[4127] | 1 | WAeUP permissions and roles |
---|
| 2 | *************************** |
---|
| 3 | |
---|
| 4 | Permissions and roles used in a WAeUP portal. |
---|
| 5 | |
---|
[5140] | 6 | .. :doctest: |
---|
| 7 | .. :layer: waeup.sirp.testing.WAeUPSIRPUnitTestLayer |
---|
[4127] | 8 | |
---|
[6157] | 9 | Convenience functions |
---|
| 10 | ===================== |
---|
[4127] | 11 | |
---|
[6157] | 12 | :mod:`waeup.sirp` offers some convenience functions to handle security |
---|
| 13 | roles. |
---|
| 14 | |
---|
| 15 | :func:`getRoles` |
---|
| 16 | ---------------- |
---|
| 17 | |
---|
| 18 | Gives us all roles defined in a WAeUP SIRP portal. We get tuples of |
---|
| 19 | kind |
---|
| 20 | |
---|
| 21 | ``(<ROLE-NAME>, <ROLE>)`` |
---|
| 22 | |
---|
| 23 | where ``<ROLE-NAME>`` is the name under which a role was registered |
---|
| 24 | with the ZCA (a string) and ``<ROLE>`` is the real role object. |
---|
| 25 | |
---|
[4920] | 26 | >>> from waeup.sirp.permissions import getRoles |
---|
[4127] | 27 | >>> getRoles() |
---|
[6333] | 28 | <generator object...at 0x...> |
---|
[4127] | 29 | |
---|
[6157] | 30 | >>> sorted(list(getRoles())) |
---|
[6198] | 31 | [(u'waeup.ApplicationsOfficer', <waeup.sirp.applicants.permissions.ApplicationsOfficer object at 0x...>), ...] |
---|
[6157] | 32 | |
---|
| 33 | :func:`getWAeUPRoles` |
---|
| 34 | --------------------- |
---|
| 35 | |
---|
| 36 | Gives us all roles, except the WAeUP specific roles. We can get a list |
---|
| 37 | with or without local roles: |
---|
| 38 | |
---|
| 39 | >>> from waeup.sirp.permissions import getWAeUPRoles |
---|
| 40 | >>> len(list(getWAeUPRoles())) |
---|
[6198] | 41 | 3 |
---|
[6157] | 42 | |
---|
| 43 | >>> len(list(getWAeUPRoles(also_local=True))) |
---|
[6185] | 44 | 5 |
---|
[6157] | 45 | |
---|
| 46 | |
---|
| 47 | :func:`getRoleNames` |
---|
| 48 | -------------------- |
---|
| 49 | |
---|
| 50 | We can get all role names defined in a WAeUP portal (except 'local' |
---|
| 51 | roles that are meant not to be assigned globally): |
---|
| 52 | |
---|
| 53 | >>> from waeup.sirp.permissions import getWAeUPRoleNames |
---|
| 54 | >>> list(getWAeUPRoleNames()) |
---|
[6198] | 55 | [u'waeup.ApplicationsOfficer', u'waeup.PortalManager', u'waeup.PortalUser'] |
---|
[6202] | 56 | |
---|
| 57 | :func:`get_users_with_local_roles` |
---|
| 58 | ---------------------------------- |
---|
| 59 | |
---|
| 60 | We can get all users and their roles for a certain context |
---|
| 61 | object. This even works for objects that cannot have local roles as |
---|
| 62 | they are not stored in the ZODB: |
---|
| 63 | |
---|
| 64 | >>> from waeup.sirp.permissions import get_users_with_local_roles |
---|
| 65 | >>> mycontext = object() |
---|
| 66 | >>> people_and_roles = get_users_with_local_roles(mycontext) |
---|
| 67 | >>> people_and_roles |
---|
[6333] | 68 | <generator object...at 0x...> |
---|
[6202] | 69 | |
---|
| 70 | In this case, the result is empty: |
---|
| 71 | |
---|
| 72 | >>> people_and_roles = list(people_and_roles) |
---|
| 73 | >>> people_and_roles |
---|
| 74 | [] |
---|