def _has_administrational_role(modul, user):
for action in modul.actions:
if action.name == "Update":
for role in action.roles:
if role.admin and has_role(user, role.name):
return True
return False
def get_rendered_ownership_form(request):
"""Returns the rendered ownership form for the item in the current
request. If the item is not an instance of Owned, than an empty
string is returned.
Changing the owner of the item will only be available for users with
a administrative role and update permissions on the current item.
Changing the group is restricted to the groups the user is member if
the user has not an administrative role.
"""
def _has_administrational_role(modul, user):
for action in modul.actions:
if action.name == "Update":
for role in action.roles:
if role.admin and has_role(user, role.name):
return True
return False
item = get_item_from_request(request)
form = get_ownership_form(request)
modul = get_item_modul(request, item)
usergroup_modul = get_item_modul(request, Usergroup)
_groups = [unicode(g.name) for g in request.user.groups]
_admin = (_has_administrational_role(modul, request.user)
or has_role(request.user, "admin")
or _has_administrational_role(usergroup_modul, request.user))
values = {"_admin": _admin, "_groups": _groups}
if isinstance(item, Owned):
return form.render(values=values)
else:
return ""
def _has_administrational_role(modul, user):
for action in modul.actions:
if action.name == "Update":
for role in action.roles:
if role.admin and has_role(user, role.name):
return True
return False
def get_rendered_ownership_form(request):
"""Returns the rendered ownership form for the item in the current
request. If the item is not an instance of Owned, than an empty
string is returned.
Changing the owner of the item will only be available for users with
a administrative role and update permissions on the current item.
Changing the group is restricted to the groups the user is member if
the user has not an administrative role.
"""
def _has_administrational_role(modul, user):
for action in modul.actions:
if action.name == "Update":
for role in action.roles:
if role.admin and has_role(user, role.name):
return True
return False
item = get_item_from_request(request)
form = get_ownership_form(request)
modul = get_item_modul(request, item)
usergroup_modul = get_item_modul(request, Usergroup)
_groups = [unicode(g.name) for g in request.user.groups]
_admin = (_has_administrational_role(modul, request.user)
or has_role(request.user, "admin")
or _has_administrational_role(usergroup_modul, request.user))
values = {"_admin": _admin,
"_groups": _groups}
if isinstance(item, Owned):
return form.render(values=values)
else:
return ""
def get_columns(self, user=None):
"""Return a list of configured columns within the configuration.
Each colum is a dictionary containing the one or more available
configuration attributes."""
from ringo.lib.security import has_role
cols = []
config = self.config.get(self.name)
for col in config.get('columns'):
if user and col.get("roles"):
# Check if user has on of the required roles.
roles = col.get("roles").split(",") + ['admin']
for role in roles:
if has_role(user, role):
cols.append(col)
break
else:
cols.append(col)
return cols
def get_ownership_form(request):
item = get_item_from_request(request)
db = request.db
csrf_token = request.session.get_csrf_token()
url_prefix = get_app_url(request)
# Check if the form is rendered as readonly form.
if has_role(request.user, "admin"):
readonly = False
elif isinstance(item, Owned) and item.is_owner(request.user):
readonly = False
else:
readonly = True
return _get_ownership_form(item, db, csrf_token, get_eval_url(),
readonly, url_prefix,
locale=locale_negotiator(request),
translate=request.translate)
def get_ownership_form(request):
item = get_item_from_request(request)
db = request.db
csrf_token = request.session.get_csrf_token()
url_prefix = get_app_url(request)
# Check if the form is rendered as readonly form.
if has_role(request.user, "admin"):
readonly = False
elif isinstance(item, Owned) and item.is_owner(request.user):
readonly = False
else:
readonly = True
return _get_ownership_form(item,
db,
csrf_token,
get_eval_url(),
readonly,
url_prefix,
locale=locale_negotiator(request),
translate=request.translate)
