Changeset 14603 for main/waeup.kofa/trunk/src/waeup/kofa/permissions.py

Timestamp:

6 Mar 2017, 16:37:31 (8 years ago)

Author:

uli

Message:

flake8.

File:

• main/waeup.kofa/trunk/src/waeup/kofa/permissions.py (modified) (57 diffs)

main/waeup.kofa/trunk/src/waeup/kofa/permissions.py

@@ -1 @@
-## $Id$
-##
-## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
-## This program is free software; you can redistribute it and/or modify
-## it under the terms of the GNU General Public License as published by
-## the Free Software Foundation; either version 2 of the License, or
-## (at your option) any later version.
-##
-## This program is distributed in the hope that it will be useful,
-## but WITHOUT ANY WARRANTY; without even the implied warranty of
-## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-## GNU General Public License for more details.
-##
-## You should have received a copy of the GNU General Public License
-## along with this program; if not, write to the Free Software
-## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
-##
+# $Id$
+#
+# Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
 import grok
 from zope.component import getUtilitiesFor
@@ -22 +22 @@
 from waeup.kofa.interfaces import ILocalRolesAssignable
 
+
 class Public(grok.Permission):
     """The Public or everyone-can-do-this-permission is being applied
@@ -27 +28 @@
     """
     grok.name('waeup.Public')
+
 
 class Anonymous(grok.Permission):
@@ -35 +37 @@
     grok.name('waeup.Anonymous')
 
+
 class Authenticated(grok.Permission):
     """The Authenticated permission is applied to pages
@@ -40 +43 @@
     """
     grok.name('waeup.Authenticated')
+
 
 class ViewAcademics(grok.Permission):
@@ -48 +52 @@
     grok.name('waeup.viewAcademics')
 
+
 class ManageAcademics(grok.Permission):
     """The ManageAcademics permission is applied to all edit/manage
@@ -55 +60 @@
     grok.name('waeup.manageAcademics')
 
+
 class ManagePortal(grok.Permission):
     """The ManagePortal permission is used for very few pages
-    (e.g. the DatacenterSettings page). Only PortalManagers have this 
+    (e.g. the DatacenterSettings page). Only PortalManagers have this
     permission. It is furthermore used to control delete methods of container
     pages in the Academic Section. The ManageAcademics permission,
@@ -67 +73 @@
     grok.name('waeup.managePortal')
 
+
 class ManageUsers(grok.Permission):
     """The ManageUsers permission is a real superuser permission
@@ -72 +79 @@
     user accounts. Editing a user account includes the option to assign
     or remove roles. That means that a user with this permission can lock out
-    other users by either removing their account or by removing 
+    other users by either removing their account or by removing
     permissions.
     """
     grok.name('waeup.manageUsers')
+
 
 class ShowStudents(grok.Permission):
@@ -89 +97 @@
     grok.name('waeup.showStudents')
 
+
 class ClearAllStudents(grok.Permission):
     """The ClearAllStudents permission allows to clear all students
@@ -95 +104 @@
     grok.name('waeup.clearAllStudents')
 
+
 class EditScores(grok.Permission):
     """The EditScores permission allows to edit scores in course tickets.
     """
     grok.name('waeup.editScores')
+
 
 class TriggerTransition(grok.Permission):
@@ -106 +117 @@
     grok.name('waeup.triggerTransition')
 
+
 class EditUser(grok.Permission):
     """The EditUser permission is required for editing
@@ -111 +123 @@
     """
     grok.name('waeup.editUser')
+
 
 class ManageDataCenter(grok.Permission):
@@ -119 +132 @@
     grok.name('waeup.manageDataCenter')
 
+
 class ImportData(grok.Permission):
-    """The ImportData permission allows to batch process (import) any kind of 
+    """The ImportData permission allows to batch process (import) any kind of
     portal data except for user data. The User Data processor
     requires also the ManageUsers permission.
@@ -126 +140 @@
     grok.name('waeup.importData')
 
+
 class ExportData(grok.Permission):
     """The ExportData permission allows to export any kind of portal data.
@@ -131 +146 @@
     grok.name('waeup.exportData')
 
+
 class ExportPaymentsOverview(grok.Permission):
     grok.name('waeup.exportPaymentsOverview')
 
