Ignore:
Timestamp:
1 Apr 2015, 10:51:35 (10 years ago)
Author:
Henrik Bettermann
Message:

Documentation work in progress.

Remove redundant waeup.viewStudentsTab permission.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/trunk/src/waeup/kofa/permissions.py

    r12835 r12843  
    2929
    3030class Anonymous(grok.Permission):
    31     """The waeup.Anonymous permission is applied to
     31    """The Anonymous permission is applied to
    3232    views/pages which are dedicated to anonymous users only. Logged-in users
    3333    can't access these views.
     
    3636
    3737class Authenticated(grok.Permission):
    38     """The waeup.Authenticated permission is applied to pages
     38    """The Authenticated permission is applied to pages
    3939    which can only be used by logged-in users and not by anonymous users.
    4040    """
     
    4242
    4343class ViewAcademics(grok.Permission):
    44     """The waeup.viewAcademics permission is applied to all
     44    """The ViewAcademics permission is applied to all
    4545    views of the Academic Section. Users with this permission can view but
    4646    not edit content in the Academic Section.
     
    4949
    5050class ManageAcademics(grok.Permission):
    51     """The waeup.manageAcademics permission is applied to all edit
     51    """The ManageAcademics permission is applied to all edit
    5252    pages in the Academic Section. Users who have this permission
    5353    can change/edit context objects.
     
    5656
    5757class ManagePortal(grok.Permission):
    58     """The waeup.managePortal permission is used for very few pages
     58    """The ManagePortal permission is used for very few pages
    5959    (e.g. the DatacenterSettings page) and is dedicated to portal managers.
    6060    It is furthermore used to control delete methods of container
    61     pages in the Academic Section. The waeup.manageAcademics permission,
     61    pages in the Academic Section. The ManageAcademics permission,
    6262    described above, does enable users to edit content but not to
    6363    remove sub-containers, like faculties, departments or certificates.
    64     Users must have the waeup.managePorta permission too to remove
     64    Users must have the ManagePortal permission too to remove
    6565    entire containers.
    6666    """
     
    6868
    6969class ManageUsers(grok.Permission):
    70     """The waeup.manageUsers permission is a real superuser permission
     70    """The ManageUsers permission is a real superuser permission
    7171    and therefore very 'dangerous'. It allows to add, remove or edit
    7272    user accounts. Editing a user account includes the option to assign
     
    7878
    7979class ShowStudents(grok.Permission):
    80     """Users with this permission can see the 'Students' tab and
    81     search and browse all students. If they also have the waeup.exportData
    82     permission they can export all student data too.
    83 
    84     Bursary or Department Officers don't have the general waeup.exportData
     80    """Users with this permission do not neccessarily see the 'Students' tab
     81    but they can search for students at department, certificate or course
     82    level. If they additionally have the ExportData permission they can
     83    export the data as csv files.
     84
     85    Bursary or Department Officers don't have the general ExportData
    8586    permission (see Roles section) and are only allowed to export bursary
    8687    or payments overview data respectively.
     
    8990
    9091class ClearAllStudents(grok.Permission):
    91     """The waeup.clearAllStudents permission allows to clear all students
     92    """The ClearAllStudents permission allows to clear all students
    9293    in a department.
    9394    """
     
    9596
    9697class EditScores(grok.Permission):
    97     """The waeup.editScores permission allows to edit scores in course tickets.
     98    """The EditScores permission allows to edit scores in course tickets.
    9899    """
    99100    grok.name('waeup.editScores')
    100101
     102class TriggerTransition(grok.Permission):
     103    """The TriggerTransition permission allows to trigger workflow transitions
     104    of student and document objects.
     105    """
     106    grok.name('waeup.triggerTransition')
     107
    101108class EditUser(grok.Permission):
    102     """The waeup.editUser permission is required for editing
     109    """The EditUser permission is required for editing
    103110    single user accounts.
    104111    """
     
    106113
    107114class ManageDataCenter(grok.Permission):
    108     """The waeup.manageDataCenter permission allows to access all pages
     115    """The ManageDataCenter permission allows to access all pages
    109116    in the data center. It does not automatically allow to process data.
    110117    """
     
    112119
    113120class ImportData(grok.Permission):
    114     """The waeup.importData permission allows to import any kind of portal
    115     data.
     121    """The ImportData permission allows to batch process (import) any kind of
     122    portal data except for user data. This processor requires the ManageUsers
     123    permission too.
    116124    """
    117125    grok.name('waeup.importData')
    118126
    119127class ExportData(grok.Permission):
    120     """The waeup.exportData permission allows to export any kind of portal
     128    """The ExportData permission allows to export any kind of portal
    121129    data.
    122130    """
     
    133141
    134142class ManagePortalConfiguration(grok.Permission):
    135     """The waeup.managePortalConfiguration permission allows to
     143    """The ManagePortalConfiguration permission allows to
    136144    edit global and sessional portal configuration data.
    137145    """
     
    139147
    140148class ManageACBatches(grok.Permission):
    141     """The waeup.manageACBatches permission allows to view and
     149    """The ManageACBatches permission allows to view and
    142150    manage accesscodes.
    143151    """
     
