[ckan-changes] commit/ckan: John Glover: [logic] Add resource_show function and test, add resource_show and resource_update auth functions
Bitbucket
commits-noreply at bitbucket.org
Mon Oct 17 18:25:38 UTC 2011
1 new changeset in ckan:
http://bitbucket.org/okfn/ckan/changeset/dd36049a2594/
changeset: dd36049a2594
branch: feature-1371-task-status-logic-layer
user: John Glover
date: 2011-10-17 20:25:12
summary: [logic] Add resource_show function and test, add resource_show and resource_update auth functions
affected #: 6 files (-1 bytes)
--- a/ckan/logic/action/get.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/logic/action/get.py Mon Oct 17 19:25:12 2011 +0100
@@ -10,6 +10,7 @@
from ckan.lib.dictization import table_dictize
from ckan.lib.dictization.model_dictize import (package_dictize,
resource_list_dictize,
+ resource_dictize,
group_dictize,
group_list_dictize,
tag_dictize,
@@ -339,7 +340,7 @@
if pkg is None:
raise NotFound
- check_access('package_show',context, data_dict)
+ check_access('package_show', context, data_dict)
package_dict = package_dictize(pkg, context)
@@ -348,6 +349,20 @@
return package_dict
+def resource_show(context, data_dict):
+ model = context['model']
+ api = context.get('api_version') or '1'
+ id = data_dict['id']
+
+ resource = model.Resource.get(id)
+ context['resource'] = resource
+
+ if not resource:
+ raise NotFound
+
+ check_access('resource_show', context, data_dict)
+
+ return resource_dictize(resource, context)
def revision_show(context, data_dict):
model = context['model']
--- a/ckan/logic/action/update.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/logic/action/update.py Mon Oct 17 19:25:12 2011 +0100
@@ -167,16 +167,7 @@
if not resource:
raise NotFound(_('Resource was not found.'))
- # check authentication against the resource package
- # TODO: can check_access be used against a resource?
- query = session.query(model.Package
- ).join(model.ResourceGroup
- ).join(model.Resource
- ).filter(model.ResourceGroup.id == resource.resource_group_id)
- pkg = query.first()
- if not pkg:
- raise NotFound(_('No package found for this resource, cannot check auth.'))
- check_access('package_update', context, package_dictize(pkg, context))
+ check_access('resource_update', context, data_dict)
data, errors = validate(data_dict, schema, context)
--- a/ckan/logic/auth/__init__.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/logic/auth/__init__.py Mon Oct 17 19:25:12 2011 +0100
@@ -16,6 +16,18 @@
return package
+def get_resource_object(context, data_dict={}):
+ if not 'resource' in context:
+ model = context['model']
+ id = data_dict.get('id',None)
+ resource = model.Resource.get(id)
+ if not resource:
+ raise NotFound
+ else:
+ resource = context['resource']
+
+ return resource
+
def get_group_object(context, data_dict={}):
if not 'group' in context:
model = context['model']
--- a/ckan/logic/auth/get.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/logic/auth/get.py Mon Oct 17 19:25:12 2011 +0100
@@ -1,7 +1,7 @@
from ckan.logic import check_access_old, NotFound
from ckan.authz import Authorizer
from ckan.lib.base import _
-from ckan.logic.auth import get_package_object, get_group_object
+from ckan.logic.auth import get_package_object, get_group_object, get_resource_object
def site_read(context, data_dict):
@@ -84,12 +84,34 @@
user = context.get('user')
package = get_package_object(context, data_dict)
- authorized = check_access_old(package, model.Action.READ, context)
+ authorized = check_access_old(package, model.Action.READ, context)
if not authorized:
return {'success': False, 'msg': _('User %s not authorized to read package %s') % (str(user),package.id)}
else:
return {'success': True}
+def resource_show(context, data_dict):
+ model = context['model']
+ user = context.get('user')
+ resource = get_resource_object(context, data_dict)
+
+ # check authentication against package
+ query = model.Session.query(model.Package)\
+ .join(model.ResourceGroup)\
+ .join(model.Resource)\
+ .filter(model.ResourceGroup.id == resource.resource_group_id)
+ pkg = query.first()
+ if not pkg:
+ raise NotFound(_('No package found for this resource, cannot check auth.'))
