modification pour la prise en compte du tag PagePublique

darcs-hash:20060424144554-4ec08-686c0ec07d8691c40e0396da8bd9486f5c9cf266.gz
2006-04-24 16:45:54 +02:00 · 2006-04-24 16:45:54 +02:00 · a79fd2d23c
commit a79fd2d23c
parent b98e50da32
1 changed files with 50 additions and 2 deletions
--- a/wiki/wikiacl.py
+++ b/wiki/wikiacl.py
@ -8,7 +8,13 @@
 """

 import re
-from MoinMoin import user
+from MoinMoin import user, search
+
+#### HACK SAUVAGE 1/4
+import sys
+sys.path.append('/usr/scripts/gestion/')
+from iptools import is_crans
+#### FIN DU HACK 1/4

 class AccessControlList:
    ''' Access Control List
@ -111,7 +117,10 @@ class AccessControlList:
           Default: ["read", "write", "delete", "admin"]
    '''

-    special_users = ["All", "Known", "Trusted"]
+    #special_users = ["All", "Known", "Trusted"]
+    #### HACK SAUVAGE 2/4
+    special_users = ["All", "Known", "Trusted", "Crans", "NoCrans"]
+    #### FIN DU HACK 2/4

    def __init__(self, request, lines=[]):
        """Initialize an ACL, starting from <nothing>.
@ -217,6 +226,8 @@ class AccessControlList:
        return ''.join(["%s%s%s" % (b,l,e) for l in self.acl_lines])

    def _special_All(self, request, name, dowhat, rightsdict):
+        if dowhat == "read" and is_page_public(request):
+            return True
        return rightsdict.get(dowhat)

    def _special_Known(self, request, name, dowhat, rightsdict):
@ -228,6 +239,30 @@ class AccessControlList:
            return rightsdict.get(dowhat)
        return None
    
+    #### HACK SAUVAGE 3/4
+    def _requete_interne(self, request):
+        try:
+            if is_crans(request.remote_addr) and (request.remote_addr != u'138.231.136.3' or is_crans(request.mpyreq.headers_in['X-Forwarded-For'].split(",")[-1].strip())):
+                return True
+        except:
+            pass
+
+        return False
+            
+
+    def _special_Crans(self, request, name, dowhat, rightsdict):
+        if self._requete_interne(request):
+            return rightsdict.get(dowhat)
+        return None
+
+    def _special_NoCrans(self, request, name, dowhat, rightsdict):
+        if dowhat == "read" and is_page_public(request):
+            return True
+        if not self._requete_interne(request):
+            return rightsdict.get(dowhat)
+        return None
+    #### FIN Du HACK 3/4
+
    def _special_Trusted(self, request, name, dowhat, rightsdict):
        """ check if user <name> is known AND even has logged in using a password.
            does not work for subsription emails that should be sent to <user>,
@ -357,3 +392,16 @@ def parseACL(request, body):
            acl_lines.append(args)
    return AccessControlList(request, acl_lines)

+#### HACK SAUVAGE 4/4
+def is_page_public(request):
+    #return True
+    ## On recherche si la page est publique
+    this_page = request.page.page_name
+    query = search.QueryParser().parse_query(u'CatégoriePagePublique')
+    page = search.Page(request, this_page)
+    result = query.search(page)
+    if result:
+        return True
+    else:
+        return None
+#### FIn DU HACK 4/4