source: main/waeup.sirp/trunk/src/waeup/sirp/permissions.py @ 5952

Last change on this file since 5952 was 5937, checked in by uli, 14 years ago

Handle applicant permissions for applicant forms, including first test.

  • Property svn:eol-style set to native
File size: 2.5 KB
RevLine 
[3521]1import grok
[4789]2from zc.sourcefactory.basic import BasicSourceFactory
[3521]3
[4789]4class Public(grok.Permission):
5    """Everyone-can-do-this-permission.
6
7    This permission is meant to be applied to objects/views/pages
8    etc., that should be usable/readable by everyone.
9
10    We need this to be able to tune default permissions more
11    restrictive and open up some dedicated objects like the front
12    page.
13    """
14    grok.name('waeup.Public')
[5433]15   
16class Anonymous(grok.Permission):
17    """Only-anonymous-can-do-this-permission.
18    """
19    grok.name('waeup.Anonymous')   
[4789]20
21class ViewPermission(grok.Permission):
22    grok.name('waeup.View')
23
24class ManageUniversity(grok.Permission):
25    grok.name('waeup.manageUniversity')
26
27class ManageUsers(grok.Permission):
28    grok.name('waeup.manageUsers')
29   
[3521]30class FacultyRead(grok.Permission):
31    grok.name('waeup.facultyread')
[5937]32
33# Application permissions
34class ViewApplication(grok.Permission):
35    grok.name('waeup.viewApplication')
36
37class ViewFullApplication(grok.Permission):
38    grok.name('waeup.viewFullApplication')
39
40class EditApplication(grok.Permission):
41    grok.name('waeup.editApplication')
42
43class EditFullApplication(grok.Permission):
44    grok.name('waeup.editFullApplication')
45
46# Roles
[4789]47class PortalUser(grok.Role):
48    grok.name('waeup.PortalUser')
49    grok.permissions('waeup.facultyread', 'waeup.View', 'waeup.Public')
[3521]50
[4789]51class PortalManager(grok.Role):
52    grok.name('waeup.PortalManager')
53    grok.permissions('waeup.manageUniversity', 'waeup.manageUsers',
[5410]54                     'waeup.View', 'waeup.Public','waeup.manageACBatches')
[4789]55
[5937]56class ApplicationOwner(grok.Role):
57    grok.name('waeup.ApplicationOwner')
58    grok.permissions('waeup.viewApplication', 'waeup.editApplication')
59   
[4789]60def getRoles():
61    app = grok.getSite()
62    app = None
63    manager = None
64    if app is not None:
65        from zope.securitypolicy.interfaces import IRolePermissionManager
66        manager = IRolePermissionManager(app, None)
67    else:
68        from zope.securitypolicy.rolepermission import (
69            rolePermissionManager as manager)
70    role_permission_map =  manager.getRolesAndPermissions()
71    result = dict()
72    for item in role_permission_map:
73        if not item[1].startswith('waeup.'):
74            # Ignore non-WAeUP roles...
75            continue
76        result[item[1]] = True
77    return sorted(result.keys())
78
79class RoleSource(BasicSourceFactory):
80    def getValues(self):
81        return getRoles()
82    def getTitle(self, value):
83        if isinstance(value, basestring):
84            return value.split('.', 2)[1]
Note: See TracBrowser for help on using the repository browser.