[880] | 1 | from AccessControl import ClassSecurityInfo |
---|
| 2 | from ExtensionClass import Base |
---|
| 3 | from Acquisition import Implicit |
---|
| 4 | from Acquisition import aq_base, aq_parent, aq_inner |
---|
[1957] | 5 | import re |
---|
[880] | 6 | security = ClassSecurityInfo() |
---|
| 7 | |
---|
[2055] | 8 | def getCertificateObject(self,st_entry): |
---|
| 9 | try: |
---|
[2057] | 10 | return getattr(getattr(getattr(self.portal_url.getPortalObject().campus.academics,st_entry.faculty), |
---|
| 11 | st_entry.department).certificates,st_entry.course) |
---|
[2055] | 12 | except: |
---|
| 13 | return None |
---|
[2057] | 14 | |
---|
[880] | 15 | security.declarePublic('getRolesInContext') |
---|
| 16 | def getRolesInContext(self, object): |
---|
[881] | 17 | """Get the list of roles assigned to the user. |
---|
| 18 | This includes local roles assigned in the context of |
---|
| 19 | the passed in object. |
---|
| 20 | Knows about local roles blocking (roles starting with '-'). |
---|
| 21 | """ |
---|
[880] | 22 | name = self.getUserName() |
---|
| 23 | roles = self.getRoles() |
---|
[881] | 24 | # deal with groups |
---|
| 25 | groups = self.getComputedGroups() |
---|
| 26 | # end groups |
---|
[880] | 27 | local = {} |
---|
| 28 | stop_loop = 0 |
---|
[881] | 29 | real_object = object |
---|
[880] | 30 | object = aq_inner(object) |
---|
| 31 | while 1: |
---|
| 32 | # Collect all roles info |
---|
| 33 | lrd = {} |
---|
| 34 | local_roles = getattr(object, '__ac_local_roles__', None) |
---|
| 35 | if local_roles: |
---|
| 36 | if callable(local_roles): |
---|
| 37 | local_roles = local_roles() or {} |
---|
| 38 | for r in local_roles.get(name, ()): |
---|
| 39 | if r: |
---|
| 40 | lrd[r] = None |
---|
| 41 | local_group_roles = getattr(object, '__ac_local_group_roles__', None) |
---|
| 42 | if local_group_roles: |
---|
| 43 | if callable(local_group_roles): |
---|
| 44 | local_group_roles = local_group_roles() or {} |
---|
| 45 | for g in groups: |
---|
| 46 | for r in local_group_roles.get(g, ()): |
---|
| 47 | if r: |
---|
| 48 | lrd[r] = None |
---|
| 49 | lr = lrd.keys() |
---|
| 50 | # Positive role assertions |
---|
| 51 | for r in lr: |
---|
| 52 | if r[0] != '-': |
---|
| 53 | if not local.has_key(r): |
---|
| 54 | local[r] = 1 # acquired role |
---|
| 55 | # Negative (blocking) role assertions |
---|
| 56 | for r in lr: |
---|
| 57 | if r[0] == '-': |
---|
| 58 | r = r[1:] |
---|
| 59 | if not r: |
---|
| 60 | # role '-' blocks all acquisition |
---|
| 61 | stop_loop = 1 |
---|
| 62 | break |
---|
| 63 | if not local.has_key(r): |
---|
| 64 | local[r] = 0 # blocked role |
---|
| 65 | if stop_loop: |
---|
| 66 | break |
---|
[881] | 67 | if hasattr(object, 'aq_parent'): |
---|
| 68 | object = aq_inner(object.aq_parent) |
---|
[880] | 69 | continue |
---|
| 70 | if hasattr(object, 'im_self'): |
---|
[881] | 71 | object = aq_inner(object.im_self) |
---|
[880] | 72 | continue |
---|
| 73 | break |
---|
| 74 | roles = list(roles) |
---|
| 75 | for r, v in local.items(): |
---|
| 76 | if v: # only if not blocked |
---|
| 77 | roles.append(r) |
---|
| 78 | ## patch to assign dynamic roles for WAeUP |
---|
[2057] | 79 | while 1: |
---|
[2696] | 80 | |
---|
[2057] | 81 | o = ord(name[1]) |
---|
[1959] | 82 | if o >= 48 and o <= 57: |
---|
[1563] | 83 | break |
---|
[1576] | 84 | groups = self.portal_membership.getAuthenticatedMember().getGroups() |
---|
