Changeset 6157

Timestamp:

20 May 2011, 08:52:48 (13 years ago)

Author:

uli

Message:

Zope roles come with a title attribute. Start making use of it and simplify role lookup in w.s.permissions

Location:

main/waeup.sirp/trunk/src/waeup/sirp

Files:

• interfaces.py (modified) (2 diffs)
• permissions.py (modified) (2 diffs)
• permissions.txt (modified) (1 diff)

main/waeup.sirp/trunk/src/waeup/sirp/interfaces.py

@@ -9 +9 @@
 from zope.schema.vocabulary import SimpleVocabulary, SimpleTerm
 
-
 class FatalCSVError(Exception):
     """Some row could not be processed.
@@ -24 +23 @@
 class RoleSource(BasicSourceFactory):
     def getValues(self):
+        # late import: in interfaces we should not import local modules
+        from waeup.sirp.permissions import getWAeUPRoleNames
+        return getWAeUPRoleNames()
+
+    def getTitle(self, value):
+        # late import: in interfaces we should not import local modules
         from waeup.sirp.permissions import getRoles
-        return getRoles()
-    def getTitle(self, value):
-        if isinstance(value, basestring):
-            return value.split('.', 2)[1]
+        roles = dict(getRoles())
+        if value in roles.keys():
+            title = roles[value].title
+        if '.' in title:
+            title = title.split('.', 2)[1]
+        return title
 
 class IWAeUPObject(Interface):

main/waeup.sirp/trunk/src/waeup/sirp/permissions.py

@@ -1 +1 @@
 import grok
+from zope.component import getUtilitiesFor
 from zope.interface import Interface
+from zope.securitypolicy.interfaces import IRole
 from waeup.sirp.interfaces import ILocalRolesAssignable
 
@@ -55 +57 @@
 
 def getRoles():
-    app = grok.getSite()
-    app = None
-    manager = None
-    if app is not None:
-        from zope.securitypolicy.interfaces import IRolePermissionManager
-        manager = IRolePermissionManager(app, None)
-    else:
-        from zope.securitypolicy.rolepermission import (
-            rolePermissionManager as manager)
-    role_permission_map =  manager.getRolesAndPermissions()
-    result = dict()
-    for item in role_permission_map:
-        if not item[1].startswith('waeup.'):
+    """Return a list of tuples ``<ROLE-NAME>, <ROLE>``.
+    """
+    return getUtilitiesFor(IRole)
+
+def getWAeUPRoles(also_local=False):
+    """Get all WAeUP roles.
+
+    WAeUP roles are ordinary roles whose id by convention starts with
+    a ``waeup.`` prefix.
+
+    If `also_local` is ``True`` (``False`` by default), also local
+    roles are returned. Local WAeUP roles are such whose id starts
+    with ``waeup.local.`` prefix (this is also a convention).
+
+    Returns a generator of the found roles.
+    """
+    for name, item in getRoles():
+        if not name.startswith('waeup.'):
             # Ignore non-WAeUP roles...
             continue
-        if item[1].startswith('waeup.local.'):
+        if not also_local and name.startswith('waeup.local.'):
+            # Ignore local roles...
             continue
-        result[item[1]] = True
-    return sorted(result.keys())
+        yield item
+
+def getWAeUPRoleNames():
+    """Get the ids of all WAeUP roles.
+
+    See :func:`getWAeUPRoles` for what a 'WAeUPRole' is.
+
+    This function returns a sorted list of WAeUP role names.
+    """
+    return sorted([x.id for x in getWAeUPRoles()])
+
 
 class LocalRolesAssignable(grok.Adapter):

main/waeup.sirp/trunk/src/waeup/sirp/permissions.txt

@@ -7 +7 @@
 .. :layer: waeup.sirp.testing.WAeUPSIRPUnitTestLayer
 
-We can get all roles defined in a WAeUP portal (except 'local' roles
-that are meant not to be assigned globally):
+Convenience functions
+=====================
+
+:mod:`waeup.sirp` offers some convenience functions to handle security
+roles.
+
+:func:`getRoles`
+----------------
+
+Gives us all roles defined in a WAeUP SIRP portal. We get tuples of
+kind
+
+  ``(<ROLE-NAME>, <ROLE>)``
+
+where ``<ROLE-NAME>`` is the name under which a role was registered
+with the ZCA (a string) and ``<ROLE>`` is the real role object.
 
     >>> from waeup.sirp.permissions import getRoles
     >>> getRoles()
-    ['waeup.PortalManager', 'waeup.PortalUser']
+    <generator object at 0x...>
 
+    >>> sorted(list(getRoles()))
+    [(u'waeup.PortalManager', <waeup...PortalManager object at 0x...>), ...]
+
+:func:`getWAeUPRoles`
+---------------------
+
+Gives us all roles, except the WAeUP specific roles. We can get a list
+with or without local roles:
+
+    >>> from waeup.sirp.permissions import getWAeUPRoles
+    >>> len(list(getWAeUPRoles()))
+    2
+
+    >>> len(list(getWAeUPRoles(also_local=True)))
+    4
+
+
+:func:`getRoleNames`
+--------------------
+
+We can get all role names defined in a WAeUP portal (except 'local'
+roles that are meant not to be assigned globally):
+
+    >>> from waeup.sirp.permissions import getWAeUPRoleNames
+    >>> list(getWAeUPRoleNames())
+    [u'waeup.PortalManager', u'waeup.PortalUser']