Ignore:
Timestamp:
21 Sep 2012, 08:19:35 (12 years ago)
Author:
uli
Message:

Rollback r9209. Looks like multiple merges from trunk confuse svn when merging back into trunk.

Location:
main/waeup.kofa/branches/uli-zc-async
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • main/waeup.kofa/branches/uli-zc-async

  • main/waeup.kofa/branches/uli-zc-async/src/waeup/kofa/students/dynamicroles.py

    r9209 r9211  
    5151        """Get roles for principal with id `principal_id`.
    5252
    53         See waeup.kofa.applicants.dynamicroles.ApplicantPrincipalRoleManager
    54         for further information.
     53        Different to the default implementation, this method also
     54        takes into account local roles set on any department connected
     55        to the context student.
     56
     57        If the given principal has at least one of the
     58        `external_rolenames` roles granted for the external object, it
     59        additionally gets `additional_rolename` role for the context
     60        student.
     61
     62        For the additional roles the `extra_attrib` and all its parent
     63        objects are looked up, because 'role inheritance' does not
     64        work on that basic level of permission handling.
     65
     66        Some advantages of this approach:
     67
     68        - we don't have to store extra local roles for clearance
     69          officers in ZODB for each student
     70
     71        - when local roles on a department change, we don't have to
     72          update thousands of students; the local role is assigned
     73          dynamically.
     74
     75        Disadvantage:
     76
     77        - More expensive role lookups when a clearance officer wants
     78          to see an student form.
     79
     80        This implementation is designed to be usable also for other
     81        contexts than students. You can inherit from it and set
     82        different role names to lookup/set easily via the static class
     83        attributes.
    5584        """
    5685        apr_manager = AnnotationPrincipalRoleManager(self._context)
     
    89118                        result.append(
    90119                            ('waeup.StudentsOfficer', setting))
    91                 elif 'UGClearanceOfficer' in role_id:
    92                     if not self._context.is_postgrad:
    93                         result.append(
    94                             ('waeup.StudentsClearanceOfficer', setting))
    95                     else:
    96                         # Otherwise grant at least view permissions.
    97                         result.append(
    98                             ('waeup.StudentsOfficer', setting))
    99                 elif 'PGClearanceOfficer' in role_id:
    100                     if self._context.is_postgrad:
    101                         result.append(
    102                             ('waeup.StudentsClearanceOfficer', setting))
    103                     else:
    104                         # Otherwise grant at least view permissions.
    105                         result.append(
    106                             ('waeup.StudentsOfficer', setting))
    107120                elif role_id in self.rolename_mapping.keys():
    108121                    # Grant additional role
Note: See TracChangeset for help on using the changeset viewer.