_user_from_role(user, role, domain_obj)
def authorization_group_has_role(authorization_group, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- return objectrole.authorization_group_has_role(authorization_group, role, domain_obj)
+ return AuthorizationOverride.authorization_group_has_role(authorization_group, role, domain_obj)
def add_authorization_group_to_role(authorization_group, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- objectrole.add_authorization_group_to_role(authorization_group, role, domain_obj)
+ AuthorizationOverride.add_authorization_group_to_role(authorization_group, role, domain_obj)
def remove_authorization_group_from_role(authorization_group, role, domain_obj):
- objectrole = UserObjectRole.get_object_role_class(domain_obj)
- objectrole.remove_authorization_group_from_role(authorization_group, role, domain_obj)
-
-def init_authz_configuration_data():
- setup_default_user_roles(System())
- Session.commit()
- Session.remove()
+ AuthorizationOverride.remove_authorization_group_from_role(authorization_group, role, domain_obj)
def init_authz_const_data():
'''Setup all default role-actions.
@@ -324,7 +257,6 @@
'Package': {"visitor": ["editor"], "logged_in": ["editor"]},
'Group': {"visitor": ["reader"], "logged_in": ["reader"]},
'System': {"visitor": ["anon_editor"], "logged_in": ["editor"]},
- 'AuthorizationGroup': {"visitor": ["reader"], "logged_in": ["reader"]},
}
global _default_user_roles_cache
@@ -360,7 +292,7 @@
@param admins - a list of User objects
NB: leaves caller to commit change.
'''
- assert isinstance(domain_object, (Package, Group, System, AuthorizationGroup)), domain_object
+ assert isinstance(domain_object, (Package, Group)), domain_object
assert isinstance(admins, list)
user_roles_ = get_default_user_roles(domain_object)
setup_user_roles(domain_object,
@@ -393,6 +325,11 @@
cascade='all, delete, delete-orphan'
)
),
+ 'package': orm.relation(Package,
+ backref=orm.backref('roles'),
+ primaryjoin=authorization_override_table.c.object_id == package_table.c.id,
+ foreign_keys=[authorization_override_table.c.object_id],
+ )
},
order_by=[authorization_override_table.c.id],
)
--- a/ckan/model/core.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/model/core.py Fri Jun 24 10:44:53 2011 +0100
@@ -8,19 +8,6 @@
revision_table = vdm.sqlalchemy.make_revision_table(metadata)
revision_table.append_column(Column('approved_timestamp', DateTime))
-class System(DomainObject):
-
- name = 'system'
-
- def __unicode__(self):
- return u'<%s>' % self.__class__.__name__
-
- def purge(self):
- pass
-
- @classmethod
- def by_name(cls, name):
- return System()
# VDM-specific domain objects
State = vdm.sqlalchemy.State
--- a/ckan/new_authz.py Thu Jun 23 17:47:40 2011 +0100
+++ b/ckan/new_authz.py Fri Jun 24 10:44:53 2011 +0100
@@ -56,7 +56,6 @@
if _auth_functions:
return _auth_functions.get(action)
# Otherwise look in all the plugins to resolve all possible
- global _auth_functions
# First get the default ones in the ckan/logic/auth directory
# Rather than writing them out in full will use __import__
# to load anything from ckan.auth that looks like it might
Repository URL: https://bitbucket.org/okfn/ckan/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list