source: WAeUP_SRP/trunk/PatchCPSUserFolderUserFolder.py @ 1059

Last change on this file since 1059 was 1035, checked in by joachim, 18 years ago

fixed unauthorized bug in PatchCPSUserFolder

File size: 3.3 KB
Line 
1from AccessControl import ClassSecurityInfo
2from ExtensionClass import Base
3from Acquisition import Implicit
4from Acquisition import aq_base, aq_parent, aq_inner
5
6security = ClassSecurityInfo()
7
8security.declarePublic('getRolesInContext')
9def getRolesInContext(self, object):
10    """Get the list of roles assigned to the user.
11    This includes local roles assigned in the context of
12    the passed in object.
13    Knows about local roles blocking (roles starting with '-').
14    """
15    name = self.getUserName()
16    roles = self.getRoles()
17    # deal with groups
18    groups = self.getComputedGroups()
19    # end groups
20    local = {}
21    stop_loop = 0
22    real_object = object
23    object = aq_inner(object)
24    while 1:
25        # Collect all roles info
26        lrd = {}
27        local_roles = getattr(object, '__ac_local_roles__', None)
28        if local_roles:
29            if callable(local_roles):
30                local_roles = local_roles() or {}
31            for r in local_roles.get(name, ()):
32                if r:
33                    lrd[r] = None
34        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
35        if local_group_roles:
36            if callable(local_group_roles):
37                local_group_roles = local_group_roles() or {}
38            for g in groups:
39                for r in local_group_roles.get(g, ()):
40                    if r:
41                        lrd[r] = None
42        lr = lrd.keys()
43        # Positive role assertions
44        for r in lr:
45            if r[0] != '-':
46                if not local.has_key(r):
47                    local[r] = 1 # acquired role
48        # Negative (blocking) role assertions
49        for r in lr:
50            if r[0] == '-':
51                r = r[1:]
52                if not r:
53                    # role '-' blocks all acquisition
54                    stop_loop = 1
55                    break
56                if not local.has_key(r):
57                    local[r] = 0 # blocked role
58        if stop_loop:
59            break
60        if hasattr(object, 'aq_parent'):
61            object = aq_inner(object.aq_parent)
62            continue
63        if hasattr(object, 'im_self'):
64            object = aq_inner(object.im_self)
65            continue
66        break
67    roles = list(roles)
68    for r, v in local.items():
69        if v: # only if not blocked
70            roles.append(r)
71    ## patch to assign dynamic roles for WAeUP
72    while 1:
73        #import pdb; pdb.set_trace()
74        if callable(real_object) and hasattr(real_object,'im_self'):
75            real_object = real_object.im_self
76        if hasattr(real_object,'portal_type') and\
77                   real_object.portal_type not in ("Student","StudentClearance"):
78            break
79        sc = getattr(real_object,'study_course',None)
80        if sc is None:
81            break
82        dep_id = real_object.study_course.getContent().department
83        res = self.portal_catalog(portal_type="Department",id=dep_id)
84        if len(res) != 1:
85            break
86        dynamic_roles = self.getRolesInContext(res[0].getObject())
87        #import pdb;pdb.set_trace()
88        for dr in self.getDynamicRoles():
89            if dr in dynamic_roles:
90                roles.append(dr)
91        break
92    return roles
93
94from Products.CPSUserFolder.CPSUserFolder import CPSUser
95CPSUser.getRolesInContext = getRolesInContext
Note: See TracBrowser for help on using the repository browser.