source: main/waeup.kofa/trunk/src/waeup/kofa/students/permissions.py @ 16671

Last change on this file since 16671 was 16170, checked in by Henrik Bettermann, 4 years ago

Add DownloadTranscript permission.

  • Property svn:keywords set to Id
File size: 8.2 KB
RevLine 
[7191]1## $Id: permissions.py 16170 2020-07-19 20:31:19Z henrik $
2##
[6655]3## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
[13076]19Permissions for the students section.
[6655]20"""
21import grok
22
[13076]23# Students section permissions
[6655]24
[6660]25class HandleStudent(grok.Permission):
[12847]26    """
27    The HandleStudent permission is reserved for students.
28    Students 'handle' their data. Officers 'manage' the data.
29    """
[6660]30    grok.name('waeup.handleStudent')
[6655]31
[6660]32class ViewStudent(grok.Permission):
[12847]33    """
34    The ViewStudent permission allows to view all student data.
35    """
[6660]36    grok.name('waeup.viewStudent')
37
[7240]38class ViewMyStudentDataTab(grok.Permission):
39    grok.name('waeup.viewMyStudentDataTab')
40
41class ViewStudentsContainer(grok.Permission):
[12847]42    """The ViewStudentsContainer permission allows to view the students root
43    container page.
44    """
[7240]45    grok.name('waeup.viewStudentsContainer')
46
[6930]47class PayStudent(grok.Permission):
[12847]48    """The PayStudent permission allows to add an online payment ticket and to
49    manage tickets.
50    """
[6930]51    grok.name('waeup.payStudent')
52
[7181]53class HandleAccommodation(grok.Permission):
[12847]54    """The HandleAccommodation allows to manage bed tickets.
55    """
[7181]56    grok.name('waeup.handleAccommodation')
57
[7127]58class UploadStudentFile(grok.Permission):
[12847]59    """The UploadStudentFile permissions allows to upload the passport picture.
60    The respective page additionally checks the state of the student.
61    """
[7127]62    grok.name('waeup.uploadStudentFile')
63
[7136]64class ManageStudent(grok.Permission):
[12847]65    """The ManageStudent permission allows to edit the data.
[13026]66    This permission is meant for students officers.
[12847]67    """
[7136]68    grok.name('waeup.manageStudent')
[6655]69
[7136]70class ClearStudent(grok.Permission):
[12847]71    """The ClearStudent permission is needed to clear students
[13026]72    or to reject clearance. This permission is meant for clearance officers.
[12847]73    """
[7136]74    grok.name('waeup.clearStudent')
75
[7334]76class ValidateStudent(grok.Permission):
[12847]77    """The ValidateStudent permission is needed to validate or reject
78    course lists. This permission is not needed if users
79    already have the TriggerTransition permission.
80    """
[7334]81    grok.name('waeup.validateStudent')
82
[9924]83class EditStudyLevel(grok.Permission):
[12847]84    """The EditStudyLevel permission is needed for editing course lists.
85    Students and course advisers do have this permission.
86    """
[9924]87    grok.name('waeup.editStudyLevel')
88
[9335]89class LoginAsStudent(grok.Permission):
[12847]90    """The LoginAsStudent is needed to set temporary student passwords
91    and login as (impersonate) students.
92    """
[9335]93    grok.name('waeup.loginAsStudent')
94
[15163]95class ViewTranscript(grok.Permission):
[16170]96    """The ViewTranscript role is needed to view transcript pages.
[15163]97    """
98    grok.name('waeup.viewTranscript')
99
[16170]100class DownloadTranscript(grok.Permission):
101    """The DownloadTranscript role is needed to download transcript slips.
102    """
103    grok.name('waeup.downloadTranscript')
104
[15163]105class ProcessTranscript(grok.Permission):
106    grok.name('waeup.processTranscript')
107    """The ProcessTranscript role is needed to validate and relase transcripts.
108    """
109
110class SignTranscript(grok.Permission):
111    grok.name('waeup.signTranscript')
[15173]112    """The SignTranscript role is needed to sign transcripts.
[15163]113    """
114
[6660]115# Local role
116class StudentRecordOwner(grok.Role):
[12847]117    """A student 'owns' her/his student object and subobjects and
118    gains permissions to handle all data, upload a passport picture,
119    add payment tickets, create and edit course lists and handle accommodation.
120    """
[6660]121    grok.name('waeup.local.StudentRecordOwner')
122    grok.title(u'Student Record Owner')
[12843]123    grok.permissions('waeup.handleStudent',
124                     'waeup.uploadStudentFile',
125                     'waeup.viewStudent',
126                     'waeup.payStudent',
127                     'waeup.handleAccommodation',
