## $Id: dynamicroles.py 7220 2011-11-26 22:19:41Z henrik $ ## ## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann ## This program is free software; you can redistribute it and/or modify ## it under the terms of the GNU General Public License as published by ## the Free Software Foundation; either version 2 of the License, or ## (at your option) any later version. ## ## This program is distributed in the hope that it will be useful, ## but WITHOUT ANY WARRANTY; without even the implied warranty of ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ## GNU General Public License for more details. ## ## You should have received a copy of the GNU General Public License ## along with this program; if not, write to the Free Software ## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA ## """Security policy components for applicants. Applicants need special security policy treatment, as officers with local roles for departments and faculties might have additional permissions (local roles on depts/faculties) here. """ import grok from zope.securitypolicy.interfaces import ( IPrincipalRoleManager, IPrincipalPermissionManager,) from zope.securitypolicy.principalrole import AnnotationPrincipalRoleManager from zope.securitypolicy.principalpermission import ( AnnotationPrincipalPermissionManager,) from zope.securitypolicy.settings import Allow, Deny, Unset from waeup.sirp.applicants.interfaces import IApplicant from waeup.sirp.students.dynamicroles import StudentPrincipalRoleManager # All components in here have the same context: Applicant instances grok.context(IApplicant) class ApplicantPrincipalRoleManager(StudentPrincipalRoleManager): grok.provides(IPrincipalRoleManager) #: The attribute name to lookup for additional roles extra_attrib = 'course1' subcontainer = None # Role name mapping: # role name to look for in `extra_attrib` and parents # to # role to add in case this role was found rolename_mapping = { 'waeup.local.ClearanceOfficer':'waeup.ApplicationsOfficer', }