Changeset 7163
- Timestamp:
- 22 Nov 2011, 09:51:18 (13 years ago)
- Location:
- main/waeup.sirp/trunk/src/waeup/sirp
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.sirp/trunk/src/waeup/sirp/authentication.txt
r6746 r7163 46 46 47 47 Accounts also hold infos about local roles assigned to a user. In the 48 beginning, users have no local roles at all: 49 50 >>> alice.getLocalRoles() 51 {} 52 53 But we can tell an account, that Alice got some role for a certain 54 object: 48 beginning, users have only the local owner role of their own account object: 49 50 >>> alice.getLocalRoles() 51 {'waeup.local.Owner': [<waeup.sirp.authentication.Account object at 0x...>]} 52 53 We can tell an account, that Alice got some role for another object: 55 54 56 55 >>> chalet = object() … … 67 66 >>> alice.notifyLocalRoleChanged(chalet, 'BigBoss', granted=False) 68 67 >>> alice.getLocalRoles() 69 { }68 {'waeup.local.Owner': [<waeup.sirp.authentication.Account object at 0x...>]} 70 69 71 70 We can also use events to trigger such actions. This is recommended … … 107 106 >>> del root['app']['bobs_fac'] 108 107 >>> bob.getLocalRoles() 109 { }108 {'waeup.local.Owner': [<waeup.sirp.authentication.Account object at 0x...>]} 110 109 111 110 If one notifies the machinery of a local role removal for an object -
main/waeup.sirp/trunk/src/waeup/sirp/permissions.py
r7148 r7163 31 31 grok.name('waeup.manageUsers') 32 32 33 class EditUser(grok.Permission): 34 grok.name('waeup.editUser') 35 33 36 class ManageDataCenter(grok.Permission): 34 37 grok.name('waeup.manageDataCenter') … … 52 55 grok.title(u'Course Adviser') 53 56 grok.permissions('waeup.View', 'waeup.Public') 57 58 class Owner(grok.Role): 59 grok.name('waeup.local.Owner') 60 grok.title(u'Owner') 61 grok.permissions('waeup.editUser') 54 62 55 63 # Global Roles -
main/waeup.sirp/trunk/src/waeup/sirp/permissions.txt
r7154 r7163 42 42 43 43 >>> len(list(getWAeUPRoles(also_local=True))) 44 1 344 14 45 45 46 46 -
main/waeup.sirp/trunk/src/waeup/sirp/users.py
r7137 r7163 4 4 from zope.event import notify 5 5 from zope.interface import Interface 6 from zope.securitypolicy.interfaces import IPrincipalRoleMap 6 from zope.securitypolicy.interfaces import ( 7 IPrincipalRoleMap, IPrincipalRoleManager) 7 8 from waeup.sirp.authentication import Account 8 from waeup.sirp.interfaces import IUserContainer, ILocalRoleSetEvent 9 from waeup.sirp.interfaces import ( 10 IUserContainer, ILocalRoleSetEvent, IUserAccount) 9 11 10 12 class UserContainer(grok.Container): … … 74 76 obj, local_role, user_name, granted=False)) 75 77 return 78 79 @grok.subscribe(IUserAccount, grok.IObjectAddedEvent) 80 def handle_user_added(account, event): 81 """If an account is added the local owner role must be set. 82 """ 83 # First we have to set the local owner role of the account object 84 role_manager = IPrincipalRoleManager(account) 85 role_manager.assignRoleToPrincipal( 86 'waeup.local.Owner', account.name) 87 # Then we have to notify the user account that the local role 88 # of the same object has changed 89 notify(LocalRoleSetEvent( 90 account, 'waeup.local.Owner', account.name, granted=True)) 91 return
Note: See TracChangeset for help on using the changeset viewer.