source: WAeUP_SRP/trunk/PatchCPSUserFolderUserFolder.py @ 1577

Last change on this file since 1577 was 1576, checked in by joachim, 18 years ago

Fix for #121 also improve handling of "Processing in progress"

File size: 5.2 KB
Line 
1from AccessControl import ClassSecurityInfo
2from ExtensionClass import Base
3from Acquisition import Implicit
4from Acquisition import aq_base, aq_parent, aq_inner
5
6security = ClassSecurityInfo()
7
8security.declarePublic('getRolesInContext')
9def getRolesInContext(self, object):
10    """Get the list of roles assigned to the user.
11    This includes local roles assigned in the context of
12    the passed in object.
13    Knows about local roles blocking (roles starting with '-').
14    """
15    name = self.getUserName()
16    roles = self.getRoles()
17    # deal with groups
18    groups = self.getComputedGroups()
19    # end groups
20    local = {}
21    stop_loop = 0
22    real_object = object
23    object = aq_inner(object)
24    while 1:
25        # Collect all roles info
26        lrd = {}
27        local_roles = getattr(object, '__ac_local_roles__', None)
28        if local_roles:
29            if callable(local_roles):
30                local_roles = local_roles() or {}
31            for r in local_roles.get(name, ()):
32                if r:
33                    lrd[r] = None
34        local_group_roles = getattr(object, '__ac_local_group_roles__', None)
35        if local_group_roles:
36            if callable(local_group_roles):
37                local_group_roles = local_group_roles() or {}
38            for g in groups:
39                for r in local_group_roles.get(g, ()):
40                    if r:
41                        lrd[r] = None
42        lr = lrd.keys()
43        # Positive role assertions
44        for r in lr:
45            if r[0] != '-':
46                if not local.has_key(r):
47                    local[r] = 1 # acquired role
48        # Negative (blocking) role assertions
49        for r in lr:
50            if r[0] == '-':
51                r = r[1:]
52                if not r:
53                    # role '-' blocks all acquisition
54                    stop_loop = 1
55                    break
56                if not local.has_key(r):
57                    local[r] = 0 # blocked role
58        if stop_loop:
59            break
60        if hasattr(object, 'aq_parent'):
61            object = aq_inner(object.aq_parent)
62            continue
63        if hasattr(object, 'im_self'):
64            object = aq_inner(object.im_self)
65            continue
66        break
67    roles = list(roles)
68    for r, v in local.items():
69        if v: # only if not blocked
70            roles.append(r)
71    ## patch to assign dynamic roles for WAeUP
72    while 1:
73        #from pdb import set_trace;set_trace()
74        if self.isStudent():
75            break
76        groups = self.portal_membership.getAuthenticatedMember().getGroups()
77        if not ("ClearanceOfficer" in groups or "CourseAdviser" in groups):
78            break
79        if callable(real_object) and hasattr(real_object,'im_self'):
80            real_object = real_object.im_self
81
82        if real_object is None:
83            break
84        if hasattr(real_object,'portal_type') and\
85                   real_object.portal_type not in ("Student",
86                                                   "StudentClearance",
87                                                   "StudentStudyLevel"):
88            break
89
90        # can be later simplified by replacing by students_catalog values - Henrik
91        # getattr works always because of acquisition ?! Henrik
92        sc = getattr(real_object,'study_course',None)
93        if sc is None:
94            break
95        sc_obj = sc.getContent()
96        cert_id = sc_obj.study_course
97        res_cert = self.portal_catalog(id = cert_id)
98        if len(res_cert) != 1:
99            break
100        certificate_brain = res_cert[0]
101        certificate_obj = certificate_brain.getObject()
102        cert_path = certificate_brain.getPath().split('/')
103        fac_id = cert_path[-4]
104        dep_id = cert_path[-3]
105        # temporary self-healing function
106        # deprecated after reindexing the students_catalog
107        student_id = self.getStudentId()
108        res = self.students_catalog(id=student_id)
109        if len(res) != 1:
110            break
111        st_entry = res[0]
112        if st_entry.faculty != fac_id or\
113           st_entry.department != dep_id or\
114           st_entry.course != cert_id:
115               self.students_catalog.modifyRecord(id = student_id,
116                                                faculty = fac_id,
117                                                department = dep_id,
118                                                course = cert_id
119                                                )
120        if real_object.portal_type == "StudentStudyLevel":
121            if real_object.meta_type == "StudentStudyLevel":
122                #if it is not a Proxy
123                break
124            context_obj = getattr(certificate_obj,real_object.getId(),None)
125            if context_obj is None:
126                break
127            allowed = ('CourseAdviser', 'SectionManager')
128        else:
129            res = self.portal_catalog(portal_type="Department",id=dep_id)
130            allowed = ('ClearanceOfficer', 'SectionManager')
131            if len(res) != 1:
132                break
133            context_obj = res[0].getObject()
134        dynamic_roles = self.getRolesInContext(context_obj)
135        for dr in allowed:
136            if dr in dynamic_roles:
137                roles.append(dr)
138        break
139    return roles
140
141from Products.CPSUserFolder.CPSUserFolder import CPSUser
142CPSUser.getRolesInContext = getRolesInContext
Note: See TracBrowser for help on using the repository browser.