1 | WAeUP permissions and roles |
---|
2 | *************************** |
---|
3 | |
---|
4 | Permissions and roles used in a WAeUP portal. |
---|
5 | |
---|
6 | .. :doctest: |
---|
7 | .. :layer: waeup.sirp.testing.WAeUPSIRPUnitTestLayer |
---|
8 | |
---|
9 | Convenience functions |
---|
10 | ===================== |
---|
11 | |
---|
12 | :mod:`waeup.sirp` offers some convenience functions to handle security |
---|
13 | roles. |
---|
14 | |
---|
15 | :func:`getRoles` |
---|
16 | ---------------- |
---|
17 | |
---|
18 | Gives us all roles defined in a WAeUP SIRP portal. We get tuples of |
---|
19 | kind |
---|
20 | |
---|
21 | ``(<ROLE-NAME>, <ROLE>)`` |
---|
22 | |
---|
23 | where ``<ROLE-NAME>`` is the name under which a role was registered |
---|
24 | with the ZCA (a string) and ``<ROLE>`` is the real role object. |
---|
25 | |
---|
26 | >>> from waeup.sirp.permissions import getRoles |
---|
27 | >>> getRoles() |
---|
28 | <generator object getUtilitiesFor at 0x...> |
---|
29 | |
---|
30 | >>> sorted(list(getRoles())) |
---|
31 | [(u'waeup.ApplicationsOfficer', <waeup.sirp.applicants.permissions.ApplicationsOfficer object at 0x...>), ...] |
---|
32 | |
---|
33 | :func:`getWAeUPRoles` |
---|
34 | --------------------- |
---|
35 | |
---|
36 | Gives us all roles, except the WAeUP specific roles. We can get a list |
---|
37 | with or without local roles: |
---|
38 | |
---|
39 | >>> from waeup.sirp.permissions import getWAeUPRoles |
---|
40 | >>> len(list(getWAeUPRoles())) |
---|
41 | 3 |
---|
42 | |
---|
43 | >>> len(list(getWAeUPRoles(also_local=True))) |
---|
44 | 5 |
---|
45 | |
---|
46 | |
---|
47 | :func:`getRoleNames` |
---|
48 | -------------------- |
---|
49 | |
---|
50 | We can get all role names defined in a WAeUP portal (except 'local' |
---|
51 | roles that are meant not to be assigned globally): |
---|
52 | |
---|
53 | >>> from waeup.sirp.permissions import getWAeUPRoleNames |
---|
54 | >>> list(getWAeUPRoleNames()) |
---|
55 | [u'waeup.ApplicationsOfficer', u'waeup.PortalManager', u'waeup.PortalUser'] |
---|
56 | |
---|
57 | :func:`get_users_with_local_roles` |
---|
58 | ---------------------------------- |
---|
59 | |
---|
60 | We can get all users and their roles for a certain context |
---|
61 | object. This even works for objects that cannot have local roles as |
---|
62 | they are not stored in the ZODB: |
---|
63 | |
---|
64 | >>> from waeup.sirp.permissions import get_users_with_local_roles |
---|
65 | >>> mycontext = object() |
---|
66 | >>> people_and_roles = get_users_with_local_roles(mycontext) |
---|
67 | >>> people_and_roles |
---|
68 | <generator object get_users_with_local_roles at 0x...> |
---|
69 | |
---|
70 | In this case, the result is empty: |
---|
71 | |
---|
72 | >>> people_and_roles = list(people_and_roles) |
---|
73 | >>> people_and_roles |
---|
74 | [] |
---|