seba
/
k4ever
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Plugin + API + Changing user works

Browse Source
master
seba 13 years ago
parent 8e0ad87341
commit a1052df608
7 changed files with 194 additions and 14 deletions
Show Stats Download Patch File Download Diff File

13
devel/README
Unescape View File

@ -0,0 +1,13 @@
Kassensystem
Installation Process
====================
- edit settings.py for database
- Add Usergroups: ('Normal User', 'Plugin') ( to be renamed)
- ./manage.py syncdb
API
===

66
k4ever/api2/decorators.py
Unescape View File

@ -1,6 +1,9 @@
from functools import wraps from functools import wraps
from django.contrib.auth.models import User, Group
from piston.utils import rc
from main.models import Plugin, PluginPermission
def changeUserOnPlugin(apiFunc): def manglePluginPerms(apiFunc):
""" Changes to a given user when the authenticated user is an plugin """ Changes to a given user when the authenticated user is an plugin
When the user which called the apifunc is an plugin this function When the user which called the apifunc is an plugin this function
@ -15,9 +18,66 @@ def changeUserOnPlugin(apiFunc):
@wraps(apiFunc) @wraps(apiFunc)
def wrapper(self, request, *args, **kwargs): def wrapper(self, request, *args, **kwargs):
return self.apiFunc(request, *args, **kwargs) if request.method != 'GET':
if not request.content_type:
request.data = request.POST
else:
request.data = request.GET
# 0. is user a plugin?
try:
group = request.user.groups.get(name="Plugin")
except Group.DoesNotExist:
# user is not a plugin, exec the apiFunc
return apiFunc(self, request, *args, **kwargs)
# get the plugin for the user
# FIXME: Could throw exception when we have no plugin for the
# user - where should we report this?
plugin = Plugin.objects.get(user=request.user)
# 1. find user!
user = None
try:
user = User.objects.get(username=request.data.get('user', ''))
except User.DoesNotExist:
ret = rc.NOT_HERE
ret.write("\nThe user you requested could not be found\n")
return ret
# 2. does the plugin has permission for this user?
perms = None
try:
perms = PluginPermission.objects.get(user=user, plugin=plugin)
except PluginPermission.DoesNotExist:
ret = rc.FORBIDDEN
ret.write("\nThe user did not grant you permission to act on his behalf\n")
return ret
# 3. put stuff into the request
request.user = user
request.plugin = plugin
return apiFunc(self, request, *args, **kwargs)
return wrapper return wrapper
def requirePlugin(apiFunc):
"""Check if user is a plugin.
Checks if the user is a member of the "Plugin" Group. Returns a rc.FORBIDDEN
if not.
"""
@wraps(apiFunc)
def wrapper(self, request, *args, **kwargs):
try:
if request.user:
group = request.user.groups.get(name="Plugin")
# no exception, exec apiFunc!
return apiFunc(self, request, *args, **kwargs)
except Groups.DoesNotExist:
pass
ret = rc.FORBIDDEN
return rc.FORBIDDEN
return wrapper

10
k4ever/api2/handlers.py
Unescape View File

@ -2,11 +2,12 @@ from piston.handler import BaseHandler
from piston.utils import rc from piston.utils import rc
from k4ever.buyable.models import * from k4ever.buyable.models import *
from k4ever.transaction.models import * from k4ever.transaction.models import *
from decorators import changeUserOnPlugin from django.contrib.auth.decorators import user_passes_test
from django.contrib.auth.models import Group
from decorators import *
from decimal import Decimal, InvalidOperation from decimal import Decimal, InvalidOperation
import datetime import datetime
def getInt(d, key, default): def getInt(d, key, default):
try: try:
return int(d.get(key, default)) return int(d.get(key, default))
@ -39,6 +40,7 @@ class BuyableItemHandler(BaseHandler):
error.write("This buyable does not exist in our database") error.write("This buyable does not exist in our database")
return error return error
@manglePluginPerms
def create(self, request, itemId=None): def create(self, request, itemId=None):
if not request.content_type: if not request.content_type:
request.data = request.POST request.data = request.POST
@ -81,6 +83,7 @@ class TransactionTransactHandler(BaseHandler):
model = Transaction model = Transaction
fields = ('amount', 'dateTime', 'checked', ('transactionType', ('id', 'name'))) fields = ('amount', 'dateTime', 'checked', ('transactionType', ('id', 'name')))
@manglePluginPerms
def read(self, request): def read(self, request):
num = getInt(request.GET, 'num', 0) num = getInt(request.GET, 'num', 0)
if num < 0: if num < 0:
@ -91,6 +94,7 @@ class TransactionTransactHandler(BaseHandler):
return userTrans[:num] return userTrans[:num]
return userTrans return userTrans
@manglePluginPerms
def create(self, request): def create(self, request):
amount = getDecimal(request.POST, 'amount', Decimal(0)) amount = getDecimal(request.POST, 'amount', Decimal(0))
tTypeId = getInt(request.POST, 'type', -1) tTypeId = getInt(request.POST, 'type', -1)
@ -121,6 +125,8 @@ class TransactionTypeHandler(BaseHandler):
class AccountBalanceHandler(BaseHandler): class AccountBalanceHandler(BaseHandler):
allowed_methods = ('GET',) allowed_methods = ('GET',)
@manglePluginPerms
def read(self, request): def read(self, request):
balance = request.user.get_profile().balance balance = request.user.get_profile().balance
return {'balance': balance} return {'balance': balance}

