Commit d91f839b authored by LE GAC Renaud's avatar LE GAC Renaud
Browse files

Simplify the model by introducing the module auth.py.

parent e810b014
......@@ -3,7 +3,7 @@
.pydevproject
*.pyc
.settings/
_db*.py*
_*db*.py*
cache/
cron/
databases
......
......@@ -2,6 +2,9 @@
""" Controllers
"""
from plugin_event import ADMIN
@auth.requires(True, requires_login=not request.is_local)
def index():
"""Main Controller to run the application launching the plugin dbui.
......
# -*- coding: utf-8 -*-
""" access
setup the connection to the databases.
Define constants for the different role
"""
# Migration flags
MIGRATE = False
MIGRATE_USER = False
# Roles
ID_ADMIN, ADMIN, DEF_ADMIN = 1, "admin", "administrators, team leader,..."
ID_USER, USER, DEF_USER = 2, "user", "project leader,..."
#.............................................................................
#
# MYSQL database
#
try:
mysql = DBURIS[request.application]
db = DAL(mysql, lazy_tables=False, migrate_enabled=MIGRATE, pool_size=10)
except:
raise HTTP(500, T("Can't access the MySQL database !!!"))
#.............................................................................
#
# virtual database
#
virtdb = DAL(None)
# -*- coding: utf-8 -*-
""" authentication
user identification and role
"""
from gluon.tools import Auth
#
# User logging
# Approval is required for newly registered users
#
auth = Auth(db, hmac_key=Auth.get_or_create_key())
auth.define_tables(migrate=MIGRATE_USER)
auth.settings.create_user_groups = False
auth.settings.mailer = None
auth.settings.registration_requires_approval = True
auth.settings.registration_requires_verification = False
auth.settings.remember_me_form = False
auth.settings.reset_password_requires_verification = True
# go to the login page after change password, logout and registration
auth.settings.change_password_next = URL('user', args='login')
auth.settings.logout_next = URL('user', args='login')
auth.settings.register_next = URL('user', args='login')
# create user and admin groups
if not db(db.auth_group.id).count():
db.auth_group.insert(id=ID_ADMIN, role=ADMIN, description=T(DEF_ADMIN))
db.auth_group.insert(id=ID_USER, role=USER, description=T(DEF_USER))
# Newly registered users go in the user group
auth.settings.everybody_group_id = ID_USER
# The first user is auto approved and get all privilege (admin)
if not db(db.auth_user.id).count():
auth.settings.everybody_group_id = ID_ADMIN
auth.settings.registration_requires_approval = False
# tune authentication fields for the extJS interface
db.auth_user.registration_key.readable = True
db.auth_user.registration_key.writable = True
db.auth_membership.user_id.label = 'User'
db.auth_membership.group_id.label = 'Group'
db.auth_membership.user_id.requires = \
IS_IN_DB(db, 'auth_user.last_name')
# HACK
# JSON conversion of datetime failed in the action plugin_dbui.dbui_conf
# Convert the date in advance help
# TODO: implement a proper datetime conversion when running json.dumps()
db.auth_event.time_stamp.default = db.auth_event.time_stamp.default.isoformat()
db.auth_cas.created_on.default = db.auth_cas.created_on.default.isoformat()
# -*- coding: utf-8 -*-
""" Common settings
Model instantiate the database table as well as the UI configuration.
It is tune to only satisfy the need of the controller, function pair.
Instantiate the database connection, model database tables and configure the
user interface. It is tune to only satisfy the need of the controller,
function pair.
Note:
The model expose to controllers several global variables:
Expose to controllers several global variables:
* auth
* db
* virtdb
* directSvc
They can be retrieved in module via the protocol "current".
