Skip to content
GitLab
Explore
Sign in
Register
Primary navigation
Search or go to…
Project
C
caosdb-pylib
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container Registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
caosdb
Software
caosdb-pylib
Merge requests
!6
F set permissions
Code
Review changes
Check out branch
Download
Patches
Plain diff
Merged
F set permissions
f-set-permissions
into
dev
Overview
0
Commits
2
Pipelines
3
Changes
1
Merged
Henrik tom Wörden
requested to merge
f-set-permissions
into
dev
3 years ago
Overview
0
Commits
2
Pipelines
3
Changes
1
Expand
https://gitlab.com/caosdb/caosdb-pylib/-/merge_requests/59
0
0
Merge request reports
Compare
dev
dev (base)
and
latest version
latest version
2b65b94c
2 commits,
3 years ago
1 file
+
32
−
34
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
examples/set_permissions.py
+
32
−
34
Options
@@ -25,15 +25,13 @@
As a result, only a specific user or group may access it.
This script assumes that data similar to the demo server of IndiScale (at
demo.indiscale.com) exists on the server specified in the pycaosdb.ini
configuration.
This script assumes that the user specified in the
pycaosdb.ini configuration can create new entities.
"""
import
caosdb
as
db
from
caosdb
import
administration
as
admin
import
lxml
def
assert_user_and_role
():
@@ -50,27 +48,27 @@ out : tuple
"""
try
:
human_user
=
admin
.
_retrieve_user
(
"
jane
"
)
_activate_user
(
"
jane
"
)
except
db
.
ResourceNotFoundError
:
admin
.
_update_user
(
name
=
"
jane
"
,
status
=
"
ACTIVE
"
)
except
db
.
HTTP
ResourceNotFoundError
:
human_user
=
admin
.
_insert_user
(
"
jane
"
,
password
=
"
Human_Rememberable_Password_1234
"
,
status
=
"
ACTIVE
"
)
try
:
alien_user
=
admin
.
_retrieve_user
(
"
xaxys
"
)
_activ
ate_user
(
"
xaxys
"
)
except
db
.
ResourceNotFoundError
:
admin
.
_upd
ate_user
(
name
=
"
xaxys
"
,
status
=
"
ACTIVE
"
)
except
db
.
HTTP
ResourceNotFoundError
:
alien_user
=
admin
.
_insert_user
(
"
xaxys
"
,
password
=
"
4321_Syxax
"
,
status
=
"
ACTIVE
"
)
# At the moment, the return value is only "ok" for successful insertions.
try
:
human_role
=
admin
.
_retrieve_role
(
"
human
"
)
except
db
.
ResourceNotFoundError
:
except
db
.
HTTP
ResourceNotFoundError
:
human_role
=
admin
.
_insert_role
(
"
human
"
,
"
An Earthling.
"
)
try
:
alien_role
=
admin
.
_retrieve_role
(
"
alien
"
)
except
db
.
ResourceNotFoundError
:
except
db
.
HTTP
ResourceNotFoundError
:
alien_role
=
admin
.
_insert_role
(
"
alien
"
,
"
An Extra-terrestrial.
"
)
admin
.
_set_roles
(
"
jane
"
,
[
"
human
"
])
@@ -80,24 +78,6 @@ out : tuple
(
"
xaxys
"
,
list
(
admin
.
_get_roles
(
"
xaxys
"
))))
def
_activate_user
(
user
):
"""
Set the user state to
"
ACTIVE
"
if necessary.
Parameters
----------
user : str
The user to activate.
Returns
-------
None
"""
user_xml
=
lxml
.
etree
.
fromstring
(
admin
.
_retrieve_user
(
user
))
if
user_xml
.
xpath
(
"
User
"
)[
0
].
attrib
[
"
status
"
]
!=
"
ACTIVE
"
:
admin
.
_update_user
(
user
,
status
=
"
ACTIVE
"
)
def
get_entities
(
count
=
1
):
"""
Retrieve one or more entities.
@@ -111,7 +91,7 @@ Returns
out : Container
A container of retrieved entities, the length is given by the parameter count.
"""
cont
=
db
.
execute_query
(
"
FIND RECORD
Guitar
"
,
flags
=
{
cont
=
db
.
execute_query
(
"
FIND RECORD
'
Human Food
'
"
,
flags
=
{
"
P
"
:
"
0L{n}
"
.
format
(
n
=
count
)})
if
len
(
cont
)
!=
count
:
raise
db
.
CaosDBException
(
@@ -221,17 +201,35 @@ None
print
(
"
Retrieval of all entities was successfully denied.
"
)
def
create_test_entities
():
"""
Create some test entities.
After calling this function, there will be a RecordType
"
Human Food
"
with the corresponding Records
"
Bread
"
,
"
Tomatoes
"
, and
"
Twinkies
"
inserted in the database.
"""
rt
=
db
.
RecordType
(
name
=
"
Human Food
"
,
description
=
"
Food that can be eaten only by humans
"
).
insert
()
food
=
(
"
Bread
"
,
"
Tomatoes
"
,
"
Twinkies
"
)
cont
=
db
.
Container
()
for
i
in
range
(
len
(
food
)):
rec
=
db
.
Record
(
food
[
i
])
rec
.
add_parent
(
name
=
"
Human Food
"
)
cont
.
append
(
rec
)
cont
.
insert
()
def
main
():
"""
The main function of this script.
"""
db
.
connection
.
connection
.
get_connection
().
_login
()
"""
Create some test entities
"""
create_test_entities
()
"""
Create new users
"""
human
,
alien
=
assert_user_and_role
()
# public, private, undefined entities
"""
Load the newly created entities.
"""
entities
=
get_entities
(
count
=
3
)
"""
Set permission for the entities (only humans are allowed to eat human food)
"""
set_permission
(
human
[
1
][
0
],
alien
[
1
][
0
],
entities
)
"""
Test the permissions
"""
test_permission
((
human
[
0
],
"
Human_Rememberable_Password_1234
"
),
(
alien
[
0
],
"
4321_Syxax
"
),
entities
)
Loading