|
|
@@ -1,23 +1,117 @@
|
|
|
+include "modelling.alh"
|
|
|
+include "library.alh"
|
|
|
+
|
|
|
+Element core = ?
|
|
|
+
|
|
|
Void function main():
|
|
|
// Initialize the Core Formalism
|
|
|
+ String core_location
|
|
|
+ String admin_group
|
|
|
+ String admin_user
|
|
|
+
|
|
|
+ core_location = "models/CoreFormalism"
|
|
|
+
|
|
|
+ // Create the Model itself and make public
|
|
|
+ core = instantiate_model(import_node(core_location))
|
|
|
|
|
|
- // Create the Model itself
|
|
|
- // TODO
|
|
|
+ // Create admin group
|
|
|
+ admin_group = instantiate_node(core, "Group", "")
|
|
|
+ instantiate_attribute(core, admin_group, "name", "admin")
|
|
|
|
|
|
- // Make us an admin user
|
|
|
- // TODO
|
|
|
+ // Create admin user
|
|
|
+ admin_user = instantiate_node(core, "User", "")
|
|
|
+ instantiate_attribute(core, admin_user, "name", get_username())
|
|
|
+ instantiate_attribute(core, admin_user, "admin", True)
|
|
|
+
|
|
|
+ // Create link between admin user and group
|
|
|
+ instantiate_link(core, "ownedBy", "", admin_group, admin_user)
|
|
|
+ instantiate_link(core, "belongsTo", "", admin_user, admin_group)
|
|
|
+
|
|
|
+ // Add the core formalism already
|
|
|
+ core_model = instantiate_node(core, "Model", "")
|
|
|
+ instantiate_attribute(core, core_model, "name", "CoreFormalism")
|
|
|
+ instantiate_attribute(core, core_model, "location", core_location)
|
|
|
+ instantiate_attribute(core, core_model, "permissions", "330")
|
|
|
+
|
|
|
+ // Make necessary links for the formalism to the owners
|
|
|
+ instantiate_link(core, "group", "", core_model, admin_group)
|
|
|
+ instantiate_link(core, "owner", "", core_model, admin_user)
|
|
|
|
|
|
// Switch all new users to the user_function
|
|
|
- // TODO
|
|
|
+ // This accesses the bootstrap level, so do not change this unless you know what you are doing
|
|
|
+ Element root
|
|
|
+ root = read_root()
|
|
|
+ dict_del(root["__hierarchy"], "__IP")
|
|
|
+ dict_add(root["__hierarchy"], "__IP", user_function)
|
|
|
|
|
|
// Call this for ourselves as well
|
|
|
- user_function()
|
|
|
+ user_function_skip_init(admin_user)
|
|
|
|
|
|
// Done, so finish up
|
|
|
+ // Admin user will have been deleted by the user_function as usual
|
|
|
+ // Note that if there are no admin users left, it will be very difficult to manage, as nobody will have admin permissions!
|
|
|
return !
|
|
|
|
|
|
+Integer function get_relation_to_model(user_id : String, model_id : String):
|
|
|
+ if (set_in(allAssociationDestinations(core, model_id, "owner"), user_id)):
|
|
|
+ // We are the owner
|
|
|
+ return 0!
|
|
|
+ else:
|
|
|
+ String group_id
|
|
|
+ group_id = set_pop(allAssociationDestinations(core, model_id, "group"))
|
|
|
+ if (set_in(allAssociationDestinations(core, user_id, "belongsTo"), group_id)):
|
|
|
+ // We are in the owning group
|
|
|
+ return 1!
|
|
|
+ else:
|
|
|
+ // We are not related whatsoever
|
|
|
+ return 2!
|
|
|
+
|
|
|
+Boolean function allow_read(user_id : String, model_id : String):
|
|
|
+ if (read_attribute(core, user_id, "admin")):
|
|
|
+ // Is admin, so always allow
|
|
|
+ return True!
|
|
|
+ else:
|
|
|
+ // Check permissions
|
|
|
+ String permission
|
|
|
+ permission = string_get(read_attribute(core, model_id, "permissions"), get_relation_to_model(user_id, model_id))
|
|
|
+ if (bool_or(permission == "1", permission == "3")):
|
|
|
+ return True!
|
|
|
+ else:
|
|
|
+ return False!
|
|
|
+
|
|
|
+Boolean function allow_write(user_id : String, model_id : String):
|
|
|
+ if (read_attribute(core, user_id, "admin")):
|
|
|
+ // Is admin, so always allow
|
|
|
+ return True!
|
|
|
+ else:
|
|
|
+ // Check permissions
|
|
|
+ String permission
|
|
|
+ permission = string_get(read_attribute(core, model_id, "permissions"), get_relation_to_model(user_id, model_id))
|
|
|
+ if (bool_or(permission == "2", permission == "3")):
|
|
|
+ return True!
|
|
|
+ else:
|
|
|
+ return False!
|
|
|
+
|
|
|
Void function user_function():
|
|
|
// Add user to Core Formalism
|
|
|
+ String user_id
|
|
|
+ user_id = instantiate_node(core, "User", "")
|
|
|
+ instantiate_attribute(core, user_id, "name", get_username())
|
|
|
+ instantiate_attribute(core, user_id, "admin", False)
|
|
|
+
|
|
|
+ // Now call with user created
|
|
|
+ user_function_skip_init(user_id)
|
|
|
+
|
|
|
+ // User destroyed already, so just stop execution
|
|
|
+ return !
|
|
|
+
|
|
|
+Void function user_function_skip_init(user_id : String)
|
|
|
+ Boolean do_continue
|
|
|
+
|
|
|
+ do_continue = True
|
|
|
+
|
|
|
+ while (do_continue):
|
|
|
+ // TODO model management interface with access control restrictions
|
|
|
|
|
|
// Delete user from Core Formalism
|
|
|
return !
|
