def updateRoleMappingsFor(self, ob):
"""
Changes the object permissions according to the current
state.
"""
changed = 0
sdef = self._getWorkflowStateOf(ob)
tool = aq_parent(aq_inner(self))
other_workflow_list = [
x for x in tool.getWorkflowsFor(ob) if x.id != self.id and isinstance(x, DCWorkflowDefinition)
]
other_data_list = []
for other_workflow in other_workflow_list:
other_sdef = other_workflow._getWorkflowStateOf(ob)
if other_sdef is not None and other_sdef.permission_roles is not None:
other_data_list.append((other_workflow, other_sdef))
# Be carefull, permissions_roles should not change
# from list to tuple or vice-versa. (in modifyRolesForPermission,
# list means acquire roles, tuple means do not acquire)
if sdef is not None and self.permissions:
for p in self.permissions:
roles = []
refused_roles = []
role_type = "list"
other_role_type_list = []
if sdef.permission_roles is not None:
roles = sdef.permission_roles.get(p, roles)
if type(roles) is type(()):
role_type = "tuple"
roles = list(roles)
# We will check that each role is activated
# in each DCWorkflow
for other_workflow, other_sdef in other_data_list:
if p in other_workflow.permissions:
other_roles = other_sdef.permission_roles.get(p, [])
if type(other_roles) is type(()):
other_role_type_list.append("tuple")
else:
other_role_type_list.append("list")
for role in roles:
if role not in other_roles:
refused_roles.append(role)
for role in refused_roles:
if role in roles:
roles.remove(role)
if role_type == "tuple" and ((not other_role_type_list) or ("list" not in other_role_type_list)):
# If at least, one of other workflows manage security and for all are role_type are tuple
roles = tuple(roles)
if modifyRolesForPermission(ob, p, roles):
changed = 1
return changed
def updateRoleMappingsFor(self, ob):
'''
Changes the object permissions according to the current
state.
'''
changed = 0
sdef = self._getWorkflowStateOf(ob)
tool = aq_parent(aq_inner(self))
other_workflow_list = \
[x for x in tool.getWorkflowsFor(ob) if x.id != self.id and isinstance(x,DCWorkflowDefinition)]
other_data_list = []
for other_workflow in other_workflow_list:
other_sdef = other_workflow._getWorkflowStateOf(ob)
if other_sdef is not None and other_sdef.permission_roles is not None:
other_data_list.append((other_workflow, other_sdef))
# Be carefull, permissions_roles should not change
# from list to tuple or vice-versa. (in modifyRolesForPermission,
# list means acquire roles, tuple means do not acquire)
if sdef is not None and self.permissions:
for p in self.permissions:
roles = []
refused_roles = []
role_type = 'list'
other_role_type_list = []
if sdef.permission_roles is not None:
roles = sdef.permission_roles.get(p, roles)
if type(roles) is type(()):
role_type = 'tuple'
roles = list(roles)
# We will check that each role is activated
# in each DCWorkflow
for other_workflow, other_sdef in other_data_list:
if p in other_workflow.permissions:
other_roles = other_sdef.permission_roles.get(p, [])
if type(other_roles) is type(()):
other_role_type_list.append('tuple')
else:
other_role_type_list.append('list')
for role in roles:
if role not in other_roles:
refused_roles.append(role)
for role in refused_roles:
if role in roles:
roles.remove(role)
if role_type == 'tuple' and ((not other_role_type_list) or
('list' not in other_role_type_list)):
#If at least, one of other workflows manage security and for all are role_type are tuple
roles = tuple(roles)
if modifyRolesForPermission(ob, p, roles):
changed = 1
return changed
def updateRoleMappings(self, REQUEST=None):
"""
Changes permissions of all objects related to this workflow
"""
wf_tool = aq_parent(aq_inner(self))