+
+ pkg_dict = {'id': pkg.id}
+ authorized = package_show(context, pkg_dict).get('success')
+
+ if not authorized:
+ return {'success': False, 'msg': _('User %s not authorized to read resource %s') % (str(user), resource.id)}
+ else:
+ return {'success': True}
+
def revision_show(context, data_dict):
# No authz check in the logic function
return {'success': True}
--- a/ckan/logic/auth/update.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/logic/auth/update.py Mon Oct 17 19:25:12 2011 +0100
@@ -1,5 +1,6 @@
from ckan.logic import check_access_old, NotFound
-from ckan.logic.auth import get_package_object, get_group_object, get_authorization_group_object, get_user_object
+from ckan.logic.auth import get_package_object, get_group_object, get_authorization_group_object, \
+ get_user_object, get_resource_object
from ckan.logic.auth.create import check_group_auth, package_relationship_create
from ckan.authz import Authorizer
from ckan.lib.base import _
@@ -22,6 +23,28 @@
return {'success': True}
+def resource_update(context, data_dict):
+ model = context['model']
+ user = context.get('user')
+ resource = get_resource_object(context, data_dict)
+
+ # check authentication against package
+ query = model.Session.query(model.Package)\
+ .join(model.ResourceGroup)\
+ .join(model.Resource)\
+ .filter(model.ResourceGroup.id == resource.resource_group_id)
+ pkg = query.first()
+ if not pkg:
+ raise NotFound(_('No package found for this resource, cannot check auth.'))
+
+ pkg_dict = {'id': pkg.id}
+ authorized = package_update(context, pkg_dict).get('success')
+
+ if not authorized:
+ return {'success': False, 'msg': _('User %s not authorized to read edit %s') % (str(user), resource.id)}
+ else:
+ return {'success': True}
+
def package_relationship_update(context, data_dict):
return package_relationship_create(context, data_dict)
--- a/ckan/tests/functional/api/test_action.py Mon Oct 17 13:32:39 2011 +0100
+++ b/ckan/tests/functional/api/test_action.py Mon Oct 17 19:25:12 2011 +0100
@@ -1,11 +1,12 @@
import json
-from pprint import pprint, pformat
+from pprint import pprint
from nose.tools import assert_equal
from ckan.lib.create_test_data import CreateTestData
+from ckan.lib.dictization.model_dictize import resource_dictize
import ckan.model as model
from ckan.tests import WsgiAppCase
-from ckan.tests.functional.api import assert_dicts_equal_ignoring_ordering, change_lists_to_sets
+from ckan.tests.functional.api import assert_dicts_equal_ignoring_ordering
class TestAction(WsgiAppCase):
@@ -692,3 +693,14 @@
)
task_status_delete = json.loads(res.body)
assert task_status_delete['success'] == True
+
+ def test_26_resource_show(self):
+ pkg = model.Package.get('annakarenina')
+ resource = pkg.resources[0]
+ postparams = '%s=1' % json.dumps({'id': resource.id})
+ res = self.app.post('/api/action/resource_show', params=postparams)
+ result = json.loads(res.body)['result']
+ resource_dict = resource_dictize(resource, {'model': model})
+ result.pop('revision_timestamp')
+ assert result == resource_dict, (result, resource_dict)
+
Repository URL: https://bitbucket.org/okfn/ckan/
--
This is a commit notification from bitbucket.org. You are receiving
this because you have the service enabled, addressing the recipient of
this email.
More information about the ckan-changes
mailing list