128                     'waeup.editStudyLevel')
[6660]129
[15606]130class Parents(grok.Role):
131    """Parents temporarily get access to view the records of their children.
132    """
133    grok.name('waeup.local.Parents')
134    grok.title(u'Parents')
135    grok.permissions('waeup.viewStudent')
136
[7178]137# Site Roles
[6678]138class StudentRole(grok.Role):
[12847]139    """This role is dedicated to students only.
140    It defines the permissions a student gains portal-wide.
141    """
[6678]142    grok.name('waeup.Student')
[9939]143    grok.title(u'Student (do not assign)')
[12843]144    grok.permissions('waeup.viewAcademics',
145                     'waeup.viewMyStudentDataTab',
[8367]146                     'waeup.Authenticated')
[6678]147
[6655]148class StudentsOfficer(grok.Role):
[12847]149    """The Students Officer is allowed to view all student data.
150    """
[6655]151    grok.name('waeup.StudentsOfficer')
[7154]152    grok.title(u'Students Officer (view only)')
[12843]153    grok.permissions('waeup.viewStudent',
154                     'waeup.viewStudentsContainer')
[7154]155
156class StudentsManager(grok.Role):
[13762]157    """The Students Manager is allowed to edit all student data, to
[12847]158    create payment tickets, to handle bed tickets and to upload passport
159    pictures.
160    """
[7154]161    grok.name('waeup.StudentsManager')
162    grok.title(u'Students Manager')
[12843]163    grok.permissions('waeup.viewStudent',
164                     'waeup.manageStudent',
165                     'waeup.viewStudentsContainer',
166                     'waeup.payStudent',
167                     'waeup.uploadStudentFile',
168                     'waeup.handleAccommodation')
[7154]169
[10465]170class TranscriptOfficer(grok.Role):
[15163]171    """The Transcript Officer is allowed to view, to validate and to
172    release student transcripts. The officer is not allowed to
[15333]173    manage student data but to edit the transcript remark on a separate
174    manage page.
[15163]175    """
[10465]176    grok.name('waeup.TranscriptOfficer')
177    grok.title(u'Transcript Officer')
178    grok.permissions('waeup.viewAcademics',
179                     'waeup.viewTranscript',
[16170]180                     'waeup.downloadTranscript',
[15163]181                     'waeup.processTranscript',
[10465]182                     'waeup.viewStudent',
183                     'waeup.viewStudentsContainer',
184                     )
185
[15163]186class TranscriptSignee(grok.Role):
187    """The Transcript Signee is allowed to view and to sign student
188    transcripts.
189    """
190    grok.name('waeup.TranscriptSignee')
191    grok.title(u'Transcript Signee')
192    grok.permissions('waeup.viewAcademics',
193                     'waeup.viewTranscript',
194                     'waeup.signTranscript',
195                     'waeup.viewStudent',
196                     )
197
[7154]198class StudentsClearanceOfficer(grok.Role):
[12847]199    """The global StudentsClearanceOfficer role enables users to view all
200    student data, to clear students and to reject clearance portal-wide.
201    Usually, this role is not assigned manually.
202    We are using the correspondent local role instead which assigns the
203    StudentsClearanceOfficer role dynamically.
204    """
[7154]205    grok.name('waeup.StudentsClearanceOfficer')
206    grok.title(u'Clearance Officer (all students)')
[12843]207    grok.permissions('waeup.clearStudent',
208                     'waeup.viewStudent')
[7334]209
210class StudentsCourseAdviser(grok.Role):
[12847]211    """The global StudentsCourseAdviser role enables users to view all
212    student data, to edit, validate or reject course lists  portal-wide.
213    Usually, this role is not assigned manually.
214    We are using the correspondent local role instead which assigns the
215    StudentsCourseAdviser role dynamically.
216    """
[7334]217    grok.name('waeup.StudentsCourseAdviser')
218    grok.title(u'Course Adviser (all students)')
[12843]219    grok.permissions('waeup.validateStudent',
220                     'waeup.viewStudent',
[9924]221                     'waeup.editStudyLevel')
[9335]222
223class StudentImpersonator(grok.Role):
[12847]224    """The Student Impersonator gains the LoginAsStudent permission,
225    nothing else, see description above.
226    """
[9335]227    grok.name('waeup.StudentImpersonator')
228    grok.title(u'Student Impersonator')
229    grok.permissions('waeup.loginAsStudent')
Note: See TracBrowser for help on using the repository browser.