Check folder permissions before read or write

bootstrap/core_algorithm.alc

@@ -19,6 +19,26 @@ String core_model_location = "models/core"
 Element core = ?
 Element caches
 
+String function get_foldername(name : String):
+	Element result
+	result = string_split(name, "/")
+	list_pop_final(result)
+
+	if (list_len(result) == 0):
+		return ""!
+
+	// 'result' now contains a list of entries which we have to join with the seperator
+	String str
+	str = list_pop(result, 0)
+
+	while (list_len(result) > 0):
+		str = string_join(str + "/", list_pop(result, 0))
+
+	return str!
+
+String function get_filename(name : String):
+	return list_pop_final(string_split(name, "/"))!
+
 String function full_name(model_id : String):
 	//if (dict_in(caches["full_name"], model_id)):
 	//	if (get_entry_id(caches["full_name"][model_id]) == model_id):
@@ -317,7 +337,7 @@ String function get_group_id(name : String):
 	
 	return ""!
 
-String function store_entry(model_id : String, full_name : String, user_id : String):
+String function create_folders(user_id : String, folder_name : String):
 	Element hierarchy
 	Integer i
 	String prev
@@ -325,17 +345,19 @@ String function store_entry(model_id : String, full_name : String, user_id : Str
 	String new_entry
 	String cummul
 
+	if (folder_name == ""):
+		return get_entry_id("")!
+
 	i = 0
-	hierarchy = string_split(full_name, "/")
+	hierarchy = string_split(folder_name, "/")
 	prev = get_entry_id("")
 	cummul = ""
 
 	// Go through folders first
-	while (i < list_len(hierarchy) - 1):
+	while (i < list_len(hierarchy)):
 		elem = list_read(hierarchy, i)
 		cummul = string_join(cummul + "/", elem)
 
-
 		if (get_entry_id(cummul) == ""):
 			// Element does not exist yet!
 			new_entry = instantiate_node(core, "Folder", "")
@@ -344,12 +366,19 @@ String function store_entry(model_id : String, full_name : String, user_id : Str
 			instantiate_link(core, "contains", "", prev, new_entry)
 			instantiate_link(core, "group", "", new_entry, get_group_id("nobody"))
 			instantiate_link(core, "owner", "", new_entry, user_id)
+
 		prev = get_entry_id(cummul)
 		i = i + 1
 
-	instantiate_link(core, "contains", "", prev, model_id)
+	log("Create of folders " + folder_name)
+	log("Results in " + prev)
+	return prev!
 
-	return list_pop_final(hierarchy)!
+String function store_entry(model_id : String, full_name : String, user_id : String):
+	String prev
+	prev = create_folders(user_id, get_foldername(full_name))
+	instantiate_link(core, "contains", "", prev, model_id)
+	return get_filename(full_name)!
 
 String function export_typing(model : Element, name : String, user_id : String):
 	String result
@@ -386,17 +415,12 @@ Void function model_create(model : Element, name : String, user_id : String, typ
 	instantiate_attribute(core, model_id, "name", store_entry(model_id, name, user_id))
 	instantiate_attribute(core, model_id, "location", location)
 	instantiate_attribute(core, model_id, "permissions", "200")
-	log("Owner")
 	instantiate_link(core, "owner", "", model_id, user_id)
-	log("Group")
 	instantiate_link(core, "group", "", model_id, get_group_id("nobody"))
-	log("type_id")
 	instance_of = instantiate_link(core, "instanceOf", "", model_id, type_id)
-	log("Semantics")
 	instantiate_link(core, "semantics", "", instance_of, get_entry_id("models/conformance_mv"))
 
 	// Create type mapping model
-	log("Typing")
 	instantiate_link(core, "typing", "", instance_of, export_typing(model, name, user_id))
 
 	return!
@@ -416,7 +440,6 @@ Void function model_overwrite(model : Element, model_id : String, metamodel_id :
 
