[ckan-changes] [okfn/ckan] 02b7ed: [#1663] Add authorization and validation to activi...
GitHub
noreply at github.com
Fri Jan 27 17:43:18 UTC 2012
Branch: refs/heads/feature-1515-activity-streams
Home: https://github.com/okfn/ckan
Commit: 02b7edda8bee4441db9d82f1a1fb829ac2f042c2
https://github.com/okfn/ckan/commit/02b7edda8bee4441db9d82f1a1fb829ac2f042c2
Author: Sean Hammond <seanhammond at lavabit.com>
Date: 2012-01-27 (Fri, 27 Jan 2012)
Changed paths:
M ckan/logic/action/create.py
M ckan/logic/action/update.py
M ckan/logic/auth/create.py
M ckan/logic/schema.py
M ckan/logic/validators.py
M ckan/tests/functional/test_group.py
Log Message:
-----------
[#1663] Add authorization and validation to activity_create() logic action function
activity_create() logic action function now checks authorization and
does validation. Has an ignore_auth argument (default: False) which if
True will skip the authorization.
Other logic functions that call activity_create() as a side-effect (and
after doing their own authorization, if any) pass ignore_auth=True to
activity_create().
Also made those other logic functions explicitly construct an
activity_create_context dict instead of just passing in their own
context dicts. This way unwanted stuff such as the calling function's
schema does not get passed into activity_create(), and the logic
functions also put 'defer_commit' into activity_create_context because
they want to do their own commit later.
The user_create() logic action function now flushes the session before
calling activity_create() so that the new user's id is initialised. This
bug wasn't showing itself before when activity_create() didn't do any
validation.
Added activity_create() logic auth function, just authorizes only
sysadmins to create activities.
Add default_create_activity_schema() to validate activity dicts, and add
user_id_exists(), group_id_exists(), activity_type_exists() and
object_id_validator() validator functions.
More information about the ckan-changes
mailing list