Mercurial > p > roundup > code

view roundup/actions.py @ 6994:4336e655b2be

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update packages in docker image; supress pip warning; improve cache use apk to update packages in image to get security fixes pip warns when run as root. In a dcker environment this can be ignored as the entire image is effectively a venv. Move inclusion of specific pip packages lower in the build procedure so we can cache all prior layers. Including it earlier resulted in layers that could be cached being invalidated.
author John Rouillard <rouilj@ieee.org>
date Sat, 01 Oct 2022 23:40:48 -0400
parents 48a1f919f894
children 4c9acc580769
line wrap: on
line source

#
# Copyright (C) 2009 Stefan Seefeld
# All rights reserved.
# For license terms see the file COPYING.txt.
# Actions used in REST and XMLRPC APIs
#

from roundup.exceptions import Unauthorised
from roundup import hyperdb


class Action:
    def __init__(self, db, translator):
        self.db = db
        self.translator = translator

    def handle(self, *args):
        """Action handler procedure"""
        raise NotImplementedError

    def execute(self, *args):
        """Execute the action specified by this object."""

        self.permission(*args)
        return self.handle(*args)

    def permission(self, *args):
        """Check whether the user has permission to execute this action.

        If not, raise Unauthorised."""

        pass

    def gettext(self, msgid):
        """Return the localized translation of msgid"""
        return self.translator.gettext(msgid)

    _ = gettext


class PermCheck(Action):
    def permission(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)
        perm = self.db.security.hasPermission

        if not perm('Retire', self.db.getuid(), classname=classname,
                    itemid=itemid):
            raise Unauthorised(self._('You do not have permission to retire '
                                      'or restore the %(classname)s class.')
                               % locals())


class Retire(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # make sure we don't try to retire admin or anonymous
        if (classname == 'user' and
               self.db.user.get(itemid, 'username') in ('admin', 'anonymous')):
            raise ValueError(self._(
                'You may not retire the admin or anonymous user'))

        # do the retire
        self.db.getclass(classname).retire(itemid)
        self.db.commit()


class Restore(PermCheck):

    def handle(self, designator):

        classname, itemid = hyperdb.splitDesignator(designator)

        # do the restore
        self.db.getclass(classname).restore(itemid)
        self.db.commit()
Roundup Issue Tracker: http://roundup-tracker.org/