 	// Update the instanceOf relation of the context in which we are working
 	String choice
-	log("Updating instanceOf in model_overwrite")
 	choice = get_instanceOf_link(model_id, metamodel_id)
 	if (element_neq(choice, read_root())):
 		// There was a link, so we remove it
@@ -841,19 +864,27 @@ String function cmd_model_add(user_id : String, type : String, name : String):
 		// Type exists
 		if (allow_read(user_id, type_id)):
 			// And is readable
-			if (get_entry_id(name) == ""):
-				// Model doesn't exist yet
-				Element mm
-				mm = get_full_model(type_id, get_entry_id("formalisms/SimpleClassDiagrams"))
-				if (element_eq(mm, read_root())):
-					return "Type is not typed by formalisms/SimpleClassDiagrams: " + type!
+			if (get_entry_id(get_foldername(name)) != ""):
+				// Folder doesn't exist yet!
+				if (allow_write(user_id, get_entry_id(get_foldername(name)))):
+					// Folder is writable
+					if (get_entry_id(name) == ""):
+						// Model doesn't exist yet
+						Element mm
+						mm = get_full_model(type_id, get_entry_id("formalisms/SimpleClassDiagrams"))
+						if (element_eq(mm, read_root())):
+							return "Type is not typed by formalisms/SimpleClassDiagrams: " + type!
 
-				output("Waiting for model constructors...")
-				new_model = construct_model_raw(mm)
-				model_create(new_model, name, user_id, type_id, "Model")
-				return "Success"!
+						output("Waiting for model constructors...")
+						new_model = construct_model_raw(mm)
+						model_create(new_model, name, user_id, type_id, "Model")
+						return "Success"!
+					else:
+						return "Model exists: " + name!
+				else:
+					return "Permission denied to folder: " + get_foldername(name)!
 			else:
-				return "Model exists: " + name!
+				return "No such folder: " + get_foldername(name)!
 		else:
 			return "Permission denied to model: " + type!
 	else:
@@ -1051,8 +1082,14 @@ String function cmd_transformation_execute(user_id : String, transformation_name
 
 					if (get_entry_id(target_model_name) == ""):
 						// Doesn't exist yet, so we can easily create
-						dict_add(output_map, assoc_name, full_name(readAssociationDestination(core, target)))
-						dict_add(outputs, assoc_name, target_model_name)
+						if (get_entry_id(get_foldername(target_model_name)) == ""):
+							return "Folder not found: " + get_foldername(target_model_name)!
+						else:
+							if (allow_write(user_id, get_entry_id(get_foldername(target_model_name)))):
+								dict_add(output_map, assoc_name, full_name(readAssociationDestination(core, target)))
+								dict_add(outputs, assoc_name, target_model_name)
+							else:
+								return "Permission denied to folder: " + get_foldername(target_model_name)!
 					else:
 						// Already exists, so we need to check for write access
 						if (allow_write(user_id, get_entry_id(target_model_name))):
@@ -1081,8 +1118,6 @@ String function cmd_transformation_execute(user_id : String, transformation_name
 						
 						if (get_entry_id(outputs[key]) == ""):
 							// New model
-							log("Creating new model " + cast_v2s(outputs[key]))
-							log("    typed by " + cast_v2s(output_map[key]))
 							model_create(result[key], outputs[key], user_id, get_entry_id(output_map[key]), "Model")
 						else:
 							model_overwrite(result[key], get_entry_id(outputs[key]), get_entry_id(output_map[key]))
@@ -1183,50 +1218,56 @@ String function cmd_model_delete(user_id : String, model_name : String):
 	else:
 		return "Model not found: " + model_name!
 
-String function cmd_model_list(location : String):
+String function cmd_model_list(user_id : String, location : String):
 	// List all models
 	if (get_entry_id(location) != ""):
-		Element models
-		String result
-		String m
-
-		result = "Success: "
-		models = allAssociationDestinations(core, get_entry_id(location), "contains")
-		while (set_len(models) > 0):
-			m = set_pop(models)
-			if (is_nominal_instance(core, m, "Folder")):
-				result = result + string_join(read_attribute(core, m, "name"), "/\n")
-			else:
-				result = result + string_join(read_attribute(core, m, "name"), "\n")
-		return result!
+		if (allow_read(user_id, get_entry_id(location))):
+			Element models
+			String result
+			String m
+
+			result = "Success: "
+			models = allAssociationDestinations(core, get_entry_id(location), "contains")
+			while (set_len(models) > 0):
+				m = set_pop(models)
+				if (is_nominal_instance(core, m, "Folder")):
+					result = result + string_join(read_attribute(core, m, "name"), "/\n")
+				else:
+					result = result + string_join(read_attribute(core, m, "name"), "\n")
+			return result!
+		else:
+			return "Permission denied to folder: " + location!
 	else:
 		return "Location not found: " + location!
 
