source: main/waeup.sirp/trunk/src/waeup/sirp/permissions.py @ 6130

Last change on this file since 6130 was 6127, checked in by Henrik Bettermann, 14 years ago

Fix permission requirements for viewlets in LeftSidebar?.
  • Property svn:eol-style set to native
File size: 2.4 KB
RevLine 
[3521]1import grok
[4789]2from zc.sourcefactory.basic import BasicSourceFactory
[3521]3
[4789]4class Public(grok.Permission):
5    """Everyone-can-do-this-permission.
6
7    This permission is meant to be applied to objects/views/pages
8    etc., that should be usable/readable by everyone.
9
10    We need this to be able to tune default permissions more
11    restrictive and open up some dedicated objects like the front
12    page.
13    """
14    grok.name('waeup.Public')
[5433]15   
16class Anonymous(grok.Permission):
17    """Only-anonymous-can-do-this-permission.
18    """
19    grok.name('waeup.Anonymous')   
[4789]20
21class ViewPermission(grok.Permission):
22    grok.name('waeup.View')
23
24class ManageUniversity(grok.Permission):
25    grok.name('waeup.manageUniversity')
26
27class ManageUsers(grok.Permission):
28    grok.name('waeup.manageUsers')
[6127]29   
30class ManageDataCenter(grok.Permission):
31    grok.name('waeup.manageDataCenter')
32   
33class ManagePortalSettings(grok.Permission):
34    grok.name('waeup.managePortalSettings')
[6125]35
36# Local Roles
37class DepartmentOfficer(grok.Role):
[6127]38    grok.name('waeup.local.DepartmentOfficer')
39    grok.permissions('waeup.manageUniversity','waeup.View', 'waeup.Public')
[4789]40   
[6125]41# Global Roles
[4789]42class PortalUser(grok.Role):
43    grok.name('waeup.PortalUser')
[6125]44    grok.permissions('waeup.View', 'waeup.Public')
[3521]45
[4789]46class PortalManager(grok.Role):
47    grok.name('waeup.PortalManager')
48    grok.permissions('waeup.manageUniversity', 'waeup.manageUsers',
[6127]49                     'waeup.View', 'waeup.Public','waeup.manageACBatches',
50                     'waeup.manageDataCenter','waeup.managePortalSettings')
[4789]51
52def getRoles():
53    app = grok.getSite()
54    app = None
55    manager = None
56    if app is not None:
57        from zope.securitypolicy.interfaces import IRolePermissionManager
58        manager = IRolePermissionManager(app, None)
59    else:
60        from zope.securitypolicy.rolepermission import (
61            rolePermissionManager as manager)
62    role_permission_map =  manager.getRolesAndPermissions()
63    result = dict()
64    for item in role_permission_map:
65        if not item[1].startswith('waeup.'):
66            # Ignore non-WAeUP roles...
67            continue
[6045]68        if item[1].startswith('waeup.local.'):
69            continue
[4789]70        result[item[1]] = True
71    return sorted(result.keys())
72
73class RoleSource(BasicSourceFactory):
74    def getValues(self):
75        return getRoles()
76    def getTitle(self, value):
77        if isinstance(value, basestring):
78            return value.split('.', 2)[1]
Note: See TracBrowser for help on using the repository browser.