source: main/waeup.sirp/branches/ulif-paster/src/waeup/sirp/permissions.py @ 7480

Last change on this file since 7480 was 5433, checked in by Henrik Bettermann, 14 years ago

Merge changes from henrik-contactforms back into trunk.

  • Property svn:eol-style set to native
File size: 2.0 KB
Line 
1import grok
2from zc.sourcefactory.basic import BasicSourceFactory
3
4class Public(grok.Permission):
5    """Everyone-can-do-this-permission.
6
7    This permission is meant to be applied to objects/views/pages
8    etc., that should be usable/readable by everyone.
9
10    We need this to be able to tune default permissions more
11    restrictive and open up some dedicated objects like the front
12    page.
13    """
14    grok.name('waeup.Public')
15   
16class Anonymous(grok.Permission):
17    """Only-anonymous-can-do-this-permission.
18    """
19    grok.name('waeup.Anonymous')   
20
21class ViewPermission(grok.Permission):
22    grok.name('waeup.View')
23
24class ManageUniversity(grok.Permission):
25    grok.name('waeup.manageUniversity')
26
27class ManageUsers(grok.Permission):
28    grok.name('waeup.manageUsers')
29   
30class FacultyRead(grok.Permission):
31    grok.name('waeup.facultyread')
32   
33class PortalUser(grok.Role):
34    grok.name('waeup.PortalUser')
35    grok.permissions('waeup.facultyread', 'waeup.View', 'waeup.Public')
36
37class PortalManager(grok.Role):
38    grok.name('waeup.PortalManager')
39    grok.permissions('waeup.manageUniversity', 'waeup.manageUsers',
40                     'waeup.View', 'waeup.Public','waeup.manageACBatches')
41
42def getRoles():
43    app = grok.getSite()
44    app = None
45    manager = None
46    if app is not None:
47        from zope.securitypolicy.interfaces import IRolePermissionManager
48        manager = IRolePermissionManager(app, None)
49    else:
50        from zope.securitypolicy.rolepermission import (
51            rolePermissionManager as manager)
52    role_permission_map =  manager.getRolesAndPermissions()
53    result = dict()
54    for item in role_permission_map:
55        if not item[1].startswith('waeup.'):
56            # Ignore non-WAeUP roles...
57            continue
58        result[item[1]] = True
59    return sorted(result.keys())
60
61class RoleSource(BasicSourceFactory):
62    def getValues(self):
63        return getRoles()
64    def getTitle(self, value):
65        if isinstance(value, basestring):
66            return value.split('.', 2)[1]
Note: See TracBrowser for help on using the repository browser.