Changeset 2975


Ignore:
Timestamp:
3 Jan 2008, 17:20:02 (17 years ago)
Author:
joachim
Message:
 
Location:
WAeUP_SRP/base
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • WAeUP_SRP/base/WAeUPTool.py

    r2959 r2975  
    9898        wf_def = getattr(self.portal_workflow,wf_definition)
    9999        wf_def.updateRoleMappingsFor(ob)
     100    ###)
     101
     102    security.declareProtected(View,'getAccessInfo') ###(
     103    def getAccessInfo(self,context):
     104        "return a dict with access_info"
     105        logger = logging.getLogger('WAeUPTool.getAccessInfo')
     106        mtool = self.portal_membership
     107        member = mtool.getAuthenticatedMember()
     108        member_id = str(member)
     109        info = {}
     110        is_anonymous = info['is_anonymous'] = mtool.isAnonymousUser()
     111        is_student = info['is_student'] = ord(member_id[1]) > 48 and ord(member_id[1]) <= 57
     112        is_staff = info['is_staff'] = not is_anonymous and not is_student
     113        roles = member.getRolesInContext(context)
     114        is_sectionofficer = info['is_sectionofficer'] = not is_student and ("SectionOfficer" in roles or
     115                                                                            "SectionManager" in roles or
     116                                                                            "Manager" in roles)
     117        is_allowed = info['is_allowed'] = not is_anonymous
     118        requested_id = context.getStudentId()
     119        student_id  = None
     120        if not is_student and requested_id:
     121            student_id  = requested_id
     122        elif is_anonymous or member_id != requested_id:
     123            logger.info('%s tried to access %s of %s' % (member_id,context.portal_type,requested_id))
     124        else:
     125            student_id = member_id
     126        info['student_id'] = student_id
     127        return info
    100128    ###)
    101129
  • WAeUP_SRP/base/skins/waeup_epayment/getPaymentInfo.py

    r2058 r2975  
    2121        pass
    2222
    23 request = context.REQUEST
    24 mtool = context.portal_membership
    25 wf = context.portal_workflow
    26 member = mtool.getAuthenticatedMember()
    27 member_id = str(member)
     23# request = context.REQUEST
     24# mtool = context.portal_membership
     25# wf = context.portal_workflow
     26# member = mtool.getAuthenticatedMember()
     27# member_id = str(member)
    2828
    29 if mtool.isAnonymousUser():
     29# if mtool.isAnonymousUser():
     30#     return None
     31# info = {}
     32# requested_id = context.getStudentId()
     33# if requested_id and not context.isStaff() and member_id != requested_id:
     34#     logger.info('%s tried to access %s' % (member_id,requested_id))
     35#     return None
     36# elif context.isStaff():
     37#     student_id = requested_id
     38# else:
     39#     student_id = member_id
     40info = context.waeup_tool.getAccessInfo(context)
     41student_id = info['student_id']
     42if student_id is None:
    3043    return None
    31 info = {}
    32 requested_id = context.getStudentId()
    33 if requested_id and not context.isStaff() and member_id != requested_id:
    34     logger.info('%s tried to access %s' % (member_id,requested_id))
    35     return None
    36 elif context.isStaff():
    37     student_id = requested_id
    38 else:
    39     student_id = member_id
    4044
    4145
  • WAeUP_SRP/base/skins/waeup_student/getApplicationInfo.py

    r2920 r2975  
    1414
    1515request = context.REQUEST
    16 mtool = context.portal_membership
    17 wf = context.portal_workflow
    18 member = mtool.getAuthenticatedMember()
    19 member_id = str(member)
    20 path_info = request.get('PATH_INFO').split('/')
    21 ##from Products.zdb import set_trace
    22 ##set_trace()
    23 if mtool.isAnonymousUser():
     16# mtool = context.portal_membership
     17# wf = context.portal_workflow
     18# member = mtool.getAuthenticatedMember()
     19# member_id = str(member)
     20# path_info = request.get('PATH_INFO').split('/')
     21# ##from Products.zdb import set_trace
     22# ##set_trace()
     23# if mtool.isAnonymousUser():
     24#     return None
     25# info = {}
     26# requested_id = context.getStudentId()
     27# if requested_id and not context.isStaff() and member_id != requested_id:
     28#     import logging
     29#     logger = logging.getLogger('Skins.getApplicationInfo')
     30#     logger.info('%s tried to access application object of %s' % (member_id,requested_id))
     31#     student_id = requested_id
     32#     return None
     33# elif context.isStaff():
     34#     student_id = requested_id
     35# else:
     36#     student_id = member_id
     37info = context.waeup_tool.getAccessInfo(context)
     38student_id = info['student_id']
     39if student_id is None:
    2440    return None
    25 info = {}
    26 requested_id = context.getStudentId()
    27 if requested_id and not context.isStaff() and member_id != requested_id:
    28     import logging
    29     logger = logging.getLogger('Skins.getApplicationInfo')
    30     logger.info('%s tried to access application object of %s' % (member_id,requested_id))
    31     student_id = requested_id
    32     return None
    33 elif context.isStaff():
    34     student_id = requested_id
    35 else:
    36     student_id = member_id
    3741
    3842info['has_passport'] = context.waeup_tool.picturesExist(('passport',), student_id)
  • WAeUP_SRP/base/skins/waeup_student/getClearanceInfo.py

