[880] | 1 | from AccessControl import ClassSecurityInfo |
---|
| 2 | from ExtensionClass import Base |
---|
| 3 | from Acquisition import Implicit |
---|
| 4 | from Acquisition import aq_base, aq_parent, aq_inner |
---|
| 5 | |
---|
| 6 | security = ClassSecurityInfo() |
---|
| 7 | |
---|
| 8 | security.declarePublic('getRolesInContext') |
---|
| 9 | def getRolesInContext(self, object): |
---|
[881] | 10 | """Get the list of roles assigned to the user. |
---|
| 11 | This includes local roles assigned in the context of |
---|
| 12 | the passed in object. |
---|
| 13 | Knows about local roles blocking (roles starting with '-'). |
---|
| 14 | """ |
---|
[880] | 15 | name = self.getUserName() |
---|
| 16 | roles = self.getRoles() |
---|
[881] | 17 | # deal with groups |
---|
| 18 | groups = self.getComputedGroups() |
---|
| 19 | # end groups |
---|
[880] | 20 | local = {} |
---|
| 21 | stop_loop = 0 |
---|
[881] | 22 | real_object = object |
---|
[880] | 23 | object = aq_inner(object) |
---|
| 24 | while 1: |
---|
| 25 | # Collect all roles info |
---|
| 26 | lrd = {} |
---|
| 27 | local_roles = getattr(object, '__ac_local_roles__', None) |
---|
| 28 | if local_roles: |
---|
| 29 | if callable(local_roles): |
---|
| 30 | local_roles = local_roles() or {} |
---|
| 31 | for r in local_roles.get(name, ()): |
---|
| 32 | if r: |
---|
| 33 | lrd[r] = None |
---|
| 34 | local_group_roles = getattr(object, '__ac_local_group_roles__', None) |
---|
| 35 | if local_group_roles: |
---|
| 36 | if callable(local_group_roles): |
---|
| 37 | local_group_roles = local_group_roles() or {} |
---|
| 38 | for g in groups: |
---|
| 39 | for r in local_group_roles.get(g, ()): |
---|
| 40 | if r: |
---|
| 41 | lrd[r] = None |
---|
| 42 | lr = lrd.keys() |
---|
| 43 | # Positive role assertions |
---|
| 44 | for r in lr: |
---|
| 45 | if r[0] != '-': |
---|
| 46 | if not local.has_key(r): |
---|
| 47 | local[r] = 1 # acquired role |
---|
| 48 | # Negative (blocking) role assertions |
---|
| 49 | for r in lr: |
---|
| 50 | if r[0] == '-': |
---|
| 51 | r = r[1:] |
---|
| 52 | if not r: |
---|
| 53 | # role '-' blocks all acquisition |
---|
| 54 | stop_loop = 1 |
---|
| 55 | break |
---|
| 56 | if not local.has_key(r): |
---|
| 57 | local[r] = 0 # blocked role |
---|
| 58 | if stop_loop: |
---|
| 59 | break |
---|
[881] | 60 | if hasattr(object, 'aq_parent'): |
---|
| 61 | object = aq_inner(object.aq_parent) |
---|
[880] | 62 | continue |
---|
| 63 | if hasattr(object, 'im_self'): |
---|
[881] | 64 | object = aq_inner(object.im_self) |
---|
[880] | 65 | continue |
---|
| 66 | break |
---|
| 67 | roles = list(roles) |
---|
| 68 | for r, v in local.items(): |
---|
| 69 | if v: # only if not blocked |
---|
| 70 | roles.append(r) |
---|
| 71 | ## patch to assign dynamic roles for WAeUP |
---|
| 72 | while 1: |
---|
[881] | 73 | if not hasattr(real_object,'portal_type'): |
---|
[880] | 74 | break |
---|
[883] | 75 | if real_object.portal_type not in ("Student","StudentClearance"): |
---|
[880] | 76 | break |
---|
[902] | 77 | sc = getattr(real_object,'study_course',None) |
---|
| 78 | if sc is None: |
---|
| 79 | break |
---|
[881] | 80 | dep_id = real_object.study_course.getContent().department |
---|
| 81 | res = self.portal_catalog(portal_type="Department",id=dep_id) |
---|
[880] | 82 | if len(res) != 1: |
---|
| 83 | break |
---|
| 84 | dynamic_roles = self.getRolesInContext(res[0].getObject()) |
---|
[912] | 85 | #import pdb;pdb.set_trace() |
---|
[880] | 86 | for dr in self.getDynamicRoles(): |
---|
| 87 | if dr in dynamic_roles: |
---|
| 88 | roles.append(dr) |
---|
| 89 | break |
---|
| 90 | return roles |
---|
| 91 | |
---|
[881] | 92 | from Products.CPSUserFolder.CPSUserFolder import CPSUser |
---|
| 93 | CPSUser.getRolesInContext = getRolesInContext |
---|