"""
from _mydb import DBURIS
from gluon import current
from plugin_dbui import (configure_forms,
configure_grids,
Dbui)
from plugin_event import (Core,
from plugin_event import (configure_auth,
Core,
CoreUi,
Event,
Report,
......@@ -23,9 +32,33 @@ from plugin_event import (Core,
Selector,
ViewportUi)
# ............................................................................
#
# Connection to databases
#
ctrl = request.controller
fnct = request.function
try:
mysql = DBURIS[request.application]
db = DAL(mysql,
lazy_tables=False,
migrate_enabled=False,
pool_size=10)
except RuntimeError:
raise HTTP(500, T("Can't access the MySQL database !!!"))
virtdb = DAL(None)
current.db = db
current.virtdb = virtdb
# ............................................................................
#
# Authentication
#
auth = configure_auth(db, migrate_user=False)
current.auth = auth
# ............................................................................
#
......@@ -40,8 +73,12 @@ T.lazy = True # lazy translation
#
# Plugin dbui configuration
#
is_dbui = (ctrl == "plugin_dbui") and \
fnct in ("debug", "documentations", "dbui_conf", "index")
ctrl = request.controller
fnct = request.function
is_dbui = \
(ctrl == "plugin_dbui") \
and fnct in ("debug", "documentations", "dbui_conf", "index")
if is_dbui:
Dbui.define_paths(
......@@ -67,8 +104,9 @@ if is_dbui:
# Create the database models
#
is_db = (ctrl == "plugin_dbui" and fnct in ("call", "csv", "dbui_conf")) \
or (ctrl == "plugin_event")
is_db = \
(ctrl == "plugin_dbui" and fnct in ("call", "csv", "dbui_conf")) \
or (ctrl == "plugin_event")
if is_db:
......
# -*- coding: utf-8 -*-
from auth import (ADMIN,
configure_auth,
ID_ADMIN,
ID_USER,
USER)
from callbacks import (INHIBIT_CASCADE_DELETE,
ON_CREATE_LISTS2,
ON_UPDATE_LISTS2)
......
# -*- coding: utf-8 -*-
""" auth
* Customise the authentication
"""
from gluon.html import URL
from gluon.tools import Auth
from gluon.validators import IS_IN_DB
# Constant for admin role
ID_ADMIN = 1
ADMIN = "admin"
DEF_ADMIN = "administrators, ..."
# constant for user role
ID_USER = 2
USER = "user",
DEF_USER = "team leader,,..."
def configure_auth(db, migrate_user=False):
"""Configure the authentication process
Args:
db (gluon.dal.DAL): database connection
migrate_user (bool):
Returns:
gluon.tools.Auth
"""
#
# User logging
# Approval is required for newly registered users
#
auth = Auth(db, hmac_key=Auth.get_or_create_key())
auth.define_tables(migrate=migrate_user)
auth.settings.create_user_groups = False
auth.settings.mailer = None
auth.settings.registration_requires_approval = True
auth.settings.registration_requires_verification = False
auth.settings.remember_me_form = False
auth.settings.reset_password_requires_verification = True
# go to the login page after change password, logout and registration
auth.settings.change_password_next = URL('user', args='login')
auth.settings.logout_next = URL('user', args='login')
auth.settings.register_next = URL('user', args='login')
# create user and admin groups
if not db(db.auth_group.id).count():
db.auth_group.insert(id=ID_ADMIN, role=ADMIN, description=T(DEF_ADMIN))
db.auth_group.insert(id=ID_USER, role=USER, description=T(DEF_USER))
# Newly registered users go in the user group
auth.settings.everybody_group_id = ID_USER
# The first user is auto approved and get all privilege (admin)
if not db(db.auth_user.id).count():
auth.settings.everybody_group_id = ID_ADMIN
auth.settings.registration_requires_approval = False
# tune authentication fields for the extJS interface
db.auth_user.registration_key.readable = True
db.auth_user.registration_key.writable = True
db.auth_membership.user_id.label = 'User'
db.auth_membership.group_id.label = 'Group'
db.auth_membership.user_id.requires = IS_IN_DB(db, 'auth_user.last_name')
# HACK
# JSON conversion of datetime failed in the action plugin_dbui.dbui_conf
# Convert the date in advance help
db.auth_event.time_stamp.default = \
db.auth_event.time_stamp.default.isoformat()
db.auth_cas.created_on.default = \
db.auth_cas.created_on.default.isoformat()
return auth
......@@ -7,7 +7,7 @@ import numpy as np
from callbacks import ON_CREATE_LISTS2, ON_UPDATE_LISTS2
from event import Event
from gluon import current, IS_IN_SET
from gluon import IS_IN_SET
from pydal import Field
......@@ -94,7 +94,7 @@ class Report(object):
pyDAL.Table
"""
migrate = current.globalenv["MIGRATE"]
migrate = db._migrate or db._migrate_enabled
table = db.define_table(
"lists2",
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment