source: WAeUP_SRP/base/PatchCPSUserFolderUserFolder.py @ 2812

from AccessControl import ClassSecurityInfo
from ExtensionClass import Base
from Acquisition import Implicit
from Acquisition import aq_base, aq_parent, aq_inner
import re
security = ClassSecurityInfo()

def getCertificateObject(self,st_entry):
    try:
        return getattr(getattr(getattr(self.portal_url.getPortalObject().campus.academics,st_entry.faculty),
                               st_entry.department).certificates,st_entry.course)
    except:
        return None

security.declarePublic('getRolesInContext')
def getRolesInContext(self, object):
    """Get the list of roles assigned to the user.
    This includes local roles assigned in the context of
    the passed in object.
    Knows about local roles blocking (roles starting with '-').
    """
    name = self.getUserName()
    roles = self.getRoles()
    # deal with groups
    groups = self.getComputedGroups()
    # end groups
    local = {}
    stop_loop = 0
    real_object = object
    object = aq_inner(object)
    while 1:
        # Collect all roles info
        lrd = {}
        local_roles = getattr(object, '__ac_local_roles__', None)
        if local_roles:
            if callable(local_roles):
                local_roles = local_roles() or {}
            for r in local_roles.get(name, ()):
                if r:
                    lrd[r] = None
        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
        if local_group_roles:
            if callable(local_group_roles):
                local_group_roles = local_group_roles() or {}
            for g in groups:
                for r in local_group_roles.get(g, ()):
                    if r:
                        lrd[r] = None
        lr = lrd.keys()
        # Positive role assertions
        for r in lr:
            if r[0] != '-':
                if not local.has_key(r):
                    local[r] = 1 # acquired role
        # Negative (blocking) role assertions
        for r in lr:
            if r[0] == '-':
                r = r[1:]
                if not r:
                    # role '-' blocks all acquisition
                    stop_loop = 1
                    break
                if not local.has_key(r):
                    local[r] = 0 # blocked role
        if stop_loop:
            break
        if hasattr(object, 'aq_parent'):
            object = aq_inner(object.aq_parent)
            continue
        if hasattr(object, 'im_self'):
            object = aq_inner(object.im_self)
            continue
        break
    roles = list(roles)
    for r, v in local.items():
        if v: # only if not blocked
            roles.append(r)
    ## patch to assign dynamic roles for WAeUP
    while 1:

        o = ord(name[1])
        if o >= 48 and o <= 57:
            break
        groups = self.portal_membership.getAuthenticatedMember().getGroups()
        if not ("ClearanceOfficers" in groups or "CourseAdvisers" in groups):
            break
        if callable(real_object) and hasattr(real_object,'im_self'):
            real_object = real_object.im_self

        if real_object is None:
            break
        if hasattr(real_object,'portal_type') and\
                   real_object.portal_type not in ("Student",
                                                   "StudentClearance",
                                                   "StudentStudyLevel",
                                                   "StudentPersonal",
                                                  ):
            break
        student_id = self.getStudentId()
        res = self.students_catalog(id=student_id)
        if len(res) != 1:
            break
        st_entry = res[0]

        if real_object.portal_type == "StudentStudyLevel":
            certificate_obj = getCertificateObject(self,st_entry)
            if certificate_obj is None:
                #from pdb import set_trace;set_trace()
                break
            if real_object.meta_type.endswith('Folder'): # it is a proxy
                object = real_object
            else:
                object = real_object.aq_parent
            level = object.getId()
            context_obj = getattr(certificate_obj,level,None)
            if context_obj is None:
                #from pdb import set_trace;set_trace()
                break
            allowed = set(('CourseAdviser', 'SectionManager'))
        elif real_object.portal_type == "Student" and "CourseAdvisers" in groups:
            #we need some special processing since CourseAdvisers are only
            #specified per StudyLevel
            certificate_obj = getCertificateObject(self,st_entry)
            if certificate_obj is None:
                #from pdb import set_trace;set_trace()
                break
            allowed = set(('CourseAdviser', 'SectionManager'))
            for context_obj in certificate_obj.objectValues():
                dynamic_roles = set(self.getRolesInContext(context_obj))
                intersect = dynamic_roles & allowed
                if intersect:
                    roles.extend(list(intersect))
            break
        else:
            res = self.portal_catalog(portal_type="Department",id=st_entry.department)
            allowed = set(('ClearanceOfficer', 'SectionManager'))
            if len(res) != 1:
                break
            context_obj = res[0].getObject()
        dynamic_roles = set(self.getRolesInContext(context_obj))
        intersect = dynamic_roles & allowed
        if intersect:
            roles.extend(list(intersect))
        break
    return roles

from Products.CPSUserFolder.CPSUserFolder import CPSUser
CPSUser.getRolesInContext = getRolesInContext