source: main/waeup.kofa/trunk/src/waeup/kofa/students/permissions.py @ 15444

Last change on this file since 15444 was 15333, checked in by Henrik Bettermann, 6 years ago

Add transcript_remark field to study levels. Add page to allow
transcript officers editing the field during transcript processing.

Tests will follow!

  • Property svn:keywords set to Id
File size: 7.8 KB
RevLine 
[7191]1## $Id: permissions.py 15333 2019-02-17 10:51:02Z henrik $
2##
[6655]3## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
[13076]19Permissions for the students section.
[6655]20"""
21import grok
22
[13076]23# Students section permissions
[6655]24
[6660]25class HandleStudent(grok.Permission):
[12847]26    """
27    The HandleStudent permission is reserved for students.
28    Students 'handle' their data. Officers 'manage' the data.
29    """
[6660]30    grok.name('waeup.handleStudent')
[6655]31
[6660]32class ViewStudent(grok.Permission):
[12847]33    """
34    The ViewStudent permission allows to view all student data.
35    """
[6660]36    grok.name('waeup.viewStudent')
37
[7240]38class ViewMyStudentDataTab(grok.Permission):
39    grok.name('waeup.viewMyStudentDataTab')
40
41class ViewStudentsContainer(grok.Permission):
[12847]42    """The ViewStudentsContainer permission allows to view the students root
43    container page.
44    """
[7240]45    grok.name('waeup.viewStudentsContainer')
46
[6930]47class PayStudent(grok.Permission):
[12847]48    """The PayStudent permission allows to add an online payment ticket and to
49    manage tickets.
50    """
[6930]51    grok.name('waeup.payStudent')
52
[7181]53class HandleAccommodation(grok.Permission):
[12847]54    """The HandleAccommodation allows to manage bed tickets.
55    """
[7181]56    grok.name('waeup.handleAccommodation')
57
[7127]58class UploadStudentFile(grok.Permission):
[12847]59    """The UploadStudentFile permissions allows to upload the passport picture.
60    The respective page additionally checks the state of the student.
61    """
[7127]62    grok.name('waeup.uploadStudentFile')
63
[7136]64class ManageStudent(grok.Permission):
[12847]65    """The ManageStudent permission allows to edit the data.
[13026]66    This permission is meant for students officers.
[12847]67    """
[7136]68    grok.name('waeup.manageStudent')
[6655]69
[7136]70class ClearStudent(grok.Permission):
[12847]71    """The ClearStudent permission is needed to clear students
[13026]72    or to reject clearance. This permission is meant for clearance officers.
[12847]73    """
[7136]74    grok.name('waeup.clearStudent')
75
[7334]76class ValidateStudent(grok.Permission):
[12847]77    """The ValidateStudent permission is needed to validate or reject
78    course lists. This permission is not needed if users
79    already have the TriggerTransition permission.
80    """
[7334]81    grok.name('waeup.validateStudent')
82
[9924]83class EditStudyLevel(grok.Permission):
[12847]84    """The EditStudyLevel permission is needed for editing course lists.
85    Students and course advisers do have this permission.
86    """
[9924]87    grok.name('waeup.editStudyLevel')
88
[9335]89class LoginAsStudent(grok.Permission):
[12847]90    """The LoginAsStudent is needed to set temporary student passwords
91    and login as (impersonate) students.
92    """
[9335]93    grok.name('waeup.loginAsStudent')
94
[15163]95class ViewTranscript(grok.Permission):
96    """The ViewTranscript role is needed to view transcript pages and slips.
97    """
98    grok.name('waeup.viewTranscript')
99
100class ProcessTranscript(grok.Permission):
101    grok.name('waeup.processTranscript')
102    """The ProcessTranscript role is needed to validate and relase transcripts.
103    """
104
105class SignTranscript(grok.Permission):
106    grok.name('waeup.signTranscript')
[15173]107    """The SignTranscript role is needed to sign transcripts.
[15163]108    """
109
[6660]110# Local role
111class StudentRecordOwner(grok.Role):
[12847]112    """A student 'owns' her/his student object and subobjects and
113    gains permissions to handle all data, upload a passport picture,
114    add payment tickets, create and edit course lists and handle accommodation.
115    """
[6660]116    grok.name('waeup.local.StudentRecordOwner')
117    grok.title(u'Student Record Owner')
[12843]118    grok.permissions('waeup.handleStudent',
119                     'waeup.uploadStudentFile',
