From 84ae1c80a825083ea8e56b3c70007c5874a1763b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Henrik=20tom=20W=C3=B6rden?= <h.tomwoerden@indiscale.com>
Date: Thu, 28 Sep 2023 09:11:15 +0200
Subject: [PATCH] ENH: added old example
---
examples/set_permissions.py | 90 +++++++++++++++++--------------------
1 file changed, 41 insertions(+), 49 deletions(-)
diff --git a/examples/set_permissions.py b/examples/set_permissions.py
index 8162b11b..8b2b59f1 100755
--- a/examples/set_permissions.py
+++ b/examples/set_permissions.py
@@ -25,13 +25,15 @@
As a result, only a specific user or group may access it.
-This script assumes that the user specified in the pycaosdb.ini
-configuration can create new entities.
+This script assumes that data similar to the demo server of IndiScale (at
+demo.indiscale.com) exists on the server specified in the pycaosdb.ini
+configuration.
"""
import caosdb as db
from caosdb import administration as admin
+import lxml
def assert_user_and_role():
@@ -48,27 +50,27 @@ out : tuple
"""
try:
human_user = admin._retrieve_user("jane")
- admin._update_user(name="jane", status="ACTIVE")
- except db.HTTPResourceNotFoundError:
+ _activate_user("jane")
+ except db.EntityDoesNotExistError:
human_user = admin._insert_user(
"jane", password="Human_Rememberable_Password_1234", status="ACTIVE")
try:
alien_user = admin._retrieve_user("xaxys")
- admin._update_user(name="xaxys", status="ACTIVE")
- except db.HTTPResourceNotFoundError:
+ _activate_user("xaxys")
+ except db.EntityDoesNotExistError:
alien_user = admin._insert_user("xaxys", password="4321_Syxax",
status="ACTIVE")
# At the moment, the return value is only "ok" for successful insertions.
try:
human_role = admin._retrieve_role("human")
- except db.HTTPResourceNotFoundError:
+ except db.EntityDoesNotExistError:
human_role = admin._insert_role("human", "An Earthling.")
try:
alien_role = admin._retrieve_role("alien")
- except db.HTTPResourceNotFoundError:
+ except db.EntityDoesNotExistError:
alien_role = admin._insert_role("alien", "An Extra-terrestrial.")
admin._set_roles("jane", ["human"])
@@ -78,6 +80,24 @@ out : tuple
("xaxys", list(admin._get_roles("xaxys"))))
+def _activate_user(user):
+ """Set the user state to "ACTIVE" if necessary.
+
+Parameters
+----------
+user : str
+ The user to activate.
+
+Returns
+-------
+None
+
+ """
+ user_xml = lxml.etree.fromstring(admin._retrieve_user(user))
+ if user_xml.xpath("User")[0].attrib["status"] != "ACTIVE":
+ admin._update_user(user, status="ACTIVE")
+
+
def get_entities(count=1):
"""Retrieve one or more entities.
@@ -91,11 +111,9 @@ Returns
out : Container
A container of retrieved entities, the length is given by the parameter count.
"""
- cont = db.execute_query("FIND RECORD 'Human Food'", flags={
- "P": "0L{n}".format(n=count)})
+ cont = db.execute_query("FIND RECORD Guitar", flags={"P": "0L{n}".format(n=count)})
if len(cont) != count:
- raise db.CaosDBException(
- msg="Incorrect number of entitities returned.")
+ raise db.CaosDBException(msg="Incorrect number of entitities returned.")
return cont
@@ -120,8 +138,7 @@ general : bool, optional
# Set general permissions
if general:
- grant = admin.PermissionRule(
- action="grant", permission="RETRIEVE:OWNER")
+ grant = admin.PermissionRule(action="grant", permission="RETRIEVE:OWNER")
deny = admin.PermissionRule(action="deny", permission="RETRIEVE:FILE")
admin._set_permissions(role=role_grant, permission_rules=[grant])
@@ -172,12 +189,9 @@ None
for ent in cont:
ent.retrieve()
print("Successfully retrieved all entities.")
- except db.TransactionError as te:
- if te.has_error(db.AuthorizationError):
- print(ent)
- print("Could not retrieve this entity although it should have been possible!")
- else:
- raise te
+ except db.AuthorizationException:
+ print(ent)
+ print("Could not retrieve this entity although it should have been possible!")
# Switch to user without permissions
db.configure_connection(username=denied_user[0], password=denied_user[1],
@@ -192,45 +206,23 @@ None
denied_all = False
print(ent)
print("Could retrieve this entity although it should not have been possible!")
- except db.TransactionError as te:
- # Only do something if an error wasn't caused by an
- # AuthorizationError
- if not te.has_error(db.AuthorizationError):
- raise te
+ except db.AuthorizationException:
+ pass
if denied_all:
print("Retrieval of all entities was successfully denied.")
-def create_test_entities():
- """Create some test entities.
- After calling this function, there will be a RecordType "Human Food" with the corresponding Records
- "Bread", "Tomatoes", and "Twinkies" inserted in the database.
- """
- rt = db.RecordType(
- name="Human Food", description="Food that can be eaten only by humans").insert()
- food = ("Bread", "Tomatoes", "Twinkies")
-
- cont = db.Container()
- for i in range(len(food)):
- rec = db.Record(food[i])
- rec.add_parent(name="Human Food")
- cont.append(rec)
-
- cont.insert()
-
-
def main():
"""The main function of this script."""
- """Create some test entities"""
- create_test_entities()
- """Create new users"""
+ db.connection.connection.get_connection()._login()
+
human, alien = assert_user_and_role()
- """Load the newly created entities."""
+
+ # public, private, undefined entities
entities = get_entities(count=3)
- """Set permission for the entities (only humans are allowed to eat human food)"""
+
set_permission(human[1][0], alien[1][0], entities)
- """Test the permissions"""
test_permission((human[0], "Human_Rememberable_Password_1234"),
(alien[0], "4321_Syxax"), entities)
--
GitLab