Ticket #1583: special_group.patch

1.0/turbogears/identity/saprovider.py

@@ -21 +21 @@
-# these will be set when the Provider is initialised.
-user_class = None
-group_class = None
+special_group_class = None
-permission_class = None
-visit_class = None
-
@@ -64 +65 @@
-        except AttributeError:
-            # Permissions haven't been computed yet
-            pass
+        permissions = []
+        for g in session.query(special_group_class).all():
+            if g.predicate.eval_with_object(self):
+                permissions.extend([p.permission_name for p in g.permissions])
-        if not self.user:
-
+permissions
-        else:
-
+permissions + 
-                    p.permission_name for p in self.user.permissions])
-        return self._permissions
-    permissions = property(_get_permissions)
@@ -85 +90 @@
-        return self._groups
-    groups = property(_get_groups)
-
+    def _get_special_groups(self):
+        try:
+            return self._special_groups
+        except AttributeError:
+            # Special groups haven't been computed yet
+            pass
+        special_groups = session.query(special_group_class).all()
+        self._special_groups = frozenset([group.group_name for group in special_groups if group.predicate.eval_with_object(self)])
+        return self._special_groups
+    special_groups = property(_get_special_groups)
+
-    def logout(self):
-        '''
-        Remove the link between this identity and the visit.
@@ -113 +129 @@
-        super(SqlAlchemyIdentityProvider, self).__init__()
-        get=turbogears.config.get
-
-
+special_group_class, 
-
-        user_class_path = get("identity.saprovider.model.user",
-                              None)
@@ -121 +137 @@
-        group_class_path = get("identity.saprovider.model.group",
-                                None)
-        group_class = load_class(group_class_path)
+        special_group_class_path = get("identity.saprovider.model.special_group",
+                                        None)
+        special_group_class = load_class(special_group_class_path)
-        permission_class_path = get("identity.saprovider.model.permission",
-                                    None)
-        permission_class = load_class(permission_class_path)
@@ -139 +158 @@
-        '''
-        class_mapper(user_class).local_table.create(checkfirst=True)
-        class_mapper(group_class).local_table.create(checkfirst=True)
+        class_mapper(special_group_class).local_table.create(checkfirst=True)
-        class_mapper(permission_class).local_table.create(checkfirst=True)
-        class_mapper(visit_class).local_table.create(checkfirst=True)
-

1.0/turbogears/qstemplates/quickstart/+package+/model.py_tmpl

@@ -7 +7 @@
-#end if
-#if $sqlalchemy == 'True'
-from sqlalchemy import (Table, Column, String, DateTime, Date, Integer,
-
+, PickleType
-#if $elixir == 'True'
-from elixir import *
-#end if
@@ -171 +171 @@
-    Column('created', DateTime, default=datetime.now)
-)
-
+special_groups_table = Table('tg_special_group', metadata,
+    Column('special_group_id', Integer, primary_key=True),
+    Column('group_name', Unicode(16), unique=True),
+    Column('display_name', Unicode(255)),
+    Column('created', DateTime, default=datetime.now),
+    Column('predicate', PickleType)
+)
+
-users_table = Table('tg_user', metadata,
-    Column('user_id', Integer, primary_key=True),
-    Column('user_name', Unicode(16), unique=True),
@@ -200 +208 @@
-        onupdate="CASCADE", ondelete="CASCADE"))
-)
-
+special_group_permission_table = Table('special_group_permission', metadata,
+    Column('special_group_id', Integer, ForeignKey('tg_special_group.special_group_id',
+        onupdate="CASCADE", ondelete="CASCADE")),
+    Column('permission_id', Integer, ForeignKey('permission.permission_id',
+        onupdate="CASCADE", ondelete="CASCADE"))
+)
+
-#
-# identity model
-#
@@ -223 +238 @@
-    """
-    pass
-
+class SpecialGroup(object):
+    """
+    An ultra-simple special group definition.
+    """
+    pass
+
-class User(object):
-    """
-    Reasonably basic User definition. Probably would want additional
@@ -286 +307 @@
-        properties=dict(users=relation(User,
-                secondary=user_group_table, backref='groups')))
-
+mapper(SpecialGroup, special_groups_table)
+
-mapper(Permission, permissions_table,
-        properties=dict(groups=relation(Group,
-
+
+
+
-#end if
-#if $identity == "sqlalchemy" and $elixir == "True"
-#

1.0/turbogears/qstemplates/quickstart/+package+/config/app.cfg_tmpl

@@ -139 +139 @@
-# name using sqlmeta).
-identity.saprovider.model.user="${package}.model.User"
-identity.saprovider.model.group="${package}.model.Group"
+identity.saprovider.model.special_group="${package}.model.SpecialGroup"
-identity.saprovider.model.permission="${package}.model.Permission"
-
-# The password encryption algorithm used when comparing passwords against what's