120                     'waeup.viewStudent',
121                     'waeup.payStudent',
122                     'waeup.handleAccommodation',
123                     'waeup.editStudyLevel')
[6660]124
[7178]125# Site Roles
[6678]126class StudentRole(grok.Role):
[12847]127    """This role is dedicated to students only.
128    It defines the permissions a student gains portal-wide.
129    """
[6678]130    grok.name('waeup.Student')
[9939]131    grok.title(u'Student (do not assign)')
[12843]132    grok.permissions('waeup.viewAcademics',
133                     'waeup.viewMyStudentDataTab',
[8367]134                     'waeup.Authenticated')
[6678]135
[6655]136class StudentsOfficer(grok.Role):
[12847]137    """The Students Officer is allowed to view all student data.
138    """
[6655]139    grok.name('waeup.StudentsOfficer')
[7154]140    grok.title(u'Students Officer (view only)')
[12843]141    grok.permissions('waeup.viewStudent',
142                     'waeup.viewStudentsContainer')
[7154]143
144class StudentsManager(grok.Role):
[13762]145    """The Students Manager is allowed to edit all student data, to
[12847]146    create payment tickets, to handle bed tickets and to upload passport
147    pictures.
148    """
[7154]149    grok.name('waeup.StudentsManager')
150    grok.title(u'Students Manager')
[12843]151    grok.permissions('waeup.viewStudent',
152                     'waeup.manageStudent',
153                     'waeup.viewStudentsContainer',
154                     'waeup.payStudent',
155                     'waeup.uploadStudentFile',
156                     'waeup.handleAccommodation')
[7154]157
[10465]158class TranscriptOfficer(grok.Role):
[15163]159    """The Transcript Officer is allowed to view, to validate and to
160    release student transcripts. The officer is not allowed to
[15333]161    manage student data but to edit the transcript remark on a separate
162    manage page.
[15163]163    """
[10465]164    grok.name('waeup.TranscriptOfficer')
165    grok.title(u'Transcript Officer')
166    grok.permissions('waeup.viewAcademics',
167                     'waeup.viewTranscript',
[15163]168                     'waeup.processTranscript',
[10465]169                     'waeup.viewStudent',
170                     'waeup.viewStudentsContainer',
171                     )
172
[15163]173class TranscriptSignee(grok.Role):
174    """The Transcript Signee is allowed to view and to sign student
175    transcripts.
176    """
177    grok.name('waeup.TranscriptSignee')
178    grok.title(u'Transcript Signee')
179    grok.permissions('waeup.viewAcademics',
180                     'waeup.viewTranscript',
181                     'waeup.signTranscript',
182                     'waeup.viewStudent',
183                     )
184
[7154]185class StudentsClearanceOfficer(grok.Role):
[12847]186    """The global StudentsClearanceOfficer role enables users to view all
187    student data, to clear students and to reject clearance portal-wide.
188    Usually, this role is not assigned manually.
189    We are using the correspondent local role instead which assigns the
190    StudentsClearanceOfficer role dynamically.
191    """
[7154]192    grok.name('waeup.StudentsClearanceOfficer')
193    grok.title(u'Clearance Officer (all students)')
[12843]194    grok.permissions('waeup.clearStudent',
195                     'waeup.viewStudent')
[7334]196
197class StudentsCourseAdviser(grok.Role):
[12847]198    """The global StudentsCourseAdviser role enables users to view all
199    student data, to edit, validate or reject course lists  portal-wide.
200    Usually, this role is not assigned manually.
201    We are using the correspondent local role instead which assigns the
202    StudentsCourseAdviser role dynamically.
203    """
[7334]204    grok.name('waeup.StudentsCourseAdviser')
205    grok.title(u'Course Adviser (all students)')
[12843]206    grok.permissions('waeup.validateStudent',
207                     'waeup.viewStudent',
[9924]208                     'waeup.editStudyLevel')
[9335]209
210class StudentImpersonator(grok.Role):
[12847]211    """The Student Impersonator gains the LoginAsStudent permission,
212    nothing else, see description above.
213    """
[9335]214    grok.name('waeup.StudentImpersonator')
215    grok.title(u'Student Impersonator')
216    grok.permissions('waeup.loginAsStudent')
Note: See TracBrowser for help on using the repository browser.