from AccessControl import ClassSecurityInfo from ExtensionClass import Base from Acquisition import Implicit from Acquisition import aq_base, aq_parent, aq_inner security = ClassSecurityInfo() security.declarePublic('getRolesInContext') def getRolesInContext(self, object): """Get the list of roles assigned to the user. This includes local roles assigned in the context of the passed in object. Knows about local roles blocking (roles starting with '-'). """ name = self.getUserName() roles = self.getRoles() # deal with groups groups = self.getComputedGroups() # end groups local = {} stop_loop = 0 real_object = object object = aq_inner(object) while 1: # Collect all roles info lrd = {} local_roles = getattr(object, '__ac_local_roles__', None) if local_roles: if callable(local_roles): local_roles = local_roles() or {} for r in local_roles.get(name, ()): if r: lrd[r] = None local_group_roles = getattr(object, '__ac_local_group_roles__', None) if local_group_roles: if callable(local_group_roles): local_group_roles = local_group_roles() or {} for g in groups: for r in local_group_roles.get(g, ()): if r: lrd[r] = None lr = lrd.keys() # Positive role assertions for r in lr: if r[0] != '-': if not local.has_key(r): local[r] = 1 # acquired role # Negative (blocking) role assertions for r in lr: if r[0] == '-': r = r[1:] if not r: # role '-' blocks all acquisition stop_loop = 1 break if not local.has_key(r): local[r] = 0 # blocked role if stop_loop: break if hasattr(object, 'aq_parent'): object = aq_inner(object.aq_parent) continue if hasattr(object, 'im_self'): object = aq_inner(object.im_self) continue break roles = list(roles) for r, v in local.items(): if v: # only if not blocked roles.append(r) ## patch to assign dynamic roles for WAeUP while 1: if callable(real_object) and hasattr(real_object,'im_self'): real_object = real_object.im_self if hasattr(real_object,'portal_type') and\ real_object.portal_type not in ("Student","StudentClearance"): break sc = getattr(real_object,'study_course',None) if sc is None: break sc_obj = sc.getContent() res_sc = self.portal_catalog(portal_type="Certificate", id = sc_obj.study_course) if len(res_sc) != 1: break cert_path = res_sc[0].getPath().split('/') fac_id = cert_path[-4] dep_id = cert_path[-3] # temporary sel-healing function # deprecated after reindexing the students_catalog student_id = self.getStudentId() res = self.students_catalog(id=student_id) if len(res) != 1: break self.students_catalog.modifyRecord(id = student_id, faculty = fac_id, department = dep_id, ) res = self.portal_catalog(portal_type="Department",id=dep_id) if len(res) != 1: break dynamic_roles = self.getRolesInContext(res[0].getObject()) for dr in ('ClearanceOfficer','CourseAdviser', 'SectionManager'): if dr in dynamic_roles: roles.append(dr) break return roles from Products.CPSUserFolder.CPSUserFolder import CPSUser CPSUser.getRolesInContext = getRolesInContext