[7192] | 1 | ## $Id: permissions.py 14511 2017-02-07 08:33:05Z henrik $ |
---|
[6044] | 2 | ## |
---|
[6478] | 3 | ## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann |
---|
[6044] | 4 | ## This program is free software; you can redistribute it and/or modify |
---|
| 5 | ## it under the terms of the GNU General Public License as published by |
---|
| 6 | ## the Free Software Foundation; either version 2 of the License, or |
---|
| 7 | ## (at your option) any later version. |
---|
[7192] | 8 | ## |
---|
[6044] | 9 | ## This program is distributed in the hope that it will be useful, |
---|
| 10 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 11 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 12 | ## GNU General Public License for more details. |
---|
[7192] | 13 | ## |
---|
[6044] | 14 | ## You should have received a copy of the GNU General Public License |
---|
| 15 | ## along with this program; if not, write to the Free Software |
---|
| 16 | ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
---|
| 17 | ## |
---|
| 18 | """ |
---|
| 19 | Local permissions for applicants/applications. |
---|
| 20 | """ |
---|
| 21 | import grok |
---|
| 22 | |
---|
| 23 | # Application permissions |
---|
| 24 | |
---|
[6198] | 25 | class HandleApplication(grok.Permission): |
---|
[12847] | 26 | """The HandleApplication permission is reserved for applicants. |
---|
| 27 | Applicants 'handle' their data. Officers 'manage' the data. |
---|
| 28 | """ |
---|
[6198] | 29 | grok.name('waeup.handleApplication') |
---|
[6044] | 30 | |
---|
[6367] | 31 | class ViewApplication(grok.Permission): |
---|
[12847] | 32 | """The ViewApplication permission allows to view application records. |
---|
| 33 | """ |
---|
[6367] | 34 | grok.name('waeup.viewApplication') |
---|
| 35 | |
---|
[7240] | 36 | class ViewApplicationsTab(grok.Permission): |
---|
[7250] | 37 | grok.name('waeup.viewApplicantsTab') |
---|
[7240] | 38 | |
---|
| 39 | class ViewMyApplicationDataTab(grok.Permission): |
---|
| 40 | grok.name('waeup.viewMyApplicationDataTab') |
---|
| 41 | |
---|
[7136] | 42 | class ManageApplication(grok.Permission): |
---|
[12847] | 43 | """The ManageApplication permission allows to edit the data. This |
---|
| 44 | permission is reserved for officers and portal managers. |
---|
| 45 | """ |
---|
[7136] | 46 | grok.name('waeup.manageApplication') |
---|
[6044] | 47 | |
---|
[8565] | 48 | class ViewApplicationStatistics(grok.Permission): |
---|
[12847] | 49 | """The ViewApplicationStatistics permission allows to perform statistical |
---|
| 50 | evaluations. Only portal managers have this permission. |
---|
| 51 | """ |
---|
[8565] | 52 | grok.name('waeup.viewApplicationStatistics') |
---|
| 53 | |
---|
[7250] | 54 | class PayApplicant(grok.Permission): |
---|
[12847] | 55 | """The PayApplicant permission allows to add an online payment ticket. |
---|
| 56 | """ |
---|
[7250] | 57 | grok.name('waeup.payApplicant') |
---|
| 58 | |
---|
[6198] | 59 | # Local role |
---|
[12847] | 60 | |
---|
[6044] | 61 | class ApplicationOwner(grok.Role): |
---|
[12847] | 62 | """An applicant 'owns' her/his application record and |
---|
| 63 | gains permissions to handle the record, upload a passport picture or |
---|
| 64 | add payment tickets. |
---|
| 65 | """ |
---|
[6044] | 66 | grok.name('waeup.local.ApplicationOwner') |
---|
[6159] | 67 | grok.title(u'Application Owner') |
---|
[12847] | 68 | grok.permissions('waeup.handleApplication', |
---|
| 69 | 'waeup.viewApplication', |
---|
[8367] | 70 | 'waeup.payApplicant') |
---|
[6184] | 71 | |
---|
[12847] | 72 | # Site roles |
---|
[7166] | 73 | |
---|
| 74 | class ApplicantRole(grok.Role): |
---|
[12847] | 75 | """This role is dedicated to applicants only. It defines the permissions |
---|
| 76 | an applicant gains portal-wide. |
---|
| 77 | """ |
---|
[7166] | 78 | grok.name('waeup.Applicant') |
---|
[14511] | 79 | grok.title(u'Applicant (do not assign)') |
---|
[8367] | 80 | grok.permissions('waeup.viewAcademics', 'waeup.viewMyApplicationDataTab', |
---|
| 81 | 'waeup.Authenticated') |
---|
[7166] | 82 | |
---|
[6184] | 83 | class ApplicationsOfficer(grok.Role): |
---|
[12847] | 84 | """The Applications Officer is allowed to view all application records. |
---|
| 85 | """ |
---|
[6198] | 86 | grok.name('waeup.ApplicationsOfficer') |
---|
[10226] | 87 | grok.title(u'Applications Officer (view only)') |
---|
| 88 | grok.permissions('waeup.viewApplication', 'waeup.viewApplicantsTab') |
---|
| 89 | |
---|
| 90 | class ApplicationsManager(grok.Role): |
---|
[13098] | 91 | """The Applications Manager is allowed to edit all application records. |
---|
| 92 | The role also allows to add payment tickets. |
---|
[12847] | 93 | """ |
---|
[10226] | 94 | grok.name('waeup.ApplicationsManager') |
---|
| 95 | grok.title(u'Applications Manager') |
---|
[8367] | 96 | grok.permissions('waeup.manageApplication', 'waeup.viewApplication', |
---|
[7250] | 97 | 'waeup.viewApplicantsTab', 'waeup.payApplicant') |
---|