Mercurial > hg > ChinaGisRestApi

comparison RestDbGisApi.py @ 60:9fdadb60529f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
working on authentication and authorization
author casties
date Mon, 25 Oct 2010 23:24:19 +0200
parents a5f2550a5b44
children e81d034b28a5
comparison
equal deleted inserted replaced
59:a5f2550a5b44 60:9fdadb60529f
54 id = self.REQUEST.get('id',[]) 54 id = self.REQUEST.get('id',[])
55 doc = self.REQUEST.get('doc',None) 55 doc = self.REQUEST.get('doc',None)
56 return self.getLiveKmlUrl(schema=schema,table=table) 56 return self.getLiveKmlUrl(schema=schema,table=table)
57 57
58 58
59 def checkTableMetaPermission(self,action,schema,table,user=None): 59 def getTableOwner(self,schema,table):
60 """returns the owner of the table"""
61 # TODO: look up in metadata
62 return None
63
64 def isAllowed(self,action,schema,table,user=None,owner=None):
60 """returns if the requested action on the table is allowed""" 65 """returns if the requested action on the table is allowed"""
61 logging.debug("checktablemetapermissions action=%s schema=%s table=%s user=%s"%(action,schema,table,user))
62 if user is None: 66 if user is None:
63 user = self.REQUEST.get('AUTHENTICATED_USER',None) 67 user = self.REQUEST.get('AUTHENTICATED_USER',None)
64 logging.debug("user=%s"%user) 68 logging.debug("isAllowed action=%s schema=%s table=%s user=%s"%(action,schema,table,user))
65 # TODO: what now? 69 # TODO: check permissions from meta data table
70 if action == "create":
71 if user is not None and str(user) != 'Anonymous User':
72 # any authenticated user can create
73 return True
74 else:
75 return False
76
77 if action == "update":
78 if owner is None:
79 owner = self.getTableOwner(schema,table)
80 if user is not None and str(user) == str(owner):
81 # update only your own table
82 return True
83 else:
84 return False
85
66 return True 86 return True
67 87
68 def setTableMetaTypes(self,schema,table,fields): 88 def setTableMetaTypes(self,schema,table,fields):
69 """sets the GIS meta information for table""" 89 """sets the GIS meta information for table"""
70 logging.debug("settablemetatypes schema=%s, table=%s, fields=%s"%(schema,table,fields)) 90 logging.debug("settablemetatypes schema=%s, table=%s, fields=%s"%(schema,table,fields))
99 REQUEST = self.REQUEST 119 REQUEST = self.REQUEST
100 120
101 # should be cross-site accessible 121 # should be cross-site accessible
102 if RESPONSE is None: 122 if RESPONSE is None:
103 RESPONSE = self.REQUEST.RESPONSE 123 RESPONSE = self.REQUEST.RESPONSE
104
105 RESPONSE.setHeader('Access-Control-Allow-Origin', '*') 124 RESPONSE.setHeader('Access-Control-Allow-Origin', '*')
125
126 user = self.REQUEST.get('AUTHENTICATED_USER',None)
127 logging.debug("user=%s"%user)
106 128
107 # everything else has its own template 129 # everything else has its own template
108 pt = getattr(self.template, '%s_schema_table'%resultFormat, None) 130 pt = getattr(self.template, '%s_schema_table'%resultFormat, None)
109 if pt is None: 131 if pt is None:
110 return "ERROR!! template %s_schema_table not found"%resultFormat 132 return "ERROR!! template %s_schema_table not found"%resultFormat
131 type = 'text' 153 type = 'text'
132 sqltype = 'text' 154 sqltype = 'text'
133 155
134 sqlFields.append({'name':name, 'type':type, 'sqltype':sqltype}) 156 sqlFields.append({'name':name, 'type':type, 'sqltype':sqltype})
135 157
136 if self.checkTableMetaPermission("create", schema, table): 158 if self.isAllowed("create", schema, table):
137 self.executeSQL('drop table if exists "%s"."%s"'%(schema,table),hasResult=False) 159 self.executeSQL('drop table if exists "%s"."%s"'%(schema,table),hasResult=False)
138 fieldString = ", ".join(['"%s" %s'%(f['name'],f['sqltype']) for f in sqlFields]) 160 fieldString = ", ".join(['"%s" %s'%(f['name'],f['sqltype']) for f in sqlFields])
139 sqlString = 'create table "%s"."%s" (%s)'%(schema,table,fieldString) 161 sqlString = 'create table "%s"."%s" (%s)'%(schema,table,fieldString)
140 logging.debug("createemptytable: SQL=%s"%sqlString) 162 logging.debug("createemptytable: SQL=%s"%sqlString)
141 self.executeSQL(sqlString,hasResult=False) 163 self.executeSQL(sqlString,hasResult=False)