def test_had_read_access(self):
model = loadString("""
<model xmlns="http://namespaces.plone.org/supermodel/schema">
<schema />
</model>
""")
context = self.new_temporary_folder()
# no permission -> has access
self.assertTrue(
security.has_read_access(model.schema, 'fieldname', context)
)
security.set_read_permissions(
model.schema, {'fieldname': 'cmf.ManagePortal'}
)
# anonymous has no access now
self.assertFalse(
security.has_read_access(model.schema, 'fieldname', context)
)
# but the admin does
with self.user('admin'):
self.assertTrue(
security.has_read_access(model.schema, 'fieldname', context)
)
def fields(self, position):
has_access = lambda field: security.has_read_access(
self.schema, field, self.context
)
fields = get_detail_fields(self.schema).get(position)
if not fields:
return []
return [f for f in fields if has_access(f)]
def _get_schema_columns(schema, context, restricted):
columns = []
titles = get_custom_column_titles(schema)
for ix, fields in enumerate(get_columns(schema)):
if restricted:
fields = [
f for f in fields if has_read_access(schema, f, context)
]
if fields:
columns.append(SchemaColumn(schema, fields, titles[ix]))
return columns
