def _has_administrational_role(modul, user): for action in modul.actions: if action.name == "Update": for role in action.roles: if role.admin and has_role(user, role.name): return True return False
def get_rendered_ownership_form(request): """Returns the rendered ownership form for the item in the current request. If the item is not an instance of Owned, than an empty string is returned. Changing the owner of the item will only be available for users with a administrative role and update permissions on the current item. Changing the group is restricted to the groups the user is member if the user has not an administrative role. """ def _has_administrational_role(modul, user): for action in modul.actions: if action.name == "Update": for role in action.roles: if role.admin and has_role(user, role.name): return True return False item = get_item_from_request(request) form = get_ownership_form(request) modul = get_item_modul(request, item) usergroup_modul = get_item_modul(request, Usergroup) _groups = [unicode(g.name) for g in request.user.groups] _admin = (_has_administrational_role(modul, request.user) or has_role(request.user, "admin") or _has_administrational_role(usergroup_modul, request.user)) values = {"_admin": _admin, "_groups": _groups} if isinstance(item, Owned): return form.render(values=values) else: return ""
def _has_administrational_role(modul, user): for action in modul.actions: if action.name == "Update": for role in action.roles: if role.admin and has_role(user, role.name): return True return False
def get_rendered_ownership_form(request): """Returns the rendered ownership form for the item in the current request. If the item is not an instance of Owned, than an empty string is returned. Changing the owner of the item will only be available for users with a administrative role and update permissions on the current item. Changing the group is restricted to the groups the user is member if the user has not an administrative role. """ def _has_administrational_role(modul, user): for action in modul.actions: if action.name == "Update": for role in action.roles: if role.admin and has_role(user, role.name): return True return False item = get_item_from_request(request) form = get_ownership_form(request) modul = get_item_modul(request, item) usergroup_modul = get_item_modul(request, Usergroup) _groups = [unicode(g.name) for g in request.user.groups] _admin = (_has_administrational_role(modul, request.user) or has_role(request.user, "admin") or _has_administrational_role(usergroup_modul, request.user)) values = {"_admin": _admin, "_groups": _groups} if isinstance(item, Owned): return form.render(values=values) else: return ""
def get_columns(self, user=None): """Return a list of configured columns within the configuration. Each colum is a dictionary containing the one or more available configuration attributes.""" from ringo.lib.security import has_role cols = [] config = self.config.get(self.name) for col in config.get('columns'): if user and col.get("roles"): # Check if user has on of the required roles. roles = col.get("roles").split(",") + ['admin'] for role in roles: if has_role(user, role): cols.append(col) break else: cols.append(col) return cols
def get_ownership_form(request): item = get_item_from_request(request) db = request.db csrf_token = request.session.get_csrf_token() url_prefix = get_app_url(request) # Check if the form is rendered as readonly form. if has_role(request.user, "admin"): readonly = False elif isinstance(item, Owned) and item.is_owner(request.user): readonly = False else: readonly = True return _get_ownership_form(item, db, csrf_token, get_eval_url(), readonly, url_prefix, locale=locale_negotiator(request), translate=request.translate)
def get_ownership_form(request): item = get_item_from_request(request) db = request.db csrf_token = request.session.get_csrf_token() url_prefix = get_app_url(request) # Check if the form is rendered as readonly form. if has_role(request.user, "admin"): readonly = False elif isinstance(item, Owned) and item.is_owner(request.user): readonly = False else: readonly = True return _get_ownership_form(item, db, csrf_token, get_eval_url(), readonly, url_prefix, locale=locale_negotiator(request), translate=request.translate)