source: WAeUP_SRP/branches/joachim-event-branch/PatchCPSUserFolderUserFolder.py @ 12407

Last change on this file since 12407 was 1596, checked in by joachim, 18 years ago

merged changes from trunk to joachim-event-branch

File size: 5.8 KB
RevLine 
[880]1from AccessControl import ClassSecurityInfo
2from ExtensionClass import Base
3from Acquisition import Implicit
4from Acquisition import aq_base, aq_parent, aq_inner
5
6security = ClassSecurityInfo()
7
8security.declarePublic('getRolesInContext')
9def getRolesInContext(self, object):
[881]10    """Get the list of roles assigned to the user.
11    This includes local roles assigned in the context of
12    the passed in object.
13    Knows about local roles blocking (roles starting with '-').
14    """
[880]15    name = self.getUserName()
16    roles = self.getRoles()
[881]17    # deal with groups
18    groups = self.getComputedGroups()
19    # end groups
[880]20    local = {}
21    stop_loop = 0
[881]22    real_object = object
[880]23    object = aq_inner(object)
24    while 1:
25        # Collect all roles info
26        lrd = {}
27        local_roles = getattr(object, '__ac_local_roles__', None)
28        if local_roles:
29            if callable(local_roles):
30                local_roles = local_roles() or {}
31            for r in local_roles.get(name, ()):
32                if r:
33                    lrd[r] = None
34        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
35        if local_group_roles:
36            if callable(local_group_roles):
37                local_group_roles = local_group_roles() or {}
38            for g in groups:
39                for r in local_group_roles.get(g, ()):
40                    if r:
41                        lrd[r] = None
42        lr = lrd.keys()
43        # Positive role assertions
44        for r in lr:
45            if r[0] != '-':
46                if not local.has_key(r):
47                    local[r] = 1 # acquired role
48        # Negative (blocking) role assertions
49        for r in lr:
50            if r[0] == '-':
51                r = r[1:]
52                if not r:
53                    # role '-' blocks all acquisition
54                    stop_loop = 1
55                    break
56                if not local.has_key(r):
57                    local[r] = 0 # blocked role
58        if stop_loop:
59            break
[881]60        if hasattr(object, 'aq_parent'):
61            object = aq_inner(object.aq_parent)
[880]62            continue
63        if hasattr(object, 'im_self'):
[881]64            object = aq_inner(object.im_self)
[880]65            continue
66        break
67    roles = list(roles)
68    for r, v in local.items():
69        if v: # only if not blocked
70            roles.append(r)
71    ## patch to assign dynamic roles for WAeUP
72    while 1:
[1596]73        if self.isStudent():
74            break
75        groups = self.portal_membership.getAuthenticatedMember().getGroups()
76        if not ("ClearanceOfficers" in groups or "CourseAdvisers" in groups):
77            break
[1035]78        if callable(real_object) and hasattr(real_object,'im_self'):
79            real_object = real_object.im_self
[1558]80
[1596]81        if real_object is None:
82            break
[1035]83        if hasattr(real_object,'portal_type') and\
[1596]84                   real_object.portal_type not in ("Student",
85                                                   "StudentClearance",
86                                                   "StudentStudyLevel"):
[880]87            break
[1596]88        # don't test if it is not a proxy
89        if real_object.portal_type == real_object.meta_type:
90            break
[1558]91        # can be later simplified by replacing by students_catalog values - Henrik
92        # getattr works always because of acquisition ?! Henrik
[902]93        sc = getattr(real_object,'study_course',None)
94        if sc is None:
95            break
[1596]96        #from pdb import set_trace;set_trace()
[1471]97        sc_obj = sc.getContent()
[1558]98        cert_id = sc_obj.study_course
99        res_cert = self.portal_catalog(id = cert_id)
100        if len(res_cert) != 1:
[1471]101            break
[1558]102        certificate_brain = res_cert[0]
103        certificate_obj = certificate_brain.getObject()
104        cert_path = certificate_brain.getPath().split('/')
[1471]105        fac_id = cert_path[-4]
106        dep_id = cert_path[-3]
[1558]107        # temporary self-healing function
[1471]108        # deprecated after reindexing the students_catalog
[1076]109        student_id = self.getStudentId()
110        res = self.students_catalog(id=student_id)
[1066]111        if len(res) != 1:
112            break
[1558]113        st_entry = res[0]
114        if st_entry.faculty != fac_id or\
115           st_entry.department != dep_id or\
116           st_entry.course != cert_id:
117               self.students_catalog.modifyRecord(id = student_id,
[1471]118                                                faculty = fac_id,
119                                                department = dep_id,
[1558]120                                                course = cert_id
[1515]121                                                )
[1558]122        if real_object.portal_type == "StudentStudyLevel":
[1596]123            context_obj = getattr(certificate_obj,real_object.getId(),None)
124            if context_obj is None:
125                break
126            allowed = set(('CourseAdviser', 'SectionManager'))
127        elif real_object.portal_type == "Student" and "CourseAdvisers" in groups:
128            #we need some special processing since CourseAdvisers are only
129            #specified per StudyLevel
130            allowed = set(('CourseAdviser', 'SectionManager'))
131            for context_obj in certificate_obj.objectValues():
132                dynamic_roles = set(self.getRolesInContext(context_obj))
133                intersect = dynamic_roles & allowed
134                if intersect:
135                    roles.extend(list(intersect))
136            break
[1558]137        else:
138            res = self.portal_catalog(portal_type="Department",id=dep_id)
[1596]139            allowed = set(('ClearanceOfficer', 'SectionManager'))
[1558]140            if len(res) != 1:
141                break
142            context_obj = res[0].getObject()
[1596]143        dynamic_roles = set(self.getRolesInContext(context_obj))
144        intersect = dynamic_roles & allowed
145        if intersect:
146            roles.extend(list(intersect))
[880]147        break
148    return roles
149
[881]150from Products.CPSUserFolder.CPSUserFolder import CPSUser
151CPSUser.getRolesInContext = getRolesInContext
Note: See TracBrowser for help on using the repository browser.