source: main/waeup.kofa/branches/henrik-regista/src/waeup/ikoba/permissions.txt @ 11954

Last change on this file since 11954 was 11949, checked in by Henrik Bettermann, 10 years ago

Change of name.
File size: 2.6 KB
RevLine 
[11949]1Ikoba permissions and roles
[7321]2**************************
[4127]3
[11949]4Permissions and roles used in a Ikoba portal.
[4127]5
[5140]6.. :doctest:
[11949]7.. :layer: waeup.ikoba.testing.IkobaUnitTestLayer
[4127]8
[6157]9Convenience functions
10=====================
[4127]11
[11949]12:mod:`waeup.ikoba` offers some convenience functions to handle security
[6157]13roles.
14
[7186]15:func:`get_all_roles`
16---------------------
[6157]17
[11949]18Gives us all roles defined in Ikoba. We get tuples of
[6157]19kind
20
21  ``(<ROLE-NAME>, <ROLE>)``
22
23where ``<ROLE-NAME>`` is the name under which a role was registered
24with the ZCA (a string) and ``<ROLE>`` is the real role object.
25
[11949]26    >>> from waeup.ikoba.permissions import get_all_roles
[7186]27    >>> get_all_roles()
[6333]28    <generator object...at 0x...>
[4127]29
[7186]30    >>> sorted(list(get_all_roles()))
[11949]31    [(u'waeup.DataCenterManager', <waeup.ikoba.permissions.DataCenterManager object at 0x...]
[6157]32
[7186]33:func:`get_waeup_roles`
34-----------------------
[6157]35
[11949]36Gives us all roles, except the Ikoba specific roles. We can get a list
[6157]37with or without local roles:
38
[11949]39    >>> from waeup.ikoba.permissions import get_waeup_roles
[7186]40    >>> len(list(get_waeup_roles()))
[11947]41    9
[6157]42
[7186]43    >>> len(list(get_waeup_roles(also_local=True)))
[11947]44    10
[6157]45
46
[7186]47:func:`get_waeup_role_names`
48----------------------------
[6157]49
[11949]50We can get all role names defined in Ikoba (except 'local'
[6157]51roles that are meant not to be assigned globally):
52
[11949]53    >>> from waeup.ikoba.permissions import get_waeup_role_names
[7186]54    >>> list(get_waeup_role_names())
[11947]55    [u'waeup.DataCenterManager',
56    u'waeup.ExportManager',
57    u'waeup.ImportManager',
58    u'waeup.PortalManager',
59    u'waeup.ProductsManager',
60    u'waeup.ProductsOfficer',
61    u'waeup.UsersManager',
62    u'waeup.WorkflowManager',
63    u'waeup.xmlrpcusers1']
[6202]64
65:func:`get_users_with_local_roles`
66----------------------------------
67
68We can get all users and their roles for a certain context
69object. This even works for objects that cannot have local roles as
70they are not stored in the ZODB:
71
[11949]72    >>> from waeup.ikoba.permissions import get_users_with_local_roles
[6202]73    >>> mycontext = object()
74    >>> people_and_roles = get_users_with_local_roles(mycontext)
75    >>> people_and_roles
[6333]76    <generator object...at 0x...>
[6202]77
78In this case, the result is empty:
79
80    >>> people_and_roles = list(people_and_roles)
81    >>> people_and_roles
82    []
[9309]83
84:func:`get_users_with_role`
85---------------------------
86
87We can get all users with a specific role for a certain context
88object:
89
[11949]90    >>> from waeup.ikoba.permissions import get_users_with_role
[9309]91    >>> mycontext = object()
92    >>> people = get_users_with_role('waeup.portalManager', mycontext)
93    >>> people
94    <generator object...at 0x...>
95
96In this case, the result is empty:
97
98    >>> people = list(people)
99    >>> people
[10013]100    []
Note: See TracBrowser for help on using the repository browser.