Beispiel #1
0
def allow_create_asset_authenticated(context: IPool, registry: Registry,
                                     options: dict):
    """Set local permission to create assets for authenticated.

    This is needed to assure user can create their user image.
    """
    acl = [(Allow, Authenticated, 'create_asset')]
    set_acl(context, acl, registry)
Beispiel #2
0
 def __call__(self, context, request, transition, workflow):
     registry = getattr(request, 'registry', None)
     if registry is None:
         registry = get_current_registry(context)
     if self.acl is not None:
         set_acl(context, self.acl, registry)
     if self.local_roles is not None:
         add_local_roles(context, self.local_roles, registry)
Beispiel #3
0
 def test_search_with_allows_no_permission(self, registry, pool, inst, query):
     from pyramid.authorization import Deny
     from adhocracy_core.authorization import set_acl
     child = self._make_resource(registry, parent=pool)
     set_acl(pool, [(Deny, 'principal', 'view')], registry=registry)
     inst['system']['allowed'].reindex_resource(child)
     result = inst.search(query._replace(allows=(['principal'], 'view')))
     assert list(result.elements) == []
Beispiel #4
0
def allow_create_asset_authenticated(context: IPool,
                                     registry: Registry,
                                     options: dict):
    """Set local permission to create assets for authenticated.

    This is needed to assure user can create their user image.
    """
    acl = [(Allow, Authenticated, 'create_asset')]
    set_acl(context, acl, registry=registry)
Beispiel #5
0
 def __call__(self, context, request, transition, workflow):
     registry = getattr(request, 'registry', None)
     if registry is None:
         registry = get_current_registry(context)
     if self.acl is not None:
         set_acl(context, self.acl, registry)
     if self.local_roles is not None:
         add_local_roles(context,
                         self.local_roles,
                         registry)
def deny_view_permission(context: IResource, registry: Registry,
                         options: dict):
    """Remove view permission for everyone for `context`."""
    acl = [('deny', 'system.Everyone', 'view')]
    set_acl(context, acl, registry=registry)
Beispiel #7
0
def allow_view_eveyone(context: IResource, registry: Registry, options: dict):
    """Add view permission for everyone for `context`."""
    acl = [(Allow, Everyone, 'view')]
    set_acl(context, acl, registry)
Beispiel #8
0
def deny_view_permission(context: IResource, registry: Registry,
                         options: dict):
    """Remove view permission for everyone for `context`."""
    acl = [('deny', 'system.Everyone', 'view')]
    set_acl(context, acl, registry=registry)
Beispiel #9
0
def allow_view_eveyone(context: IResource, registry: Registry,
                       options: dict):
    """Add view permission for everyone for `context`."""
    acl = [(Allow, Everyone, 'view')]
    set_acl(context, acl, registry)