Context navigation

PatchCPSUserFolderUserFolder.py @ 17937

Last change on this file since 17937 was 1653, checked in by uli, 18 years ago
Incorporated changeset 1593:1652 of trunk into uli-branch.
File size: 6.0 KB

Rev	Line
[880]	1	from AccessControl import ClassSecurityInfo
	2	from ExtensionClass import Base
	3	from Acquisition import Implicit
	4	from Acquisition import aq_base, aq_parent, aq_inner
	5
	6	security = ClassSecurityInfo()
	7
	8	security.declarePublic('getRolesInContext')
	9	def getRolesInContext(self, object):
[881]	10	"""Get the list of roles assigned to the user.
	11	This includes local roles assigned in the context of
	12	the passed in object.
	13	Knows about local roles blocking (roles starting with '-').
	14	"""
[880]	15	name = self.getUserName()
	16	roles = self.getRoles()
[881]	17	# deal with groups
	18	groups = self.getComputedGroups()
	19	# end groups
[880]	20	local = {}
	21	stop_loop = 0
[881]	22	real_object = object
[880]	23	object = aq_inner(object)
	24	while 1:
	25	# Collect all roles info
	26	lrd = {}
	27	local_roles = getattr(object, '__ac_local_roles__', None)
	28	if local_roles:
	29	if callable(local_roles):
	30	local_roles = local_roles() or {}
	31	for r in local_roles.get(name, ()):
	32	if r:
	33	lrd[r] = None
	34	local_group_roles = getattr(object, '__ac_local_group_roles__', None)
	35	if local_group_roles:
	36	if callable(local_group_roles):
	37	local_group_roles = local_group_roles() or {}
	38	for g in groups:
	39	for r in local_group_roles.get(g, ()):
	40	if r:
	41	lrd[r] = None
	42	lr = lrd.keys()
	43	# Positive role assertions
	44	for r in lr:
	45	if r[0] != '-':
	46	if not local.has_key(r):
	47	local[r] = 1 # acquired role
	48	# Negative (blocking) role assertions
	49	for r in lr:
	50	if r[0] == '-':
	51	r = r[1:]
	52	if not r:
	53	# role '-' blocks all acquisition
	54	stop_loop = 1
	55	break
	56	if not local.has_key(r):
	57	local[r] = 0 # blocked role
	58	if stop_loop:
	59	break
[881]	60	if hasattr(object, 'aq_parent'):
	61	object = aq_inner(object.aq_parent)
[880]	62	continue
	63	if hasattr(object, 'im_self'):
[881]	64	object = aq_inner(object.im_self)
[880]	65	continue
	66	break
	67	roles = list(roles)
	68	for r, v in local.items():
	69	if v: # only if not blocked
	70	roles.append(r)
	71	## patch to assign dynamic roles for WAeUP
	72	while 1:
[1593]	73	if self.isStudent():
	74	break
	75	groups = self.portal_membership.getAuthenticatedMember().getGroups()
	76	if not ("ClearanceOfficers" in groups or "CourseAdvisers" in groups):
	77	break
[1035]	78	if callable(real_object) and hasattr(real_object,'im_self'):
	79	real_object = real_object.im_self
[1593]	80
	81	if real_object is None:
	82	break
[1035]	83	if hasattr(real_object,'portal_type') and\
[1593]	84	real_object.portal_type not in ("Student",
	85	"StudentClearance",
	86	"StudentStudyLevel"):
[880]	87	break
[1653]	88
	89	# don't test if it is not a proxy
	90	#if real_object.portal_type == real_object.meta_type:
	91	# break
	92
[1593]	93	# can be later simplified by replacing by students_catalog values - Henrik
	94	# getattr works always because of acquisition ?! Henrik
[902]	95	sc = getattr(real_object,'study_course',None)
	96	if sc is None:
	97	break
[1471]	98	sc_obj = sc.getContent()
[1593]	99	cert_id = sc_obj.study_course
	100	res_cert = self.portal_catalog(id = cert_id)
	101	if len(res_cert) != 1:
[1471]	102	break
[1593]	103	certificate_brain = res_cert[0]
	104	certificate_obj = certificate_brain.getObject()
	105	cert_path = certificate_brain.getPath().split('/')
[1471]	106	fac_id = cert_path[-4]
	107	dep_id = cert_path[-3]
[1593]	108	# temporary self-healing function
[1471]	109	# deprecated after reindexing the students_catalog
[1076]	110	student_id = self.getStudentId()
	111	res = self.students_catalog(id=student_id)
[1066]	112	if len(res) != 1:
	113	break
[1593]	114	st_entry = res[0]
	115	if st_entry.faculty != fac_id or\
	116	st_entry.department != dep_id or\
	117	st_entry.course != cert_id:
	118	self.students_catalog.modifyRecord(id = student_id,
[1471]	119	faculty = fac_id,
	120	department = dep_id,
[1593]	121	course = cert_id
[1515]	122	)
[1593]	123	if real_object.portal_type == "StudentStudyLevel":
[1653]	124	if real_object.meta_type != "StudentStudyLevel":
	125	context_obj = getattr(certificate_obj,real_object.getId(),None)
	126	else:
	127	context_obj = getattr(certificate_obj,real_object.aq_parent.getId(),None)
[1593]	128	if context_obj is None:
[1653]	129	#from pdb import set_trace;set_trace()
[1593]	130	break
	131	allowed = set(('CourseAdviser', 'SectionManager'))
	132	elif real_object.portal_type == "Student" and "CourseAdvisers" in groups:
[1653]	133	#we need some special processing since CourseAdvisers are only
[1593]	134	#specified per StudyLevel
	135	allowed = set(('CourseAdviser', 'SectionManager'))
	136	for context_obj in certificate_obj.objectValues():
	137	dynamic_roles = set(self.getRolesInContext(context_obj))
	138	intersect = dynamic_roles & allowed
	139	if intersect:
	140	roles.extend(list(intersect))
[1515]	141	break
[1593]	142	else:
	143	res = self.portal_catalog(portal_type="Department",id=dep_id)
	144	allowed = set(('ClearanceOfficer', 'SectionManager'))
	145	if len(res) != 1:
	146	break
	147	context_obj = res[0].getObject()
	148	dynamic_roles = set(self.getRolesInContext(context_obj))
	149	intersect = dynamic_roles & allowed
	150	if intersect:
	151	roles.extend(list(intersect))
[880]	152	break
	153	return roles
	154
[881]	155	from Products.CPSUserFolder.CPSUserFolder import CPSUser
	156	CPSUser.getRolesInContext = getRolesInContext

Note: See TracBrowser for help on using the repository browser.

Context navigation

source: WAeUP_SRP/branches/uli/PatchCPSUserFolderUserFolder.py @ 17937

Download in other formats: