source: WAeUP_SRP/trunk/PatchCPSUserFolderUserFolder.py @ 1609

Last change on this file since 1609 was 1607, checked in by Henrik Bettermann, 18 years ago

ticket 131

File size: 5.8 KB
RevLine 
[880]1from AccessControl import ClassSecurityInfo
2from ExtensionClass import Base
3from Acquisition import Implicit
4from Acquisition import aq_base, aq_parent, aq_inner
5
6security = ClassSecurityInfo()
7
8security.declarePublic('getRolesInContext')
9def getRolesInContext(self, object):
[881]10    """Get the list of roles assigned to the user.
11    This includes local roles assigned in the context of
12    the passed in object.
13    Knows about local roles blocking (roles starting with '-').
14    """
[880]15    name = self.getUserName()
16    roles = self.getRoles()
[881]17    # deal with groups
18    groups = self.getComputedGroups()
19    # end groups
[880]20    local = {}
21    stop_loop = 0
[881]22    real_object = object
[880]23    object = aq_inner(object)
24    while 1:
25        # Collect all roles info
26        lrd = {}
27        local_roles = getattr(object, '__ac_local_roles__', None)
28        if local_roles:
29            if callable(local_roles):
30                local_roles = local_roles() or {}
31            for r in local_roles.get(name, ()):
32                if r:
33                    lrd[r] = None
34        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
35        if local_group_roles:
36            if callable(local_group_roles):
37                local_group_roles = local_group_roles() or {}
38            for g in groups:
39                for r in local_group_roles.get(g, ()):
40                    if r:
41                        lrd[r] = None
42        lr = lrd.keys()
43        # Positive role assertions
44        for r in lr:
45            if r[0] != '-':
46                if not local.has_key(r):
47                    local[r] = 1 # acquired role
48        # Negative (blocking) role assertions
49        for r in lr:
50            if r[0] == '-':
51                r = r[1:]
52                if not r:
53                    # role '-' blocks all acquisition
54                    stop_loop = 1
55                    break
56                if not local.has_key(r):
57                    local[r] = 0 # blocked role
58        if stop_loop:
59            break
[881]60        if hasattr(object, 'aq_parent'):
61            object = aq_inner(object.aq_parent)
[880]62            continue
63        if hasattr(object, 'im_self'):
[881]64            object = aq_inner(object.im_self)
[880]65            continue
66        break
67    roles = list(roles)
68    for r, v in local.items():
69        if v: # only if not blocked
70            roles.append(r)
71    ## patch to assign dynamic roles for WAeUP
72    while 1:
[1576]73        if self.isStudent():
[1563]74            break
[1576]75        groups = self.portal_membership.getAuthenticatedMember().getGroups()
[1578]76        if not ("ClearanceOfficers" in groups or "CourseAdvisers" in groups):
[1576]77            break
[1035]78        if callable(real_object) and hasattr(real_object,'im_self'):
79            real_object = real_object.im_self
[1547]80
[1563]81        if real_object is None:
82            break
[1035]83        if hasattr(real_object,'portal_type') and\
[1576]84                   real_object.portal_type not in ("Student",
85                                                   "StudentClearance",
86                                                   "StudentStudyLevel"):
[880]87            break
[1607]88
89        # don't test if it is not a proxy
90        #if real_object.portal_type == real_object.meta_type:
91        #    break
92       
[1548]93        # can be later simplified by replacing by students_catalog values - Henrik
94        # getattr works always because of acquisition ?! Henrik
[902]95        sc = getattr(real_object,'study_course',None)
96        if sc is None:
97            break
[1581]98        #from pdb import set_trace;set_trace()
[1471]99        sc_obj = sc.getContent()
[1549]100        cert_id = sc_obj.study_course
101        res_cert = self.portal_catalog(id = cert_id)
102        if len(res_cert) != 1:
[1471]103            break
[1549]104        certificate_brain = res_cert[0]
105        certificate_obj = certificate_brain.getObject()
106        cert_path = certificate_brain.getPath().split('/')
[1471]107        fac_id = cert_path[-4]
108        dep_id = cert_path[-3]
[1547]109        # temporary self-healing function
[1471]110        # deprecated after reindexing the students_catalog
[1076]111        student_id = self.getStudentId()
112        res = self.students_catalog(id=student_id)
[1066]113        if len(res) != 1:
114            break
[1549]115        st_entry = res[0]
116        if st_entry.faculty != fac_id or\
117           st_entry.department != dep_id or\
118           st_entry.course != cert_id:
119               self.students_catalog.modifyRecord(id = student_id,
[1471]120                                                faculty = fac_id,
121                                                department = dep_id,
[1549]122                                                course = cert_id
[1515]123                                                )
[1549]124        if real_object.portal_type == "StudentStudyLevel":
[1576]125            context_obj = getattr(certificate_obj,real_object.getId(),None)
126            if context_obj is None:
127                break
[1581]128            allowed = set(('CourseAdviser', 'SectionManager'))
129        elif real_object.portal_type == "Student" and "CourseAdvisers" in groups:
[1607]130            #we need some special processing since CourseAdvisers are only
[1581]131            #specified per StudyLevel
132            allowed = set(('CourseAdviser', 'SectionManager'))
133            for context_obj in certificate_obj.objectValues():
134                dynamic_roles = set(self.getRolesInContext(context_obj))
135                intersect = dynamic_roles & allowed
136                if intersect:
137                    roles.extend(list(intersect))
138            break
[1549]139        else:
140            res = self.portal_catalog(portal_type="Department",id=dep_id)
[1581]141            allowed = set(('ClearanceOfficer', 'SectionManager'))
[1549]142            if len(res) != 1:
143                break
144            context_obj = res[0].getObject()
[1581]145        dynamic_roles = set(self.getRolesInContext(context_obj))
146        intersect = dynamic_roles & allowed
147        if intersect:
148            roles.extend(list(intersect))
[880]149        break
150    return roles
151
[881]152from Products.CPSUserFolder.CPSUserFolder import CPSUser
153CPSUser.getRolesInContext = getRolesInContext
Note: See TracBrowser for help on using the repository browser.