[1578] | 85 | if not ("ClearanceOfficers" in groups or "CourseAdvisers" in groups): |
---|
[1576] | 86 | break |
---|
[1035] | 87 | if callable(real_object) and hasattr(real_object,'im_self'): |
---|
| 88 | real_object = real_object.im_self |
---|
[1547] | 89 | |
---|
[1563] | 90 | if real_object is None: |
---|
| 91 | break |
---|
[1035] | 92 | if hasattr(real_object,'portal_type') and\ |
---|
[1576] | 93 | real_object.portal_type not in ("Student", |
---|
| 94 | "StudentClearance", |
---|
[2055] | 95 | "StudentStudyLevel", |
---|
[2696] | 96 | "StudentPersonal", |
---|
[2055] | 97 | ): |
---|
[880] | 98 | break |
---|
[1076] | 99 | student_id = self.getStudentId() |
---|
| 100 | res = self.students_catalog(id=student_id) |
---|
[1066] | 101 | if len(res) != 1: |
---|
| 102 | break |
---|
[1549] | 103 | st_entry = res[0] |
---|
[2696] | 104 | |
---|
[2708] | 105 | if real_object.portal_type == "StudentStudyLevel": |
---|
[2055] | 106 | certificate_obj = getCertificateObject(self,st_entry) |
---|
| 107 | if certificate_obj is None: |
---|
[2057] | 108 | #from pdb import set_trace;set_trace() |
---|
[2055] | 109 | break |
---|
| 110 | if real_object.meta_type.endswith('Folder'): # it is a proxy |
---|
| 111 | object = real_object |
---|
[1612] | 112 | else: |
---|
[2055] | 113 | object = real_object.aq_parent |
---|
[2708] | 114 | level = object.getId() |
---|
[2869] | 115 | d,m = divmod(int(level),100) |
---|
| 116 | if m: # its repeater |
---|
| 117 | level = "%s" % (d*100) |
---|
[2055] | 118 | context_obj = getattr(certificate_obj,level,None) |
---|
[2870] | 119 | if context_obj is None and d > 1: |
---|
| 120 | #may-be spillover t |
---|
[2869] | 121 | level = "%s" % ((d-1)*100) |
---|
| 122 | context_obj = getattr(certificate_obj,level,None) |
---|
| 123 | if context_obj is None: |
---|
| 124 | #from pdb import set_trace;set_trace() |
---|
| 125 | break |
---|
[1581] | 126 | allowed = set(('CourseAdviser', 'SectionManager')) |
---|
| 127 | elif real_object.portal_type == "Student" and "CourseAdvisers" in groups: |
---|
[1607] | 128 | #we need some special processing since CourseAdvisers are only |
---|
[1581] | 129 | #specified per StudyLevel |
---|
[2055] | 130 | certificate_obj = getCertificateObject(self,st_entry) |
---|
| 131 | if certificate_obj is None: |
---|
[2057] | 132 | #from pdb import set_trace;set_trace() |
---|
[2055] | 133 | break |
---|
[1581] | 134 | allowed = set(('CourseAdviser', 'SectionManager')) |
---|
| 135 | for context_obj in certificate_obj.objectValues(): |
---|
| 136 | dynamic_roles = set(self.getRolesInContext(context_obj)) |
---|
| 137 | intersect = dynamic_roles & allowed |
---|
| 138 | if intersect: |
---|
| 139 | roles.extend(list(intersect)) |
---|
| 140 | break |
---|
[1549] | 141 | else: |
---|
[2065] | 142 | res = self.portal_catalog(portal_type="Department",id=st_entry.department) |
---|
[1581] | 143 | allowed = set(('ClearanceOfficer', 'SectionManager')) |
---|
[1549] | 144 | if len(res) != 1: |
---|
| 145 | break |
---|
| 146 | context_obj = res[0].getObject() |
---|
[1581] | 147 | dynamic_roles = set(self.getRolesInContext(context_obj)) |
---|
| 148 | intersect = dynamic_roles & allowed |
---|
| 149 | if intersect: |
---|
| 150 | roles.extend(list(intersect)) |
---|
[880] | 151 | break |
---|
| 152 | return roles |
---|
| 153 | |
---|
[881] | 154 | from Products.CPSUserFolder.CPSUserFolder import CPSUser |
---|
| 155 | CPSUser.getRolesInContext = getRolesInContext |
---|