def allow_create_asset_authenticated(context: IPool, registry: Registry,
options: dict):
"""Set local permission to create assets for authenticated.
This is needed to assure user can create their user image.
"""
acl = [(Allow, Authenticated, 'create_asset')]
set_acl(context, acl, registry)
def __call__(self, context, request, transition, workflow):
registry = getattr(request, 'registry', None)
if registry is None:
registry = get_current_registry(context)
if self.acl is not None:
set_acl(context, self.acl, registry)
if self.local_roles is not None:
add_local_roles(context, self.local_roles, registry)
def test_search_with_allows_no_permission(self, registry, pool, inst, query):
from pyramid.authorization import Deny
from adhocracy_core.authorization import set_acl
child = self._make_resource(registry, parent=pool)
set_acl(pool, [(Deny, 'principal', 'view')], registry=registry)
inst['system']['allowed'].reindex_resource(child)
result = inst.search(query._replace(allows=(['principal'], 'view')))
assert list(result.elements) == []
def allow_create_asset_authenticated(context: IPool,
registry: Registry,
options: dict):
"""Set local permission to create assets for authenticated.
This is needed to assure user can create their user image.
"""
acl = [(Allow, Authenticated, 'create_asset')]
set_acl(context, acl, registry=registry)
def __call__(self, context, request, transition, workflow):
registry = getattr(request, 'registry', None)
if registry is None:
registry = get_current_registry(context)
if self.acl is not None:
set_acl(context, self.acl, registry)
if self.local_roles is not None:
add_local_roles(context,
self.local_roles,
registry)
def deny_view_permission(context: IResource, registry: Registry,
options: dict):
"""Remove view permission for everyone for `context`."""
acl = [('deny', 'system.Everyone', 'view')]
set_acl(context, acl, registry=registry)
def allow_view_eveyone(context: IResource, registry: Registry, options: dict):
"""Add view permission for everyone for `context`."""
acl = [(Allow, Everyone, 'view')]
set_acl(context, acl, registry)
def deny_view_permission(context: IResource, registry: Registry,
options: dict):
"""Remove view permission for everyone for `context`."""
acl = [('deny', 'system.Everyone', 'view')]
set_acl(context, acl, registry=registry)
def allow_view_eveyone(context: IResource, registry: Registry,
options: dict):
"""Add view permission for everyone for `context`."""
acl = [(Allow, Everyone, 'view')]
set_acl(context, acl, registry)