source: WAeUP_SRP/trunk/PatchCPSUserFolderUserFolder.py @ 1569

Last change on this file since 1569 was 1569, checked in by Henrik Bettermann, 18 years ago

ticket 121
File size: 4.8 KB
Line 
1from AccessControl import ClassSecurityInfo
2from ExtensionClass import Base
3from Acquisition import Implicit
4from Acquisition import aq_base, aq_parent, aq_inner
5
6security = ClassSecurityInfo()
7
8security.declarePublic('getRolesInContext')
9def getRolesInContext(self, object):
10    """Get the list of roles assigned to the user.
11    This includes local roles assigned in the context of
12    the passed in object.
13    Knows about local roles blocking (roles starting with '-').
14    """
15    name = self.getUserName()
16    roles = self.getRoles()
17    # deal with groups
18    groups = self.getComputedGroups()
19    # end groups
20    local = {}
21    stop_loop = 0
22    real_object = object
23    object = aq_inner(object)
24    while 1:
25        # Collect all roles info
26        lrd = {}
27        local_roles = getattr(object, '__ac_local_roles__', None)
28        if local_roles:
29            if callable(local_roles):
30                local_roles = local_roles() or {}
31            for r in local_roles.get(name, ()):
32                if r:
33                    lrd[r] = None
34        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
35        if local_group_roles:
36            if callable(local_group_roles):
37                local_group_roles = local_group_roles() or {}
38            for g in groups:
39                for r in local_group_roles.get(g, ()):
40                    if r:
41                        lrd[r] = None
42        lr = lrd.keys()
43        # Positive role assertions
44        for r in lr:
45            if r[0] != '-':
46                if not local.has_key(r):
47                    local[r] = 1 # acquired role
48        # Negative (blocking) role assertions
49        for r in lr:
50            if r[0] == '-':
51                r = r[1:]
52                if not r:
53                    # role '-' blocks all acquisition
54                    stop_loop = 1
55                    break
56                if not local.has_key(r):
57                    local[r] = 0 # blocked role
58        if stop_loop:
59            break
60        if hasattr(object, 'aq_parent'):
61            object = aq_inner(object.aq_parent)
62            continue
63        if hasattr(object, 'im_self'):
64            object = aq_inner(object.im_self)
65            continue
66        break
67    roles = list(roles)
68    for r, v in local.items():
69        if v: # only if not blocked
70            roles.append(r)
71    ## patch to assign dynamic roles for WAeUP
72    while 1:
73        break
74        if self.isStudent() or self.isSectionOfficer():
75            break
76        if callable(real_object) and hasattr(real_object,'im_self'):
77            real_object = real_object.im_self
78
79        if real_object is None:
80            break
81        if hasattr(real_object,'portal_type') and\
82                   real_object.portal_type not in ("Student","StudentClearance","StudentStudyLevel"):
83            break
84
85        #from pdb import set_trace;set_trace()
86        # can be later simplified by replacing by students_catalog values - Henrik
87        # getattr works always because of acquisition ?! Henrik
88        sc = getattr(real_object,'study_course',None)
89        if sc is None:
90            break
91        sc_obj = sc.getContent()
92        cert_id = sc_obj.study_course
93        res_cert = self.portal_catalog(id = cert_id)
94        if len(res_cert) != 1:
95            break
96        certificate_brain = res_cert[0]
97        certificate_obj = certificate_brain.getObject()
98        cert_path = certificate_brain.getPath().split('/')
99        fac_id = cert_path[-4]
100        dep_id = cert_path[-3]
101        # temporary self-healing function
102        # deprecated after reindexing the students_catalog
103        student_id = self.getStudentId()
104        res = self.students_catalog(id=student_id)
105        if len(res) != 1:
106            break
107        st_entry = res[0]
108        if st_entry.faculty != fac_id or\
109           st_entry.department != dep_id or\
110           st_entry.course != cert_id:
111               self.students_catalog.modifyRecord(id = student_id,
112                                                faculty = fac_id,
113                                                department = dep_id,
114                                                course = cert_id
115                                                )
116        if real_object.portal_type == "StudentStudyLevel":
117            context_obj = getattr(certificate_obj,real_object.getId())
118            allowed = ('CourseAdviser', 'SectionManager')
119        else:
120            res = self.portal_catalog(portal_type="Department",id=dep_id)
121            allowed = ('ClearanceOfficer', 'SectionManager')
122            if len(res) != 1:
123                break
124            context_obj = res[0].getObject()
125        dynamic_roles = self.getRolesInContext(context_obj)
126        for dr in allowed:
127            if dr in dynamic_roles:
128                roles.append(dr)
129        break
130    return roles
131
132from Products.CPSUserFolder.CPSUserFolder import CPSUser
133CPSUser.getRolesInContext = getRolesInContext
Note: See TracBrowser for help on using the repository browser.