    r2670 r2975  
    2323path_info = request.get('PATH_INFO').split('/')
    2424
    25 if mtool.isAnonymousUser():
     25# if mtool.isAnonymousUser():
     26#     return None
     27# info = {}
     28# #from Products.zdb import set_trace
     29# #set_trace()
     30# requested_id = context.getStudentId()
     31# if requested_id and not context.isStaff() and member_id != requested_id:
     32#     logger.info('%s tried to access %s' % (member_id,requested_id))
     33#     return None
     34# elif context.isStaff():
     35#     student_id = requested_id
     36# else:
     37#     student_id = member_id
     38
     39info = context.waeup_tool.getAccessInfo(context)
     40student_id = info['student_id']
     41if student_id is None:
    2642    return None
    27 info = {}
    28 #from Products.zdb import set_trace
    29 #set_trace()
    30 requested_id = context.getStudentId()
    31 if requested_id and not context.isStaff() and member_id != requested_id:
    32     logger.info('%s tried to access %s' % (member_id,requested_id))
    33     return None
    34 elif context.isStaff():
    35     student_id = requested_id
    36 else:
    37     student_id = member_id
    38 
    3943
    4044students_object = context.portal_url.getPortalObject().campus.students
  • WAeUP_SRP/base/skins/waeup_student/getStudentFolderInfo.py

    r2961 r2975  
    3535
    3636
    37 info = {}
    3837member_id = str(member)
    3938#from Products.zdb import set_trace;set_trace()
    40 is_student = info['is_student'] = context.isStudent()
    41 is_staff = info['is_staff'] = context.isStaff()
    42 is_sectionofficer = info['is_sectionofficer'] = context.isSectionOfficer()
    43 while True:
    44     if mtool.isAnonymousUser():
    45         return None
    46     requested_id = context.getStudentId()
    47     if not is_student and requested_id:
    48         student_id = requested_id
    49         break
    50     if member_id != requested_id:
    51         logger.info('%s tried to access %s' % (member_id,requested_id))
    52         student_id = member_id
    53         mtool.assertViewable(context)
    54         break
    55     student_id = member_id
    56     break
     39# info = {}
     40# is_student = info['is_student'] = context.isStudent()
     41# is_staff = info['is_staff'] = context.isStaff()
     42# is_sectionofficer = info['is_sectionofficer'] = context.isSectionOfficer()
     43# while True:
     44#     if mtool.isAnonymousUser():
     45#         return None
     46#     requested_id = context.getStudentId()
     47#     if not is_student and requested_id:
     48#         student_id = requested_id
     49#         break
     50#     if member_id != requested_id:
     51#         logger.info('%s tried to access %s' % (member_id,requested_id))
     52#         student_id = member_id
     53#         mtool.assertViewable(context)
     54#         break
     55#     student_id = member_id
     56#     break
     57info = context.waeup_tool.getAccessInfo(context)
     58student_id = info['student_id']
     59if student_id is None:
     60    return None
     61
    5762student_path_root = "%s/campus/students/%s" % (context.portal_url.getPortalPath(),student_id)
    5863student_path = "%s/campus/students/%s" % (context.portal_url(),student_id)
     
    102107    row['type'] = subobject.portal_type
    103108    review_state = row['review_state'] = wf.getInfoFor(subobject,'review_state',None)
    104     row['is_editable'] = (is_student and review_state == "opened") or is_sectionofficer
     109    row['is_editable'] = (info['is_student'] and review_state == "opened") or info['is_sectionofficer']
    105110    sv_link = s_view_links.get(subobject.portal_type,None) or "waeup_document_view"
    106111    row['s_view_link'] = "%s/%s" % (url,sv_link)
  • WAeUP_SRP/base/skins/waeup_student/getStudyCourseInfo.py

    r2876 r2975  
    3030
    3131wftool = context.portal_workflow
    32 path_info = request.get('PATH_INFO').split('/')
     32# path_info = request.get('PATH_INFO').split('/')
    3333
    34 info = {}
    35 info['is_so'] = context.isSectionOfficer()
     34# info = {}
     35info = context.waeup_tool.getAccessInfo(context)
     36student_id = info['student_id']
     37if student_id is None:
     38    return None
     39
     40#info['is_so'] = context.isSectionOfficer()
     41info['is_so'] = info['is_sectionofficer']
    3642info['action'] = "%s" % context.absolute_url()
    3743info['choosen_ids'] = request.get('ids',[])
    3844course  = info['doc'] = context.getContent()
    39 student_id = context.getStudentId()
     45#student_id = context.getStudentId()
    4046student_record = context.students_catalog.getRecordByKey(student_id)
    4147if not student_record:
Note: See TracChangeset for help on using the changeset viewer.