source: main/waeup.sirp/trunk/src/waeup/sirp/permissions.py @ 6098

Last change on this file since 6098 was 6045, checked in by uli, 14 years ago

do not display local roles in general views.

  • Property svn:eol-style set to native
File size: 2.1 KB
RevLine 
[3521]1import grok
[4789]2from zc.sourcefactory.basic import BasicSourceFactory
[3521]3
[4789]4class Public(grok.Permission):
5    """Everyone-can-do-this-permission.
6
7    This permission is meant to be applied to objects/views/pages
8    etc., that should be usable/readable by everyone.
9
10    We need this to be able to tune default permissions more
11    restrictive and open up some dedicated objects like the front
12    page.
13    """
14    grok.name('waeup.Public')
[5433]15   
16class Anonymous(grok.Permission):
17    """Only-anonymous-can-do-this-permission.
18    """
19    grok.name('waeup.Anonymous')   
[4789]20
21class ViewPermission(grok.Permission):
22    grok.name('waeup.View')
23
24class ManageUniversity(grok.Permission):
25    grok.name('waeup.manageUniversity')
26
27class ManageUsers(grok.Permission):
28    grok.name('waeup.manageUsers')
29   
[3521]30class FacultyRead(grok.Permission):
31    grok.name('waeup.facultyread')
[5937]32
33# Roles
[4789]34class PortalUser(grok.Role):
35    grok.name('waeup.PortalUser')
36    grok.permissions('waeup.facultyread', 'waeup.View', 'waeup.Public')
[3521]37
[4789]38class PortalManager(grok.Role):
39    grok.name('waeup.PortalManager')
40    grok.permissions('waeup.manageUniversity', 'waeup.manageUsers',
[5410]41                     'waeup.View', 'waeup.Public','waeup.manageACBatches')
[4789]42
43def getRoles():
44    app = grok.getSite()
45    app = None
46    manager = None
47    if app is not None:
48        from zope.securitypolicy.interfaces import IRolePermissionManager
49        manager = IRolePermissionManager(app, None)
50    else:
51        from zope.securitypolicy.rolepermission import (
52            rolePermissionManager as manager)
53    role_permission_map =  manager.getRolesAndPermissions()
54    result = dict()
55    for item in role_permission_map:
56        if not item[1].startswith('waeup.'):
57            # Ignore non-WAeUP roles...
58            continue
[6045]59        if item[1].startswith('waeup.local.'):
60            continue
[4789]61        result[item[1]] = True
62    return sorted(result.keys())
63
64class RoleSource(BasicSourceFactory):
65    def getValues(self):
66        return getRoles()
67    def getTitle(self, value):
68        if isinstance(value, basestring):
69            return value.split('.', 2)[1]
Note: See TracBrowser for help on using the repository browser.