+
 class ExportBursaryData(grok.Permission):
     grok.name('waeup.exportBursaryData')
 
+
 class ViewTranscript(grok.Permission):
     grok.name('waeup.viewTranscript')
+
 
 class ManagePortalConfiguration(grok.Permission):
@@ -146 +165 @@
     grok.name('waeup.managePortalConfiguration')
 
+
 class ManageACBatches(grok.Permission):
     """The ManageACBatches permission allows to view and
@@ -152 +172 @@
     grok.name('waeup.manageACBatches')
 
+
 class PutBiometricDataPermission(grok.Permission):
     """This permission allows to upload/change biometric data.
@@ -157 +178 @@
     grok.name('waeup.putBiometricData')
 
+
 class GetBiometricDataPermission(grok.Permission):
     """This permission allows to read biometric data.
@@ -167 +189 @@
 class ApplicationsManager(grok.Role):
     """The local ApplicationsManager role can be assigned at applicants
-    container and at department level. At department level an Applications 
-    Manager can manage all applicants which desire to study a programme 
+    container and at department level. At department level an Applications
+    Manager can manage all applicants which desire to study a programme
     offered by the department (1st Choice Course of Study).
 
-    At container level (local) Applications Managers gain permissions
-    which allow to manage the container and all applicants inside the container.
-    At container level the permission set of this local role corresonds with
-    the permission set of the same-named global role.
+    At container level (local) Applications Managers gain permissions which
+    allow to manage the container and all applicants inside the container.  At
+    container level the permission set of this local role corresonds with the
+    permission set of the same-named global role.
     """
     grok.name('waeup.local.ApplicationsManager')
@@ -182 +204 @@
                      'waeup.payApplicant')
 
+
 class DepartmentManager(grok.Role):
     """The local DepartmentManager role can be assigned at faculty or
@@ -196 +219 @@
                      'waeup.exportData')
 
+
 class DepartmentOfficer(grok.Role):
     """The local DepartmentOfficer role can be assigned at faculty or
@@ -211 +235 @@
                      'waeup.exportPaymentsOverview')
 
+
 class ClearanceOfficer(grok.Role):
     """The local ClearanceOfficer role can be assigned at faculty or
@@ -227 +252 @@
                      'waeup.clearAllStudents')
 
+
 class LocalStudentsManager(grok.Role):
     """The local LocalStudentsManager role can be assigned at faculty or
@@ -242 +268 @@
                      'waeup.exportData')
 
+
 class LocalWorkflowManager(grok.Role):
     """The local LocalWorkflowManager role can be assigned at faculty level.
@@ -257 +284 @@
                      'waeup.exportData')
 
+
 class UGClearanceOfficer(grok.Role):
     """UG Clearance Officers are regular Clearance Officers with restricted
@@ -269 +297 @@
                      'waeup.clearAllStudents')
 
+
 class PGClearanceOfficer(grok.Role):
     """PG Clearance Officers are regular Clearance Officers with restricted
@@ -281 +310 @@
                      'waeup.clearAllStudents')
 
+
 class CourseAdviser100(grok.Role):
     """The local CourseAdviser100 role can be assigned at faculty,
-    department or certificate level. The role allows to view all data and 
-    to list or export all student data within the faculty, department 
+    department or certificate level. The role allows to view all data and
+    to list or export all student data within the faculty, department
     or certificate the local role is assigned.
 
@@ -297 +327 @@
                      'waeup.exportData')
 
+
 class CourseAdviser200(grok.Role):
     """Same as CourseAdviser100 but for level 200.
@@ -306 +337 @@
                      'waeup.exportData')
 
+
 class CourseAdviser300(grok.Role):
     """Same as CourseAdviser100 but for level 300.
@@ -315 +347 @@
                      'waeup.exportData')
 
+
 class CourseAdviser400(grok.Role):
     """Same as CourseAdviser100 but for level 400.
@@ -324 +357 @@
                      'waeup.exportData')
 
+
 class CourseAdviser500(grok.Role):
     """Same as CourseAdviser100 but for level 500.
@@ -333 +367 @@
                      'waeup.exportData')
 
+
 class CourseAdviser600(grok.Role):
     """Same as CourseAdviser100 but for level 600.
@@ -342 +377 @@
                      'waeup.exportData')
 