-String function cmd_model_list_full(location : String):
+String function cmd_model_list_full(user_id : String, location : String):
 	// List all models with full info
 	if (get_entry_id(location) != ""):
-		Element models
-		String m
-		String permissions
-		String owner
-		String group
-		String name
-		String type
-		String result
-
-		result = "Success: "
-		models = allAssociationDestinations(core, get_entry_id(location), "contains")
-		while (set_len(models) > 0):
-			m = set_pop(models)
-			permissions = read_attribute(core, m, "permissions")
-			owner = read_attribute(core, set_pop(allAssociationDestinations(core, m, "owner")), "name")
-			group = read_attribute(core, set_pop(allAssociationDestinations(core, m, "group")), "name")
-			if (is_nominal_instance(core, m, "Folder")):
-				name = string_join(read_attribute(core, m, "name"), "/")
-			else:
-				name = read_attribute(core, m, "name")
-			result = result + (((((((permissions + " ") + owner) + " ") + group) + " ") + name) + "\n")
-		return result!
+		if (allow_read(user_id, get_entry_id(location))):
+			Element models
+			String m
+			String permissions
+			String owner
+			String group
+			String name
+			String type
+			String result
+
+			result = "Success: "
+			models = allAssociationDestinations(core, get_entry_id(location), "contains")
+			while (set_len(models) > 0):
+				m = set_pop(models)
+				permissions = read_attribute(core, m, "permissions")
+				owner = read_attribute(core, set_pop(allAssociationDestinations(core, m, "owner")), "name")
+				group = read_attribute(core, set_pop(allAssociationDestinations(core, m, "group")), "name")
+				if (is_nominal_instance(core, m, "Folder")):
+					name = string_join(read_attribute(core, m, "name"), "/")
+				else:
+					name = read_attribute(core, m, "name")
+				result = result + (((((((permissions + " ") + owner) + " ") + group) + " ") + name) + "\n")
+			return result!
+		else:
+			return "Permission denied to folder: " + location!
 	else:
 		return "Location not found: " + location!
 
@@ -1880,9 +1921,9 @@ Void function user_function_skip_init(user_id : String):
 		elif (cmd == "model_delete"):
 			output(cmd_model_delete(user_id, single_input("Model name?")))
 		elif (cmd == "model_list"):
-			output(cmd_model_list(single_input("Location?")))
+			output(cmd_model_list(user_id, single_input("Location?")))
 		elif (cmd == "model_list_full"):
-			output(cmd_model_list_full(single_input("Location?")))
+			output(cmd_model_list_full(user_id, single_input("Location?")))
 		elif (cmd == "transformation_add_MANUAL"):
 			output(cmd_transformation_add_MANUAL(user_id, dict_input("Source model names?"), dict_input("Target model names?"), single_input("Operation name?")))
 		elif (cmd == "transformation_add_AL"):
@@ -1934,6 +1975,9 @@ Void function user_function_skip_init(user_id : String):
 			// Restarting with the same user name will NOT grant you access to anything of the previous user with that same name
 			// as the current user will have been deleted
 			return !
+		elif (cmd == "folder_create"):
+			// TODO (see create_folders operation)
+			cmd = "FAIL"
 		elif (cmd == "add_conformance"):
 			// TODO
 			cmd = "FAIL"

wrappers/modelverse.py

@@ -110,7 +110,7 @@ def _goto_mode(new_mode, model_name=None):
 
 def _input(value, port=None):
     # Ugly json encoding of primitives
-    print("[IN] %s" % value)
+    #print("[IN] %s" % value)
     if port is None:
         port = taskname
     if isinstance(value, type([])):
@@ -167,7 +167,7 @@ def _output(expected=None,port=None):
     try:
         global last_output
         last_output = json.loads(urllib2.urlopen(urllib2.Request(address, urllib.urlencode({"op": "get_output", "taskname": port}))).read())
-        print("[OUT] %s" % last_output)
+        #print("[OUT] %s" % last_output)
     except:
         raise UnknownError()
     if expected is not None and last_output != expected: