source: main/waeup.ikoba/trunk/src/waeup/ikoba/permissions.txt @ 12213

Last change on this file since 12213 was 12207, checked in by Henrik Bettermann, 10 years ago

Make necessary changes in root and in customer browser test.

Add plugin to create documents folder.

File size: 2.8 KB
RevLine 
[11949]1Ikoba permissions and roles
[7321]2**************************
[4127]3
[11949]4Permissions and roles used in a Ikoba portal.
[4127]5
[5140]6.. :doctest:
[11949]7.. :layer: waeup.ikoba.testing.IkobaUnitTestLayer
[4127]8
[6157]9Convenience functions
10=====================
[4127]11
[11949]12:mod:`waeup.ikoba` offers some convenience functions to handle security
[6157]13roles.
14
[7186]15:func:`get_all_roles`
16---------------------
[6157]17
[11949]18Gives us all roles defined in Ikoba. We get tuples of
[6157]19kind
20
21  ``(<ROLE-NAME>, <ROLE>)``
22
23where ``<ROLE-NAME>`` is the name under which a role was registered
24with the ZCA (a string) and ``<ROLE>`` is the real role object.
25
[11949]26    >>> from waeup.ikoba.permissions import get_all_roles
[7186]27    >>> get_all_roles()
[6333]28    <generator object...at 0x...>
[4127]29
[7186]30    >>> sorted(list(get_all_roles()))
[11958]31    [(u'waeup.Customer', <waeup.ikoba.customers.permissions.CustomerRole object at 0x...]
[6157]32
[7186]33:func:`get_waeup_roles`
34-----------------------
[6157]35
[11949]36Gives us all roles, except the Ikoba specific roles. We can get a list
[6157]37with or without local roles:
38
[11949]39    >>> from waeup.ikoba.permissions import get_waeup_roles
[7186]40    >>> len(list(get_waeup_roles()))
[12207]41    15
[6157]42
[7186]43    >>> len(list(get_waeup_roles(also_local=True)))
[12207]44    19
[6157]45
46
[7186]47:func:`get_waeup_role_names`
48----------------------------
[6157]49
[11949]50We can get all role names defined in Ikoba (except 'local'
[6157]51roles that are meant not to be assigned globally):
52
[11949]53    >>> from waeup.ikoba.permissions import get_waeup_role_names
[7186]54    >>> list(get_waeup_role_names())
[11958]55    [u'waeup.Customer',
56    u'waeup.CustomerImpersonator',
57    u'waeup.CustomersManager',
58    u'waeup.CustomersOfficer',
59    u'waeup.DataCenterManager',
[12207]60    u'waeup.DocumentsManager',
61    u'waeup.DocumentsOfficer',
[11947]62    u'waeup.ExportManager',
63    u'waeup.ImportManager',
64    u'waeup.PortalManager',
65    u'waeup.ProductsManager',
66    u'waeup.ProductsOfficer',
67    u'waeup.UsersManager',
68    u'waeup.WorkflowManager',
69    u'waeup.xmlrpcusers1']
[6202]70
71:func:`get_users_with_local_roles`
72----------------------------------
73
74We can get all users and their roles for a certain context
75object. This even works for objects that cannot have local roles as
76they are not stored in the ZODB:
77
[11949]78    >>> from waeup.ikoba.permissions import get_users_with_local_roles
[6202]79    >>> mycontext = object()
80    >>> people_and_roles = get_users_with_local_roles(mycontext)
81    >>> people_and_roles
[6333]82    <generator object...at 0x...>
[6202]83
84In this case, the result is empty:
85
86    >>> people_and_roles = list(people_and_roles)
87    >>> people_and_roles
88    []
[9309]89
90:func:`get_users_with_role`
91---------------------------
92
93We can get all users with a specific role for a certain context
94object:
95
[11949]96    >>> from waeup.ikoba.permissions import get_users_with_role
[9309]97    >>> mycontext = object()
98    >>> people = get_users_with_role('waeup.portalManager', mycontext)
99    >>> people
100    <generator object...at 0x...>
101
102In this case, the result is empty:
103
104    >>> people = list(people)
105    >>> people
[10013]106    []
Note: See TracBrowser for help on using the repository browser.