def _get_permissions(cls, modul, item, request):
"""Internal method to implement getting specific build of an ACL
for this class (and instances). By default this function just
calls the :func:`ringo.lib.security.get_permission` function.
See this function for more details.
If you need to implement an alternative permission check this
function can be overwritten. The `modul` and `item` attribute
needed for the default get_permission method. `request` is used
to get the current db session in case you need to reload other
informations.
:modul: Instance of the modul
:item: Instance of the class
:returns: List of permissions.
"""
# FIXME: Try to get rid of the request element here. There
# should not be any request needed in the model. This is needed
# in the efa application for Participants to load additional
# modules. (ti).
# <2015-03-10 22:46>
# FIXME: Circular import :((( Yes I know. We really need some
# clean up here. (ti) <2015-03-10 21:08>
from ringo.lib.security import get_permissions
return get_permissions(modul, item)
def _get_permissions(cls, modul, item, request):
"""Internal method to implement getting specific build of an ACL
for this class (and instances). By default this function just
calls the :func:`ringo.lib.security.get_permission` function.
See this function for more details.
If you need to implement an alternative permission check this
function can be overwritten. The `modul` and `item` attribute
needed for the default get_permission method. `request` is used
to get the current db session in case you need to reload other
informations.
:modul: Instance of the modul
:item: Instance of the class
:returns: List of permissions.
"""
# FIXME: Try to get rid of the request element here. There
# should not be any request needed in the model. This is needed
# in the efa application for Participants to load additional
# modules. (ti).
# <2015-03-10 22:46>
# FIXME: Circular import :((( Yes I know. We really need some
# clean up here. (ti) <2015-03-10 21:08>
from ringo.lib.security import get_permissions
return get_permissions(modul, item)
def _get_permissions(cls, modul, item, request):
"""Returns custom privileges for news entries. As News do not
have an owner nor a group the default permisssion system of
Ringo would deny all access form users except from users with
admin role. So we need to overwrite the default persmissions.
News items should be readable by all authenticated users.
This means setting permissions on roles does not have any
effect!"""
# Default permissions (e.g allow admins access)
permissions = get_permissions(modul, item)
# Add custom read permission
permissions.append((Allow, Authenticated, 'read'))
return permissions
def _get_permissions(cls, modul, item, request):
"""Returns custom privileges for news entries. As News do not
have an owner nor a group the default permisssion system of
Ringo would deny all access form users except from users with
admin role. So we need to overwrite the default persmissions.
News items should be readable by all authenticated users.
This means setting permissions on roles does not have any
effect!"""
# Default permissions (e.g allow admins access)
permissions = get_permissions(modul, item)
# Add custom read permission
permissions.append((Allow, Authenticated, 'read'))
return permissions