Mercurial > hg > ChinaGisRestApi
comparison RestDbGisApi.py @ 60:9fdadb60529f
working on authentication and authorization
author | casties |
---|---|
date | Mon, 25 Oct 2010 23:24:19 +0200 |
parents | a5f2550a5b44 |
children | e81d034b28a5 |
comparison
equal
deleted
inserted
replaced
59:a5f2550a5b44 | 60:9fdadb60529f |
---|---|
54 id = self.REQUEST.get('id',[]) | 54 id = self.REQUEST.get('id',[]) |
55 doc = self.REQUEST.get('doc',None) | 55 doc = self.REQUEST.get('doc',None) |
56 return self.getLiveKmlUrl(schema=schema,table=table) | 56 return self.getLiveKmlUrl(schema=schema,table=table) |
57 | 57 |
58 | 58 |
59 def checkTableMetaPermission(self,action,schema,table,user=None): | 59 def getTableOwner(self,schema,table): |
60 """returns the owner of the table""" | |
61 # TODO: look up in metadata | |
62 return None | |
63 | |
64 def isAllowed(self,action,schema,table,user=None,owner=None): | |
60 """returns if the requested action on the table is allowed""" | 65 """returns if the requested action on the table is allowed""" |
61 logging.debug("checktablemetapermissions action=%s schema=%s table=%s user=%s"%(action,schema,table,user)) | |
62 if user is None: | 66 if user is None: |
63 user = self.REQUEST.get('AUTHENTICATED_USER',None) | 67 user = self.REQUEST.get('AUTHENTICATED_USER',None) |
64 logging.debug("user=%s"%user) | 68 logging.debug("isAllowed action=%s schema=%s table=%s user=%s"%(action,schema,table,user)) |
65 # TODO: what now? | 69 # TODO: check permissions from meta data table |
70 if action == "create": | |
71 if user is not None and str(user) != 'Anonymous User': | |
72 # any authenticated user can create | |
73 return True | |
74 else: | |
75 return False | |
76 | |
77 if action == "update": | |
78 if owner is None: | |
79 owner = self.getTableOwner(schema,table) | |
80 if user is not None and str(user) == str(owner): | |
81 # update only your own table | |
82 return True | |
83 else: | |
84 return False | |
85 | |
66 return True | 86 return True |
67 | 87 |
68 def setTableMetaTypes(self,schema,table,fields): | 88 def setTableMetaTypes(self,schema,table,fields): |
69 """sets the GIS meta information for table""" | 89 """sets the GIS meta information for table""" |
70 logging.debug("settablemetatypes schema=%s, table=%s, fields=%s"%(schema,table,fields)) | 90 logging.debug("settablemetatypes schema=%s, table=%s, fields=%s"%(schema,table,fields)) |
99 REQUEST = self.REQUEST | 119 REQUEST = self.REQUEST |
100 | 120 |
101 # should be cross-site accessible | 121 # should be cross-site accessible |
102 if RESPONSE is None: | 122 if RESPONSE is None: |
103 RESPONSE = self.REQUEST.RESPONSE | 123 RESPONSE = self.REQUEST.RESPONSE |
104 | |
105 RESPONSE.setHeader('Access-Control-Allow-Origin', '*') | 124 RESPONSE.setHeader('Access-Control-Allow-Origin', '*') |
125 | |
126 user = self.REQUEST.get('AUTHENTICATED_USER',None) | |
127 logging.debug("user=%s"%user) | |
106 | 128 |
107 # everything else has its own template | 129 # everything else has its own template |
108 pt = getattr(self.template, '%s_schema_table'%resultFormat, None) | 130 pt = getattr(self.template, '%s_schema_table'%resultFormat, None) |
109 if pt is None: | 131 if pt is None: |
110 return "ERROR!! template %s_schema_table not found"%resultFormat | 132 return "ERROR!! template %s_schema_table not found"%resultFormat |
131 type = 'text' | 153 type = 'text' |
132 sqltype = 'text' | 154 sqltype = 'text' |
133 | 155 |
134 sqlFields.append({'name':name, 'type':type, 'sqltype':sqltype}) | 156 sqlFields.append({'name':name, 'type':type, 'sqltype':sqltype}) |
135 | 157 |
136 if self.checkTableMetaPermission("create", schema, table): | 158 if self.isAllowed("create", schema, table): |
137 self.executeSQL('drop table if exists "%s"."%s"'%(schema,table),hasResult=False) | 159 self.executeSQL('drop table if exists "%s"."%s"'%(schema,table),hasResult=False) |
138 fieldString = ", ".join(['"%s" %s'%(f['name'],f['sqltype']) for f in sqlFields]) | 160 fieldString = ", ".join(['"%s" %s'%(f['name'],f['sqltype']) for f in sqlFields]) |
139 sqlString = 'create table "%s"."%s" (%s)'%(schema,table,fieldString) | 161 sqlString = 'create table "%s"."%s" (%s)'%(schema,table,fieldString) |
140 logging.debug("createemptytable: SQL=%s"%sqlString) | 162 logging.debug("createemptytable: SQL=%s"%sqlString) |
141 self.executeSQL(sqlString,hasResult=False) | 163 self.executeSQL(sqlString,hasResult=False) |