1 | import grok |
---|
2 | from zc.sourcefactory.basic import BasicSourceFactory |
---|
3 | |
---|
4 | class Public(grok.Permission): |
---|
5 | """Everyone-can-do-this-permission. |
---|
6 | |
---|
7 | This permission is meant to be applied to objects/views/pages |
---|
8 | etc., that should be usable/readable by everyone. |
---|
9 | |
---|
10 | We need this to be able to tune default permissions more |
---|
11 | restrictive and open up some dedicated objects like the front |
---|
12 | page. |
---|
13 | """ |
---|
14 | grok.name('waeup.Public') |
---|
15 | |
---|
16 | class Anonymous(grok.Permission): |
---|
17 | """Only-anonymous-can-do-this-permission. |
---|
18 | """ |
---|
19 | grok.name('waeup.Anonymous') |
---|
20 | |
---|
21 | class ViewPermission(grok.Permission): |
---|
22 | grok.name('waeup.View') |
---|
23 | |
---|
24 | class ManageUniversity(grok.Permission): |
---|
25 | grok.name('waeup.manageUniversity') |
---|
26 | |
---|
27 | class ManageUsers(grok.Permission): |
---|
28 | grok.name('waeup.manageUsers') |
---|
29 | |
---|
30 | class FacultyRead(grok.Permission): |
---|
31 | grok.name('waeup.facultyread') |
---|
32 | |
---|
33 | # Roles |
---|
34 | class PortalUser(grok.Role): |
---|
35 | grok.name('waeup.PortalUser') |
---|
36 | grok.permissions('waeup.facultyread', 'waeup.View', 'waeup.Public') |
---|
37 | |
---|
38 | class PortalManager(grok.Role): |
---|
39 | grok.name('waeup.PortalManager') |
---|
40 | grok.permissions('waeup.manageUniversity', 'waeup.manageUsers', |
---|
41 | 'waeup.View', 'waeup.Public','waeup.manageACBatches') |
---|
42 | |
---|
43 | def getRoles(): |
---|
44 | app = grok.getSite() |
---|
45 | app = None |
---|
46 | manager = None |
---|
47 | if app is not None: |
---|
48 | from zope.securitypolicy.interfaces import IRolePermissionManager |
---|
49 | manager = IRolePermissionManager(app, None) |
---|
50 | else: |
---|
51 | from zope.securitypolicy.rolepermission import ( |
---|
52 | rolePermissionManager as manager) |
---|
53 | role_permission_map = manager.getRolesAndPermissions() |
---|
54 | result = dict() |
---|
55 | for item in role_permission_map: |
---|
56 | if not item[1].startswith('waeup.'): |
---|
57 | # Ignore non-WAeUP roles... |
---|
58 | continue |
---|
59 | result[item[1]] = True |
---|
60 | return sorted(result.keys()) |
---|
61 | |
---|
62 | class RoleSource(BasicSourceFactory): |
---|
63 | def getValues(self): |
---|
64 | return getRoles() |
---|
65 | def getTitle(self, value): |
---|
66 | if isinstance(value, basestring): |
---|
67 | return value.split('.', 2)[1] |
---|