Mercurial > p > roundup > code
view roundup/actions.py @ 7971:fe0348bbe45b
issue2551353 - Add roundup-classhelper for 2.4.0 release
Changes to the classic template are not done yet. Still testing.
This commit has document updates and changes to rest.py.
rest.py:
add /rest/data/user/role endpoint to core so the user doesn't have
to add the /rest/roles endpoint via interfaces.py. It will only send
roles for a user with Admin role and there is no way to override
this currently.
acknowledgements.txt:
Added members of team3 to other contributors. Specified for all
other contributes what they worked on.
upgrading.txt:
added classhelper section and basic template change
directions. Linked to admin_guide for full directions.
admin_guide.txt:
documented install, translation, troubleshooting, config etc.
user_guide.txt:
added section on using the classhelper. Added reference to section
earlier in the doc. Added image for section.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 21 May 2024 01:17:28 -0400 |
| parents | 1287b0c3d261 |
| children |
line wrap: on
line source
# # Copyright (C) 2009 Stefan Seefeld # All rights reserved. # For license terms see the file COPYING.txt. # Actions used in REST and XMLRPC APIs # from roundup import hyperdb from roundup.exceptions import Unauthorised class Action: def __init__(self, db, translator): self.db = db self.translator = translator def handle(self, *args): """Action handler procedure""" raise NotImplementedError def execute(self, *args): """Execute the action specified by this object.""" self.permission(*args) return self.handle(*args) def permission(self, *args): """Check whether the user has permission to execute this action. If not, raise Unauthorised.""" pass def gettext(self, msgid): """Return the localized translation of msgid""" return self.translator.gettext(msgid) _ = gettext class PermCheck(Action): def permission(self, designator): classname, itemid = hyperdb.splitDesignator(designator) perm = self.db.security.hasPermission if not perm('Retire', self.db.getuid(), classname=classname, itemid=itemid): raise Unauthorised(self._('You do not have permission to retire ' 'or restore the %(classname)s class.') % locals()) class Retire(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # make sure we don't try to retire admin or anonymous if (classname == 'user' and self.db.user.get(itemid, 'username') in ('admin', 'anonymous')): raise ValueError(self._( 'You may not retire the admin or anonymous user')) # do the retire self.db.getclass(classname).retire(itemid) self.db.commit() class Restore(PermCheck): def handle(self, designator): classname, itemid = hyperdb.splitDesignator(designator) # do the restore self.db.getclass(classname).restore(itemid) self.db.commit()