CKAN-Extensions
/
ckanext-privatedatasets
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Minor changes

This commit is contained in:
Aitor Magán 2014-07-15 17:51:13 +02:00
parent ee25e8f9a6
commit 07f6e1e7af
3 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ckanext/privatedatasets/actions.py
View File

@ -44,11 +44,11 @@ def package_adquired(context, request_data):
dataset = plugins.toolkit.get_action('package_show')({'ignore_auth': True, constants.CONTEXT_CALLBACK: True}, {'id': dataset_id}) dataset = plugins.toolkit.get_action('package_show')({'ignore_auth': True, constants.CONTEXT_CALLBACK: True}, {'id': dataset_id})
# Create the array # Create the array if it does not exist
if constants.ALLOWED_USERS not in dataset or dataset[constants.ALLOWED_USERS] is None: if constants.ALLOWED_USERS not in dataset or dataset[constants.ALLOWED_USERS] is None:
dataset[constants.ALLOWED_USERS] = [] dataset[constants.ALLOWED_USERS] = []
# Add the user only if he/she is not in the list # Add the user only if it is not in the list
if user_info['user'] not in dataset[constants.ALLOWED_USERS]: if user_info['user'] not in dataset[constants.ALLOWED_USERS]:
dataset[constants.ALLOWED_USERS].append(user_info['user']) dataset[constants.ALLOWED_USERS].append(user_info['user'])
plugins.toolkit.get_action('package_update')({'ignore_auth': True}, dataset) plugins.toolkit.get_action('package_update')({'ignore_auth': True}, dataset)

4
ckanext/privatedatasets/auth.py
View File

@ -13,7 +13,7 @@ def package_show(context, data_dict):
user_obj = context.get('auth_user_obj') user_obj = context.get('auth_user_obj')
package = logic_auth.get_package_object(context, data_dict) package = logic_auth.get_package_object(context, data_dict)
# datasets can be readed by it creator # datasets can be read by its creator
if package and user_obj and package.creator_user_id == user_obj.id: if package and user_obj and package.creator_user_id == user_obj.id:
return {'success': True} return {'success': True}
@ -36,6 +36,7 @@ def package_show(context, data_dict):
# Init the model # Init the model
db.init_db(context['model']) db.init_db(context['model'])
# Branch not executed if the database return an empty list
if db.AllowedUser.get(package_id=package.id, user_name=user): if db.AllowedUser.get(package_id=package.id, user_name=user):
authorized = True authorized = True
@ -86,6 +87,7 @@ def resource_show(context, data_dict):
# function instead the one defined in the plugin. # function instead the one defined in the plugin.
# A bug is openend in order to be able to remove this function # A bug is openend in order to be able to remove this function
# https://github.com/ckan/ckan/issues/1818 # https://github.com/ckan/ckan/issues/1818
# It's fixed now, so this function can be deleted when the new version is released.
_model = context['model'] _model = context['model']
user = context.get('user') user = context.get('user')
resource = logic_auth.get_resource_object(context, data_dict) resource = logic_auth.get_resource_object(context, data_dict)

5
ckanext/privatedatasets/plugin.py
View File

@ -193,7 +193,10 @@ class PrivateDatasets(p.SingletonPlugin, tk.DefaultDatasetForm):
user_obj = context.get('auth_user_obj') user_obj = context.get('auth_user_obj')
updating_via_api = context.get(constants.CONTEXT_CALLBACK, False) updating_via_api = context.get(constants.CONTEXT_CALLBACK, False)
# Only the package creator can update it # allowed_users, searchable and adquire_url fileds can be only viewed by:
# * the dataset creator
# * the sysadmin
# * users allowed to update the allowed_users list via the notification API
if not updating_via_api and (not user_obj or (pkg_dict['creator_user_id'] != user_obj.id and not user_obj.sysadmin)): if not updating_via_api and (not user_obj or (pkg_dict['creator_user_id'] != user_obj.id and not user_obj.sysadmin)):
attrs = [constants.ALLOWED_USERS, constants.SEARCHABLE, constants.ADQUIRE_URL] attrs = [constants.ALLOWED_USERS, constants.SEARCHABLE, constants.ADQUIRE_URL]
for attr in attrs: for attr in attrs: