| [7192] | 1 | ## $Id: permissions.py 15085 2018-07-11 04:28:32Z henrik $ |
|---|
| [6044] | 2 | ## |
|---|
| [6478] | 3 | ## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann |
|---|
| [6044] | 4 | ## This program is free software; you can redistribute it and/or modify |
|---|
| 5 | ## it under the terms of the GNU General Public License as published by |
|---|
| 6 | ## the Free Software Foundation; either version 2 of the License, or |
|---|
| 7 | ## (at your option) any later version. |
|---|
| [7192] | 8 | ## |
|---|
| [6044] | 9 | ## This program is distributed in the hope that it will be useful, |
|---|
| 10 | ## but WITHOUT ANY WARRANTY; without even the implied warranty of |
|---|
| 11 | ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|---|
| 12 | ## GNU General Public License for more details. |
|---|
| [7192] | 13 | ## |
|---|
| [6044] | 14 | ## You should have received a copy of the GNU General Public License |
|---|
| 15 | ## along with this program; if not, write to the Free Software |
|---|
| 16 | ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
|---|
| 17 | ## |
|---|
| 18 | """ |
|---|
| 19 | Local permissions for applicants/applications. |
|---|
| 20 | """ |
|---|
| 21 | import grok |
|---|
| 22 | |
|---|
| 23 | # Application permissions |
|---|
| 24 | |
|---|
| [6198] | 25 | class HandleApplication(grok.Permission): |
|---|
| [12847] | 26 | """The HandleApplication permission is reserved for applicants. |
|---|
| 27 | Applicants 'handle' their data. Officers 'manage' the data. |
|---|
| 28 | """ |
|---|
| [6198] | 29 | grok.name('waeup.handleApplication') |
|---|
| [6044] | 30 | |
|---|
| [6367] | 31 | class ViewApplication(grok.Permission): |
|---|
| [12847] | 32 | """The ViewApplication permission allows to view application records. |
|---|
| 33 | """ |
|---|
| [6367] | 34 | grok.name('waeup.viewApplication') |
|---|
| 35 | |
|---|
| [7240] | 36 | class ViewApplicationsTab(grok.Permission): |
|---|
| [7250] | 37 | grok.name('waeup.viewApplicantsTab') |
|---|
| [7240] | 38 | |
|---|
| 39 | class ViewMyApplicationDataTab(grok.Permission): |
|---|
| 40 | grok.name('waeup.viewMyApplicationDataTab') |
|---|
| 41 | |
|---|
| [7136] | 42 | class ManageApplication(grok.Permission): |
|---|
| [12847] | 43 | """The ManageApplication permission allows to edit the data. This |
|---|
| 44 | permission is reserved for officers and portal managers. |
|---|
| 45 | """ |
|---|
| [7136] | 46 | grok.name('waeup.manageApplication') |
|---|
| [6044] | 47 | |
|---|
| [8565] | 48 | class ViewApplicationStatistics(grok.Permission): |
|---|
| [12847] | 49 | """The ViewApplicationStatistics permission allows to perform statistical |
|---|
| [15085] | 50 | evaluations. |
|---|
| [12847] | 51 | """ |
|---|
| [8565] | 52 | grok.name('waeup.viewApplicationStatistics') |
|---|
| 53 | |
|---|
| [7250] | 54 | class PayApplicant(grok.Permission): |
|---|
| [12847] | 55 | """The PayApplicant permission allows to add an online payment ticket. |
|---|
| 56 | """ |
|---|
| [7250] | 57 | grok.name('waeup.payApplicant') |
|---|
| 58 | |
|---|
| [14948] | 59 | class CreateStudents(grok.Permission): |
|---|
| 60 | """The CreateStudents permission allows to create a bunch student |
|---|
| 61 | records from application records. |
|---|
| 62 | """ |
|---|
| 63 | grok.name('waeup.createStudents') |
|---|
| 64 | |
|---|
| [6198] | 65 | # Local role |
|---|
| [12847] | 66 | |
|---|
| [6044] | 67 | class ApplicationOwner(grok.Role): |
|---|
| [12847] | 68 | """An applicant 'owns' her/his application record and |
|---|
| 69 | gains permissions to handle the record, upload a passport picture or |
|---|
| 70 | add payment tickets. |
|---|
| 71 | """ |
|---|
| [6044] | 72 | grok.name('waeup.local.ApplicationOwner') |
|---|
| [6159] | 73 | grok.title(u'Application Owner') |
|---|
| [12847] | 74 | grok.permissions('waeup.handleApplication', |
|---|
| 75 | 'waeup.viewApplication', |
|---|
| [8367] | 76 | 'waeup.payApplicant') |
|---|
| [6184] | 77 | |
|---|
| [12847] | 78 | # Site roles |
|---|
| [7166] | 79 | |
|---|
| 80 | class ApplicantRole(grok.Role): |
|---|
| [12847] | 81 | """This role is dedicated to applicants only. It defines the permissions |
|---|
| 82 | an applicant gains portal-wide. |
|---|
| 83 | """ |
|---|
| [7166] | 84 | grok.name('waeup.Applicant') |
|---|
| [14511] | 85 | grok.title(u'Applicant (do not assign)') |
|---|
| [8367] | 86 | grok.permissions('waeup.viewAcademics', 'waeup.viewMyApplicationDataTab', |
|---|
| 87 | 'waeup.Authenticated') |
|---|
| [7166] | 88 | |
|---|
| [6184] | 89 | class ApplicationsOfficer(grok.Role): |
|---|
| [12847] | 90 | """The Applications Officer is allowed to view all application records. |
|---|
| 91 | """ |
|---|
| [6198] | 92 | grok.name('waeup.ApplicationsOfficer') |
|---|
| [10226] | 93 | grok.title(u'Applications Officer (view only)') |
|---|
| 94 | grok.permissions('waeup.viewApplication', 'waeup.viewApplicantsTab') |
|---|
| 95 | |
|---|
| 96 | class ApplicationsManager(grok.Role): |
|---|
| [13098] | 97 | """The Applications Manager is allowed to edit all application records. |
|---|
| [15085] | 98 | The role also allows to add payment tickets and view statistics. |
|---|
| [12847] | 99 | """ |
|---|
| [10226] | 100 | grok.name('waeup.ApplicationsManager') |
|---|
| 101 | grok.title(u'Applications Manager') |
|---|
| [8367] | 102 | grok.permissions('waeup.manageApplication', 'waeup.viewApplication', |
|---|
| [15085] | 103 | 'waeup.viewApplicantsTab', 'waeup.payApplicant', |
|---|
| 104 | 'waeup.viewApplicationStatistics') |
|---|
| [14948] | 105 | |
|---|
| 106 | class StudentsCreator(grok.Role): |
|---|
| 107 | """The Students Creator is allowed to create a bunch of student |
|---|
| 108 | records from application records. |
|---|
| 109 | """ |
|---|
| 110 | grok.name('waeup.StudentsCreator') |
|---|
| 111 | grok.title(u'Students Creator') |
|---|
| 112 | grok.permissions('waeup.viewApplication', |
|---|
| 113 | 'waeup.viewApplicantsTab', |
|---|
| 114 | 'waeup.createStudents') |
|---|