    157165# Local Roles
    158166class ApplicationsManager(grok.Role):
     167    """
     168    """
    159169    grok.name('waeup.local.ApplicationsManager')
    160170    grok.title(u'Applications Manager')
     
    162172
    163173class DepartmentManager(grok.Role):
     174    """
     175    """
    164176    grok.name('waeup.local.DepartmentManager')
    165177    grok.title(u'Department Manager')
     
    169181
    170182class DepartmentOfficer(grok.Role):
     183    """
     184    """
    171185    grok.name('waeup.local.DepartmentOfficer')
    172186    grok.title(u'Department Officer')
     
    326340# Site Roles
    327341class AcademicsOfficer(grok.Role):
     342    """An Academics Officer can  can view but not edit data in the
     343    Academics Section.
     344
     345    This is the default role which is automatically assigned to all
     346    officers of the portal. A user with this role can access all display pages
     347    at faculty, department, course, certificate and certificate course level.
     348    """
    328349    grok.name('waeup.AcademicsOfficer')
    329350    grok.title(u'Academics Officer (view only)')
     
    331352
    332353class AcademicsManager(grok.Role):
     354    """An Academics Manager can view and edit all data in the
     355    Academics section. A user with this role can access all manage pages
     356    at faculty, department, course, certificate and certificate course level.
     357    """
    333358    grok.name('waeup.AcademicsManager')
    334359    grok.title(u'Academics Manager')
     
    338363
    339364class ACManager(grok.Role):
     365    """This is the role for Access Code Managers.
     366    An ACManager can view and manage the Accesscodes Section.
     367    """
    340368    grok.name('waeup.ACManager')
    341369    grok.title(u'Access Code Manager')
     
    343371
    344372class DataCenterManager(grok.Role):
     373    """This single-permission role is dedicated to those users
     374    who are charged with batch processing of portal data.
     375    A DataCenterManager manager can access all pages in the Data Center
     376    (see ManageDataCenter permission above).
     377    """
    345378    grok.name('waeup.DataCenterManager')
    346379    grok.title(u'Datacenter Manager')
     
    348381
    349382class ImportManager(grok.Role):
     383    """An ImportManager is a DataCenterManager who is also allowed
     384    to batch process (import) data. All batch processors (importers) are
     385    available except for the User Processor. This processor requires the
     386    UsersManager role too. The ImportManager role includes the
     387    DataCenterManager role.
     388    """
    350389    grok.name('waeup.ImportManager')
    351390    grok.title(u'Import Manager')
     
    354393
    355394class ExportManager(grok.Role):
     395    """An ExportManager is a DataCenterManager who is also allowed
     396    to export all kind of portal data. The ExportManager role includes the
     397    DataCenterManager role.
     398    """
    356399    grok.name('waeup.ExportManager')
    357400    grok.title(u'Export Manager')
     
    360403
    361404class BursaryOfficer(grok.Role):
     405    """BursaryOfficers can export bursary data. They can't access the
     406    Data Center but see export buttons in the Academic Section.
     407    """
    362408    grok.name('waeup.BursaryOfficer')
    363409    grok.title(u'Bursary Officer')
     
    367413
    368414class UsersManager(grok.Role):
     415    """See ManageUsers permission.
     416    """
    369417    grok.name('waeup.UsersManager')
    370418    grok.title(u'Users Manager')
     
    373421
    374422class WorkflowManager(grok.Role):
     423    """See TriggerTransition permission.
     424    """
    375425    grok.name('waeup.WorkflowManager')
    376426    grok.title(u'Workflow Manager')
     
    406456                     'waeup.editScores',
    407457                     'waeup.triggerTransition',
    408                      'waeup.viewStudentsContainer','waeup.viewStudentsTab',
     458                     'waeup.viewStudentsContainer',
    409459                     'waeup.handleAccommodation',
    410460                     'waeup.viewHostels', 'waeup.manageHostels',
     
    416466
    417467class CCOfficer(grok.Role):
    418     """The Computer Center Officer role is basically a copy
     468    """The role of the Computer Center Officer is basically a copy
    419469    of the the PortalManager role. Some 'dangerous' permissions are excluded
    420470    by commenting them out (see source code). If officers need to gain more
    421471    access rights than defined in this role, do not hastily switch to the
    422     PortalManager role but add further manager roles instead. These additional
     472    PortalManager role but add further manager roles instead. Additional
    423473    roles could be: UsersManager, ACManager, ImportManager, WorkflowManager
    424474    or StudentImpersonator.
     475
     476    CCOfficer is a base class which means that this role is meant
     477    for customization. It is not used in the `waeup.kofa` base package.
    425478    """
    426479    grok.baseclass()
     
    446499                     'waeup.editScores',
    447500                     #'waeup.triggerTransition',
    448                      'waeup.viewStudentsContainer','waeup.viewStudentsTab',
     501                     'waeup.viewStudentsContainer',
    449502                     'waeup.handleAccommodation',
    450503                     'waeup.viewHostels', 'waeup.manageHostels',
Note: See TracChangeset for help on using the changeset viewer.