chain_by_type = wf_tool._chains_by_type
type_info_list = wf_tool._listTypeInfo()
wf_id = self.id
portal_type_list = []
# get the list of portal types to update
if wf_id in wf_tool._default_chain:
include_default = 1
else:
include_default = 0
for type_info in type_info_list:
tid = type_info.getId()
if chain_by_type.has_key(tid):
if wf_id in chain_by_type[tid]:
portal_type_list.append(tid)
elif include_default == 1:
portal_type_list.append(tid)
if portal_type_list:
object_list = self.portal_catalog(portal_type=portal_type_list,
limit=None)
object_list_len = len(object_list)
portal_activities = self.portal_activities
object_path_list = [x.path for x in object_list]
for i in xrange(0, object_list_len, ACTIVITY_GROUPING_COUNT):
current_path_list = object_path_list[i:i + ACTIVITY_GROUPING_COUNT]
portal_activities.activate(activity='SQLQueue',
priority=3)\
.callMethodOnObjectList(current_path_list,
'updateRoleMappingsFor',
wf_id = self.getId())
else:
object_list_len = 0
if REQUEST is not None:
return self.manage_properties(
REQUEST,
manage_tabs_message='%d object(s) updated.' % object_list_len)
else:
return object_list_len
def updateRoleMappings(self, REQUEST=None):
"""
Changes permissions of all objects related to this workflow
"""
wf_tool = aq_parent(aq_inner(self))
chain_by_type = wf_tool._chains_by_type
type_info_list = wf_tool._listTypeInfo()
wf_id = self.id
portal_type_list = []
# get the list of portal types to update
if wf_id in wf_tool._default_chain:
include_default = 1
else:
include_default = 0
for type_info in type_info_list:
tid = type_info.getId()
if chain_by_type.has_key(tid):
if wf_id in chain_by_type[tid]:
portal_type_list.append(tid)
elif include_default == 1:
portal_type_list.append(tid)
if portal_type_list:
object_list = self.portal_catalog(portal_type=portal_type_list, limit=None)
object_list_len = len(object_list)
portal_activities = self.portal_activities
object_path_list = [x.path for x in object_list]
for i in xrange(0, object_list_len, ACTIVITY_GROUPING_COUNT):
current_path_list = object_path_list[i:i+ACTIVITY_GROUPING_COUNT]
portal_activities.activate(activity='SQLQueue',
priority=3)\
.callMethodOnObjectList(current_path_list,
'updateRoleMappingsFor',
wf_id = self.getId())
else:
object_list_len = 0
if REQUEST is not None:
return self.manage_properties(REQUEST,
manage_tabs_message='%d object(s) updated.' % object_list_len)
else:
return object_list_len
def _executeMetaTransition(self, ob, new_state_id):
"""
Allow jumping from state to another without triggering any hooks.
Must be used only under certain conditions.
"""
sci = None
econtext = None
tdef = None
kwargs = None
# Figure out the old and new states.
old_sdef = self._getWorkflowStateOf(ob)
if old_sdef is None:
old_state = self._getWorkflowStateOf(ob, id_only=True)
else:
old_state = old_sdef.getId()
if old_state == new_state_id:
# Object is already in expected state
return
former_status = self._getStatusOf(ob)
new_sdef = self.states.get(new_state_id, None)
if new_sdef is None:
raise WorkflowException, ('Destination state undefined: ' +
new_state_id)
# Update variables.
state_values = new_sdef.var_values
if state_values is None:
state_values = {}
tdef_exprs = {}
status = {}
for id, vdef in self.variables.items():
if not vdef.for_status:
continue
expr = None
if state_values.has_key(id):
value = state_values[id]
elif tdef_exprs.has_key(id):
expr = tdef_exprs[id]
elif not vdef.update_always and former_status.has_key(id):
# Preserve former value
value = former_status[id]
else:
if vdef.default_expr is not None:
expr = vdef.default_expr
else:
value = vdef.default_value
if expr is not None:
# Evaluate an expression.
if econtext is None:
# Lazily create the expression context.
if sci is None:
sci = StateChangeInfo(ob, self, former_status, tdef,
old_sdef, new_sdef, kwargs)
econtext = createExprContext(sci)
value = expr(econtext)
status[id] = value
status['comment'] = 'Jump from %r to %r' % (
old_state,
new_state_id,
)
status[self.state_var] = new_state_id
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
# Update role to permission assignments.
self.updateRoleMappingsFor(ob)
return new_sdef
value = vdef.default_value
if expr is not None:
# Evaluate an expression.
if econtext is None:
# Lazily create the expression context.
if sci is None:
sci = StateChangeInfo(ob, self, former_status, tdef,
old_sdef, new_sdef, kwargs)
econtext = createExprContext(sci)
value = expr(econtext)
status[id] = value
# Do not proceed in case of failure of before script
if not before_script_success:
status[self.state_var] = old_state # Remain in state
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
sci = StateChangeInfo(ob, self, status, tdef, old_sdef, new_sdef,
kwargs)
# put the error message in the workflow history
sci.setWorkflowVariable(error_message=before_script_error_message)
if validation_exc:
# reraise validation failed exception
raise validation_exc, None, validation_exc_traceback
return new_sdef
# Update state.
status[self.state_var] = new_state
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
def _executeMetaTransition(self, ob, new_state_id):
"""
Allow jumping from state to another without triggering any hooks.
Must be used only under certain conditions.
"""
sci = None
econtext = None
tdef = None
kwargs = None
# Figure out the old and new states.
old_sdef = self._getWorkflowStateOf(ob)
if old_sdef is None:
old_state = self._getWorkflowStateOf(ob, id_only=True)
else:
old_state = old_sdef.getId()
if old_state == new_state_id:
# Object is already in expected state
return
former_status = self._getStatusOf(ob)
new_sdef = self.states.get(new_state_id, None)
if new_sdef is None:
raise WorkflowException, ('Destination state undefined: ' + new_state_id)
# Update variables.
state_values = new_sdef.var_values
if state_values is None:
state_values = {}
tdef_exprs = {}
status = {}
for id, vdef in self.variables.items():
if not vdef.for_status:
continue
expr = None
if state_values.has_key(id):
value = state_values[id]
elif tdef_exprs.has_key(id):
expr = tdef_exprs[id]
elif not vdef.update_always and former_status.has_key(id):
# Preserve former value
value = former_status[id]
else:
if vdef.default_expr is not None:
expr = vdef.default_expr
else:
value = vdef.default_value
if expr is not None:
# Evaluate an expression.
if econtext is None:
# Lazily create the expression context.
if sci is None:
sci = StateChangeInfo(ob, self, former_status, tdef, old_sdef,
new_sdef, kwargs)
econtext = createExprContext(sci)
value = expr(econtext)
status[id] = value
status['comment'] = 'Jump from %r to %r' % (old_state, new_state_id,)
status[self.state_var] = new_state_id
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
# Update role to permission assignments.
self.updateRoleMappingsFor(ob)
return new_sdef
if expr is not None:
# Evaluate an expression.
if econtext is None:
# Lazily create the expression context.
if sci is None:
sci = StateChangeInfo(
ob, self, former_status, tdef,
old_sdef, new_sdef, kwargs)
econtext = createExprContext(sci)
value = expr(econtext)
status[id] = value
# Do not proceed in case of failure of before script
if not before_script_success:
status[self.state_var] = old_state # Remain in state
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
sci = StateChangeInfo(
ob, self, status, tdef, old_sdef, new_sdef, kwargs)
# put the error message in the workflow history
sci.setWorkflowVariable(ob, workflow_id=self.id,
error_message = before_script_error_message)
if validation_exc :
# reraise validation failed exception
raise validation_exc, None, validation_exc_traceback
return new_sdef
# Update state.
status[self.state_var] = new_state
tool = aq_parent(aq_inner(self))
tool.setStatusOf(self.id, ob, status)