+
 class CourseAdviser700(grok.Role):
     """Same as CourseAdviser100 but for level 700.
@@ -351 +387 @@
                      'waeup.exportData')
 
+
 class CourseAdviser800(grok.Role):
     """Same as CourseAdviser100 but for level 800.
@@ -359 +396 @@
                      'waeup.viewAcademics',
                      'waeup.exportData')
+
 
 class Lecturer(grok.Role):
@@ -372 +410 @@
                      'waeup.exportData')
 
+
 class Owner(grok.Role):
     """Each user 'owns' her/his user object and gains permission to edit
@@ -380 +419 @@
     grok.permissions('waeup.editUser')
 
+
 # Site Roles
-
 class AcademicsOfficer(grok.Role):
     """An Academics Officer can view but not edit data in the
@@ -393 +432 @@
     grok.title(u'Academics Officer (view only)')
     grok.permissions('waeup.viewAcademics')
+
 
 class AcademicsManager(grok.Role):
@@ -405 +445 @@
                      'waeup.manageAcademics')
 
+
 class ACManager(grok.Role):
     """This is the role for Access Code Managers.
@@ -413 +454 @@
     grok.title(u'Access Code Manager')
     grok.permissions('waeup.manageACBatches')
+
 
 class DataCenterManager(grok.Role):
@@ -424 +466 @@
     grok.permissions('waeup.manageDataCenter')
 
+
 class ImportManager(grok.Role):
     """An Import Manager is a Data Center Manager who is also allowed
-    to batch process (import) data. All batch processors (importers) are 
+    to batch process (import) data. All batch processors (importers) are
     available except for the User Processor. This processor requires the
     Users Manager role too. The ImportManager role includes the
@@ -436 +479 @@
                      'waeup.importData')
 
+
 class ExportManager(grok.Role):
     """An Export Manager is a Data Center Manager who is also allowed
@@ -446 +490 @@
                      'waeup.exportData')
 
+
 class BursaryOfficer(grok.Role):
     """Bursary Officers can export bursary data. They can't access the
@@ -455 +500 @@
                      'waeup.viewAcademics',
                      'waeup.exportBursaryData')
+
 
 class UsersManager(grok.Role):
@@ -465 +511 @@
     grok.permissions('waeup.manageUsers',
                      'waeup.editUser')
+
 
 class WorkflowManager(grok.Role):
@@ -508 +555 @@
                      'waeup.viewTranscript',
                      'waeup.viewDocuments', 'waeup.manageDocuments',
-                     'waeup.managePortalConfiguration', 'waeup.viewApplication',
+                     'waeup.managePortalConfiguration',
+                     'waeup.viewApplication',
                      'waeup.manageApplication', 'waeup.handleApplication',
                      'waeup.viewApplicantsTab', 'waeup.payApplicant',
@@ -514 +562 @@
                      'waeup.viewStudent', 'waeup.manageStudent',
                      'waeup.clearStudent', 'waeup.payStudent',
-                     'waeup.clearStudentFinancially',  # not used in base package
+                     'waeup.clearStudentFinancially',  # not used in base pkg
                      'waeup.uploadStudentFile', 'waeup.showStudents',
                      'waeup.clearAllStudents',
@@ -530 +578 @@
                      )
 
