source: main/waeup.sirp/trunk/src/waeup/sirp/permissions.py @ 6127

Last change on this file since 6127 was 6127, checked in by Henrik Bettermann, 13 years ago

Fix permission requirements for viewlets in LeftSidebar?.

  • Property svn:eol-style set to native
File size: 2.4 KB
Line 
1import grok
2from zc.sourcefactory.basic import BasicSourceFactory
3
4class Public(grok.Permission):
5    """Everyone-can-do-this-permission.
6
7    This permission is meant to be applied to objects/views/pages
8    etc., that should be usable/readable by everyone.
9
10    We need this to be able to tune default permissions more
11    restrictive and open up some dedicated objects like the front
12    page.
13    """
14    grok.name('waeup.Public')
15   
16class Anonymous(grok.Permission):
17    """Only-anonymous-can-do-this-permission.
18    """
19    grok.name('waeup.Anonymous')   
20
21class ViewPermission(grok.Permission):
22    grok.name('waeup.View')
23
24class ManageUniversity(grok.Permission):
25    grok.name('waeup.manageUniversity')
26
27class ManageUsers(grok.Permission):
28    grok.name('waeup.manageUsers')
29   
30class ManageDataCenter(grok.Permission):
31    grok.name('waeup.manageDataCenter')
32   
33class ManagePortalSettings(grok.Permission):
34    grok.name('waeup.managePortalSettings')
35
36# Local Roles
37class DepartmentOfficer(grok.Role):
38    grok.name('waeup.local.DepartmentOfficer')
39    grok.permissions('waeup.manageUniversity','waeup.View', 'waeup.Public')
40   
41# Global Roles
42class PortalUser(grok.Role):
43    grok.name('waeup.PortalUser')
44    grok.permissions('waeup.View', 'waeup.Public')
45
46class PortalManager(grok.Role):
47    grok.name('waeup.PortalManager')
48    grok.permissions('waeup.manageUniversity', 'waeup.manageUsers',
49                     'waeup.View', 'waeup.Public','waeup.manageACBatches',
50                     'waeup.manageDataCenter','waeup.managePortalSettings')
51
52def getRoles():
53    app = grok.getSite()
54    app = None
55    manager = None
56    if app is not None:
57        from zope.securitypolicy.interfaces import IRolePermissionManager
58        manager = IRolePermissionManager(app, None)
59    else:
60        from zope.securitypolicy.rolepermission import (
61            rolePermissionManager as manager)
62    role_permission_map =  manager.getRolesAndPermissions()
63    result = dict()
64    for item in role_permission_map:
65        if not item[1].startswith('waeup.'):
66            # Ignore non-WAeUP roles...
67            continue
68        if item[1].startswith('waeup.local.'):
69            continue
70        result[item[1]] = True
71    return sorted(result.keys())
72
73class RoleSource(BasicSourceFactory):
74    def getValues(self):
75        return getRoles()
76    def getTitle(self, value):
77        if isinstance(value, basestring):
78            return value.split('.', 2)[1]
Note: See TracBrowser for help on using the repository browser.