4
k4ever/main/admin.py
Unescape View File

@ -1,5 +1,7 @@
from models import UserProfile from models import UserProfile, Plugin, PluginPermission
from django.contrib import admin from django.contrib import admin
admin.site.register(UserProfile) admin.site.register(UserProfile)
admin.site.register(Plugin)
admin.site.register(PluginPermission)

21
k4ever/main/models.py
Unescape View File

@ -18,12 +18,21 @@ def createUserProfile(sender, instance, created, **kwargs):
post_save.connect(createUserProfile, sender=User) post_save.connect(createUserProfile, sender=User)
class PluginPermission(models.Model):
user = models.ForeignKey(User)
plugin = models.ForeignKey('Plugin')
authBlob = models.TextField()
class Plugin(models.Model): class Plugin(models.Model):
user = models.ForeignKey(User) name = models.CharField(max_length=40)
user = models.ForeignKey(User, unique=True)
author = models.CharField(max_length=40)
version = models.CharField(max_length=40)
descr = models.TextField(default='')
uniqueAuthblob = models.BooleanField(default=False) uniqueAuthblob = models.BooleanField(default=False)
def __unicode__(self):
return self.name
class PluginPermission(models.Model):
user = models.ForeignKey(User)
plugin = models.ForeignKey('Plugin')
authBlob = models.TextField(default='')
def __unicode__(self):
return "%s allows %s" % (self.user, self.plugin)

87
k4ever/main/templates/settings/settings.html
Unescape View File

@ -7,6 +7,91 @@
<br /> <br />
<br /> <br />
<br /> <br />
<h2>Plugin permissions</h2> <h2>Plugin Berechtigungen</h2>
<hr /> <hr />
<p>
<form method="POST" action="/settings/plugins/addperm/">
<select name="pid">
<option value="0"> ----- </option>
{% for plugin in unallowedplugins %}
<option value="{{ plugin.id }}">{{ plugin.name }}</option>
{% endfor %}
</select>
<input type="submit" value="Plugin erlauben">
</form>
</p>
<p>
<table>
<tr>
<th>Name</th>
<th>AuthBlob</th>
<th>Optionen</th>
</tr>
{% if pluginpermissions %}
{% for pperm in pluginpermissions %}
{% if pperm.plugin in plugins %}
end test
{% endif %}
<tr style="background: green">
<td style="vertical-align:middle">{{ pperm.plugin }}</td>
<td style="vertical-align:middle">
<form method="post" action="">
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
<input type="submit" value="Speichern" />
</form>
</td>
<td style="vertical-align:middle">
<form method="post" action="">
<input type="submit" value="Berechtigungen aufheben" />
</form>
<td>
</tr>
{% endfor %}
{% else %}
<tr>
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gew&auml;hrt</td>
</tr>
{% endif %}
</table>
Perms {{ pluginpermissions }} <br />
<br /><br />
<h2>Second Idea for Plugin interface</h2>
<hr />
<p>
<table>
<tr>
<th>Name</th>
<th>AuthBlob</th>
<th>Optionen</th>
</tr>
{% if pluginpermissions %}
{% for plugin in plugins %}
<tr style="{%if plugin in unallowedplugins%}background:red{%else%}background: green{%endif%}">
<td style="vertical-align:middle">{{ plugin }}</td>
<td style="vertical-align:middle">
{%if plugin not in unallowedplugins %}
<form method="post" action="">
<textarea name="authblob">{{ pperm.authBlob }}</textarea>
<input type="submit" value="Speichern" />
</form>
{%endif%}
</td>
<td style="vertical-align:middle">
<form method="post" action="">
{%if plugin in unallowedplugins %}
<input type="submit" value="Berechtigungen hinzuf&uuml;gen" />
{%else%}
<input type="submit" value="Berechtigungen aufheben" />
{%endif%}
</form>
<td>
</tr>
{% endfor %}
{% else %}
<tr>
<td align="center" colspan="10">Du hast bisher keinem Plugin zugriff auf deinen Account gew&auml;hrt</td>
</tr>
{% endif %}
</table>
</p>
{% endblock %} {% endblock %}

7
k4ever/main/views.py
Unescape View File

@ -2,6 +2,8 @@ from django.shortcuts import render_to_response
from django.template import RequestContext from django.template import RequestContext
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.db.models import Count from django.db.models import Count
from main.models import Plugin, PluginPermission
from buyable.models import Purchase, Buyable from buyable.models import Purchase, Buyable
@ -20,4 +22,7 @@ def register(request):
@login_required @login_required
def settings(request): def settings(request):
return render_to_response("settings/settings.html", RequestContext(request)) plugins = Plugin.objects.all()
unallowed = Plugin.objects.exclude(pluginpermission__user=request.user)
perms = PluginPermission.objects.filter(user=request.user)
return render_to_response("settings/settings.html", {'plugins': plugins, 'unallowedplugins': unallowed, 'pluginpermissions': perms}, RequestContext(request))

Write Preview
Loading…
Cancel
Save