+
 class CCOfficer(grok.Role):
     """The role of the Computer Center Officer is basically a copy
@@ -545 +594 @@
     grok.name('waeup.CCOfficer')
     grok.title(u'Computer Center Officer')
-    grok.permissions(#'waeup.managePortal',
-                     #'waeup.manageUsers',
-                     'waeup.viewAcademics', 'waeup.manageAcademics',
-                     #'waeup.manageACBatches',
-                     'waeup.manageDataCenter',
-                     #'waeup.importData',
-                     'waeup.exportData',
-                     'waeup.viewTranscript',
-                     'waeup.viewDocuments', 'waeup.manageDocuments',
-                     'waeup.managePortalConfiguration', 'waeup.viewApplication',
-                     'waeup.manageApplication', 'waeup.handleApplication',
-                     'waeup.viewApplicantsTab', 'waeup.payApplicant',
-                     'waeup.viewApplicationStatistics',
-                     'waeup.viewStudent', 'waeup.manageStudent',
-                     'waeup.clearStudent', 'waeup.payStudent',
-                     'waeup.uploadStudentFile', 'waeup.showStudents',
-                     'waeup.clearAllStudents',
-                     'waeup.editScores',
-                     #'waeup.triggerTransition',
-                     'waeup.validateStudent',
-                     'waeup.viewStudentsContainer',
-                     'waeup.handleAccommodation',
-                     'waeup.viewHostels', 'waeup.manageHostels',
-                     #'waeup.editUser',
-                     #'waeup.loginAsStudent',
-                     'waeup.handleReports',
-                     'waeup.manageReports',
-                     #'waeup.manageJobs',
-                     )
+    grok.permissions(
+        # 'waeup.managePortal',
+        # 'waeup.manageUsers',
+        'waeup.viewAcademics',
+        'waeup.manageAcademics',
+        # 'waeup.manageACBatches',
+        'waeup.manageDataCenter',
+        # 'waeup.importData',
+        'waeup.exportData',
+        'waeup.viewTranscript',
+        'waeup.viewDocuments', 'waeup.manageDocuments',
+        'waeup.managePortalConfiguration', 'waeup.viewApplication',
+        'waeup.manageApplication', 'waeup.handleApplication',
+        'waeup.viewApplicantsTab', 'waeup.payApplicant',
+        'waeup.viewApplicationStatistics',
+        'waeup.viewStudent', 'waeup.manageStudent',
+        'waeup.clearStudent', 'waeup.payStudent',
+        'waeup.uploadStudentFile', 'waeup.showStudents',
+        'waeup.clearAllStudents',
+        'waeup.editScores',
+        # 'waeup.triggerTransition',
+        'waeup.validateStudent',
+        'waeup.viewStudentsContainer',
+        'waeup.handleAccommodation',
+        'waeup.viewHostels', 'waeup.manageHostels',
+        # 'waeup.editUser',
+        # 'waeup.loginAsStudent',
+        'waeup.handleReports',
+        'waeup.manageReports',
+        # 'waeup.manageJobs',
+        )
+
 
 def get_all_roles():
@@ -579 +631 @@
     """
     return getUtilitiesFor(IRole)
+
 
 def get_waeup_roles(also_local=False):
@@ -601 +654 @@
         yield item
 
+
 def get_waeup_role_names():
     """Get the ids of all Kofa roles.
@@ -609 +663 @@
     """
     return sorted([x.id for x in get_waeup_roles()])
+
 
 class LocalRolesAssignable(grok.Adapter):
@@ -654 +709 @@
         return sorted(list_of_dict, key=lambda x: x['name'])
 
+
 def get_all_users():
     """Get a list of dictionaries.
@@ -660 +716 @@
     for key, val in users:
         yield(dict(name=key, val=val))
+
 
 def get_users_with_local_roles(context):
@@ -674 +731 @@
         raise StopIteration
     for local_role, user_name, setting in role_map.getPrincipalsAndRoles():
-        user = grok.getSite()['users'].get(user_name,None)
+        user = grok.getSite()['users'].get(user_name, None)
         user_title = getattr(user, 'title', user_name)
         local_role_title = getattr(
             dict(get_all_roles()).get(local_role, None), 'title', None)
-        yield dict(user_name = user_name,
-                   user_title = user_title,
-                   local_role = local_role,
-                   local_role_title = local_role_title,
-                   setting = setting)
+        yield dict(user_name=user_name,
+                   user_title=user_title,
+                   local_role=local_role,
+                   local_role_title=local_role_title,
+                   setting=setting)
+
 
 def get_users_with_role(role, context):
@@ -694 +752 @@
         raise StopIteration
     for user_name, setting in role_map.getPrincipalsForRole(role):
-        user = grok.getSite()['users'].get(user_name,None)
+        user = grok.getSite()['users'].get(user_name, None)
         user_title = getattr(user, 'title', user_name)
         user_email = getattr(user, 'email', None)
-        yield dict(user_name = user_name,
-                   user_title = user_title,
-                   user_email = user_email,
-                   setting = setting)
+        yield dict(user_name=user_name,
+                   user_title=user_title,
+                   user_email=user_email,
+                   setting=setting)