123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118 |
- include "modelling.alh"
- include "library.alh"
- Element core = ?
- Void function main():
- // Initialize the Core Formalism
- String core_location
- String admin_group
- String admin_user
- core_location = "models/CoreFormalism"
- // Create the Model itself and make public
- core = instantiate_model(import_node(core_location))
- // Create admin group
- admin_group = instantiate_node(core, "Group", "")
- instantiate_attribute(core, admin_group, "name", "admin")
- // Create admin user
- admin_user = instantiate_node(core, "User", "")
- instantiate_attribute(core, admin_user, "name", get_username())
- instantiate_attribute(core, admin_user, "admin", True)
- // Create link between admin user and group
- instantiate_link(core, "ownedBy", "", admin_group, admin_user)
- instantiate_link(core, "belongsTo", "", admin_user, admin_group)
- // Add the core formalism already
- core_model = instantiate_node(core, "Model", "")
- instantiate_attribute(core, core_model, "name", "CoreFormalism")
- instantiate_attribute(core, core_model, "location", core_location)
- instantiate_attribute(core, core_model, "permissions", "330")
- // Make necessary links for the formalism to the owners
- instantiate_link(core, "group", "", core_model, admin_group)
- instantiate_link(core, "owner", "", core_model, admin_user)
- // Switch all new users to the user_function
- // This accesses the bootstrap level, so do not change this unless you know what you are doing
- Element root
- root = read_root()
- dict_del(root["__hierarchy"], "__IP")
- dict_add(root["__hierarchy"], "__IP", user_function)
- // Call this for ourselves as well
- user_function_skip_init(admin_user)
- // Done, so finish up
- // Admin user will have been deleted by the user_function as usual
- // Note that if there are no admin users left, it will be very difficult to manage, as nobody will have admin permissions!
- return !
- Integer function get_relation_to_model(user_id : String, model_id : String):
- if (set_in(allAssociationDestinations(core, model_id, "owner"), user_id)):
- // We are the owner
- return 0!
- else:
- String group_id
- group_id = set_pop(allAssociationDestinations(core, model_id, "group"))
- if (set_in(allAssociationDestinations(core, user_id, "belongsTo"), group_id)):
- // We are in the owning group
- return 1!
- else:
- // We are not related whatsoever
- return 2!
- Boolean function allow_read(user_id : String, model_id : String):
- if (read_attribute(core, user_id, "admin")):
- // Is admin, so always allow
- return True!
- else:
- // Check permissions
- String permission
- permission = string_get(read_attribute(core, model_id, "permissions"), get_relation_to_model(user_id, model_id))
- if (bool_or(permission == "1", permission == "3")):
- return True!
- else:
- return False!
- Boolean function allow_write(user_id : String, model_id : String):
- if (read_attribute(core, user_id, "admin")):
- // Is admin, so always allow
- return True!
- else:
- // Check permissions
- String permission
- permission = string_get(read_attribute(core, model_id, "permissions"), get_relation_to_model(user_id, model_id))
- if (bool_or(permission == "2", permission == "3")):
- return True!
- else:
- return False!
- Void function user_function():
- // Add user to Core Formalism
- String user_id
- user_id = instantiate_node(core, "User", "")
- instantiate_attribute(core, user_id, "name", get_username())
- instantiate_attribute(core, user_id, "admin", False)
- // Now call with user created
- user_function_skip_init(user_id)
- // User destroyed already, so just stop execution
- return !
- Void function user_function_skip_init(user_id : String)
- Boolean do_continue
- do_continue = True
- while (do_continue):
- // TODO model management interface with access control restrictions
- // Delete user from Core Formalism
- return !
|