Changeset 8963
- Timestamp:
- 10 Jul 2012, 05:39:02 (13 years ago)
- Location:
- main/waeup.kofa/trunk/src/waeup/kofa/students
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
main/waeup.kofa/trunk/src/waeup/kofa/students/dynamicroles.py
r7811 r8963 46 46 rolename_mapping = { 47 47 'waeup.local.ClearanceOfficer':'waeup.StudentsClearanceOfficer', 48 'waeup.local.UGClearanceOfficer':'waeup.StudentsClearanceOfficer', 49 'waeup.local.PGClearanceOfficer':'waeup.StudentsClearanceOfficer', 48 50 } 49 51 … … 51 53 """Get roles for principal with id `principal_id`. 52 54 53 Different to the default implementation, this method also 54 takes into account local roles set on any department connected 55 to the context student. 56 57 If the given principal has at least one of the 58 `external_rolenames` roles granted for the external object, it 59 additionally gets `additional_rolename` role for the context 60 student. 61 62 For the additional roles the `extra_attrib` and all its parent 63 objects are looked up, because 'role inheritance' does not 64 work on that basic level of permission handling. 65 66 Some advantages of this approach: 67 68 - we don't have to store extra local roles for clearance 69 officers in ZODB for each student 70 71 - when local roles on a department change, we don't have to 72 update thousands of students; the local role is assigned 73 dynamically. 74 75 Disadvantage: 76 77 - More expensive role lookups when a clearance officer wants 78 to see an student form. 79 80 This implementation is designed to be usable also for other 81 contexts than students. You can inherit from it and set 82 different role names to lookup/set easily via the static class 83 attributes. 55 See waeup.kofa.applicants.dynamicroles.ApplicantPrincipalRoleManager 56 for further information. 84 57 """ 85 58 apr_manager = AnnotationPrincipalRoleManager(self._context) … … 118 91 result.append( 119 92 ('waeup.StudentsOfficer', setting)) 93 elif 'UGClearanceOfficer' in role_id: 94 if not self._context.is_postgrad: 95 result.append( 96 ('waeup.StudentsClearanceOfficer', setting)) 97 else: 98 # Otherwise grant at least view permissions. 99 result.append( 100 ('waeup.StudentsOfficer', setting)) 101 elif 'PGClearanceOfficer' in role_id: 102 if self._context.is_postgrad: 103 result.append( 104 ('waeup.StudentsClearanceOfficer', setting)) 105 else: 106 # Otherwise grant at least view permissions. 107 result.append( 108 ('waeup.StudentsOfficer', setting)) 120 109 elif role_id in self.rolename_mapping.keys(): 121 110 # Grant additional role -
main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_browser.py
r8920 r8963 1557 1557 self.browser.contents) 1558 1558 # Payment session and level are current ones. 1559 # Postgrads have to school_fee_1.1559 # Postgrads have to pay school_fee_1. 1560 1560 self.assertEqual(self.student['payments'][value].amount_auth, 40000.0) 1561 1561 self.assertEqual(self.student['payments'][value].p_session, 2004) -
main/waeup.kofa/trunk/src/waeup/kofa/students/tests/test_dynamicroles.py
r7811 r8963 25 25 Test as APRMTest, Manageable) 26 26 from waeup.kofa.testing import FunctionalLayer 27 from waeup.kofa.app import University 27 28 from waeup.kofa.students.tests.test_browser import StudentsFullSetup 28 29 from waeup.kofa.students import Student, StudentPrincipalRoleManager … … 48 49 def setUp(self): 49 50 super(StudentPrincipalRoleManagerFunctionalTests, self).setUp() 50 self.officer_role = 'waeup.StudentsClearanceOfficer'51 51 # assign clearance permissions for a virtual officer 52 52 prm = IPrincipalRoleManager(self.app['faculties']['fac1']['dep1']) 53 53 prm.assignRoleToPrincipal('waeup.local.ClearanceOfficer', 'alice') 54 prm.assignRoleToPrincipal('waeup.local.PGClearanceOfficer', 'bob') 55 prm.assignRoleToPrincipal('waeup.local.UGClearanceOfficer', 'anne') 54 56 return 55 57 … … 74 76 # student 75 77 prm = IPrincipalRoleManager(self.student) 76 result = prm.getRolesForPrincipal(' bob')78 result = prm.getRolesForPrincipal('claus') 77 79 self.assertEqual(result, []) 78 80 return … … 83 85 prm = IPrincipalRoleManager(self.student) 84 86 result = prm.getRolesForPrincipal('alice') 85 self.assertEqual(result, [(self.officer_role, Allow)]) 87 self.assertEqual(result, [('waeup.StudentsClearanceOfficer', Allow)]) 88 # Student is a UG student 89 self.assertFalse(self.student.is_postgrad) 90 result = prm.getRolesForPrincipal('bob') 91 self.assertEqual(result, [('waeup.StudentsOfficer', Allow)]) 92 result = prm.getRolesForPrincipal('anne') 93 self.assertEqual(result, [('waeup.StudentsClearanceOfficer', Allow)]) 94 # Make student a PG student 95 self.certificate.study_mode = u'pg_ft' 96 self.assertTrue(self.student.is_postgrad) 97 result = prm.getRolesForPrincipal('bob') 98 # The dynamic roles changed 99 self.assertEqual(result, [('waeup.StudentsClearanceOfficer', Allow)]) 100 result = prm.getRolesForPrincipal('anne') 101 self.assertEqual(result, [('waeup.StudentsOfficer', Allow)]) 86 102 return
Note: See TracChangeset for help on using the changeset viewer.