[ckan harvester] Support for creating read-only packages

2011-11-18 14:30:10 +00:00 · 2011-11-18 14:30:10 +00:00 · 994590531e
parent c939d90dbb
commit 994590531e
2 changed files with 29 additions and 3 deletions
--- a/README.rst
+++ b/README.rst
@ -132,6 +132,12 @@ field. The currently supported configuration options are:
    needs to have permission for creating packages, and if default groups were
    defined, the user must have permission to assign packages to these groups.

+* read_only: Create harvested packages in read-only mode. Only the user who
+    performed the harvest (the one defined in the previous setting or the
+    'harvest' sysadmin) will be able to edit and administer the packages
+    created from this harvesting source. Logged in users and visitors will be
+    only able to read them.
+
 Here is an example of a configuration object (the one that must be entered in
 the configuration field)::

@ -139,7 +145,8 @@ the configuration field)::
     "api_version":"1",
     "default_tags":["new-tag-1","new-tag-2"],
     "default_groups":["my-own-group"],
-     "user":"harverster-user"
+     "user":"harverster-user",
+     "read_only": true
    }


@ -288,7 +295,7 @@ Finally, on a third console, run the following command to start any
 pending harvesting jobs::

      paster harvester run --config=../ckan/development.ini
-      
+
 After packages have been imported, the search index will have to be updated
 before the packages appear in search results (from the ckan directory):

--- a/ckanext/harvest/harvesters/ckanharvester.py
+++ b/ckanext/harvest/harvesters/ckanharvester.py
@ -234,7 +234,26 @@ class CKANHarvester(HarvesterBase):
                    package_dict['groups'] = []
                package_dict['groups'].extend([g for g in default_groups if g not in package_dict['groups']])

-            return self._create_or_update_package(package_dict,harvest_object)
+            result = self._create_or_update_package(package_dict,harvest_object)
+
+            if result and self.config.get('read_only',False) == True:
+
+                package = model.Package.get(package_dict['id'])
+
+                # Clear default permissions
+                model.clear_user_roles(package)
+
+                # Setup harvest user as admin
+                user_name = self.config.get('user',u'harvest')
+                user = model.User.get(user_name)
+                pkg_role = model.PackageRole(package=package, user=user, role=model.Role.ADMIN)
+
+                # Other users can only read
+                for user_name in (u'visitor',u'logged_in'):
+                    user = model.User.get(user_name)
+                    pkg_role = model.PackageRole(package=package, user=user, role=model.Role.READER)
+
+
        except ValidationError,e:
            self._save_object_error('Invalid package with GUID %s: %r' % (harvest_object.guid, e.error_dict),
                    harvest_object, 'Import')