def manage_changePermissions(self, REQUEST): """Change all permissions settings, called by management screen.""" valid_roles = self.valid_roles() have = REQUEST.__contains__ permissions = self.ac_inherited_permissions(1) fails = [] for ip in range(len(permissions)): permission_name = permissions[ip][0] permission_hash = _string_hash(permission_name) roles = [] for role in valid_roles: role_name = role role_hash = _string_hash(role_name) if have("permission_%srole_%s" % (permission_hash, role_hash)): roles.append(role) name, value = permissions[ip][:2] try: p = Permission(name, value, self) if not have('acquire_%s' % permission_hash): roles = tuple(roles) p.setRoles(roles) except Exception: fails.append(name) if fails: raise BadRequest('Some permissions had errors: ' + html.escape(', '.join(fails), True)) if REQUEST is not None: return self.manage_access(REQUEST)
def test12_retrieveAndRevertRetainWorkingCopiesPermissions(self): portal_repo = self.portal.portal_repository doc = self.portal.doc perm = 'Access contents information' if has_zope4: member_role = 'permission_{0}role_{1}'.format( _string_hash(perm), _string_hash('Member') ) else: roles = list(doc.valid_roles()) member_role = 'p0r{0}'.format(roles.index('Member')) doc.manage_permission(perm, ('Manager',), 0) portal_repo.applyVersionControl(doc) doc.manage_permission(perm, ('Manager', 'Member'), 1) portal_repo.save(doc) # just check the original is unchanged settings = doc.permission_settings(perm)[0] self.failUnless(settings['acquire']) role_enabled = [r for r in settings['roles'] if r['name'] == member_role][0] self.failUnless(role_enabled['checked']) # ----- retrieve # check if retrieved object carries the working copy's permissions retrieved_data = portal_repo.retrieve( doc, 0, preserve=['_Access_contents_information_Permission']) settings = retrieved_data.object.permission_settings(perm)[0] self.failUnless(settings['acquire']) role_enabled = [ r for r in settings['roles'] if r['name'] == member_role ][0] self.failUnless(role_enabled['checked']) # check that the working copy's permissions are unchanged settings = doc.permission_settings(perm)[0] self.failUnless(settings['acquire']) role_enabled = [ r for r in settings['roles'] if r['name'] == member_role ][0] self.failUnless(role_enabled['checked']) # check if the preserved data is returned correctly preserved = retrieved_data.preserved_data['_Access_contents_information_Permission'] # noqa self.assertEqual(preserved, ('Manager',)) # ----- revert # check that the working copies permissions are unchanged after revert portal_repo.revert(doc, 0) settings = doc.permission_settings(perm)[0] self.failUnless(settings['acquire']) role_enabled = [r for r in settings['roles'] if r['name'] == member_role][0] self.failUnless(role_enabled['checked'])
def test12_retrieveAndRevertRetainWorkingCopiesPermissions(self): portal_repo = self.portal.portal_repository doc = self.portal.doc perm = 'Access contents information' if has_zope4: member_role = 'permission_{0}role_{1}'.format( _string_hash(perm), _string_hash('Member') ) else: roles = list(doc.valid_roles()) member_role = 'p0r{0}'.format(roles.index('Member')) doc.manage_permission(perm, ('Manager',), 0) portal_repo.applyVersionControl(doc) doc.manage_permission(perm, ('Manager', 'Member'), 1) portal_repo.save(doc) # just check the original is unchanged settings = doc.permission_settings(perm)[0] self.assertTrue(settings['acquire']) role_enabled = [r for r in settings['roles'] if r['name'] == member_role][0] self.assertTrue(role_enabled['checked']) # ----- retrieve # check if retrieved object carries the working copy's permissions retrieved_data = portal_repo.retrieve( doc, 0, preserve=['_Access_contents_information_Permission']) settings = retrieved_data.object.permission_settings(perm)[0] self.assertTrue(settings['acquire']) role_enabled = [ r for r in settings['roles'] if r['name'] == member_role ][0] self.assertTrue(role_enabled['checked']) # check that the working copy's permissions are unchanged settings = doc.permission_settings(perm)[0] self.assertTrue(settings['acquire']) role_enabled = [ r for r in settings['roles'] if r['name'] == member_role ][0] self.assertTrue(role_enabled['checked']) # check if the preserved data is returned correctly preserved = retrieved_data.preserved_data['_Access_contents_information_Permission'] # noqa self.assertEqual(preserved, ('Manager',)) # ----- revert # check that the working copies permissions are unchanged after revert portal_repo.revert(doc, 0) settings = doc.permission_settings(perm)[0] self.assertTrue(settings['acquire']) role_enabled = [r for r in settings['roles'] if r['name'] == member_role][0] self.assertTrue(role_enabled['checked'])
def manage_changePermissions(self, REQUEST): """Change all permissions settings, called by management screen.""" valid_roles = self.valid_roles() have = REQUEST.__contains__ permissions = self.ac_inherited_permissions(1) fails = [] for ip in range(len(permissions)): permission_name = permissions[ip][0] permission_hash = _string_hash(permission_name) roles = [] for role in valid_roles: role_name = role role_hash = _string_hash(role_name) if have("permission_%srole_%s" % (permission_hash, role_hash)): roles.append(role) name, value = permissions[ip][:2] try: p = Permission(name, value, self) if not have('acquire_%s' % permission_hash): roles = tuple(roles) p.setRoles(roles) except Exception: fails.append(name) if fails: raise BadRequest('Some permissions had errors: ' + escape(', '.join(fails), True)) if REQUEST is not None: return self.manage_access(REQUEST)
def get_permissions(self): """Permission of object (Security tab in ZMI) :keys: _permissions This works well until Plone 51. From Plone 52, permission_settings method returns a different list. """ self["_permissions"] = {} if getattr(self.context, "permission_settings", False): roles = self.context.validRoles() ps = self.context.permission_settings() for perm in ps: unchecked = 0 if not perm["acquire"]: unchecked = 1 new_roles = [] for role in perm["roles"]: if role["checked"]: if six.PY2: role_idx = role["name"].index("r") + 1 role_name = roles[int(role["name"][role_idx:])] new_roles.append(role_name) else: role_hash = role["name"].split("role_")[1] role_name = [ x for x in roles if _string_hash(x) == role_hash ] new_roles.append(role_name[0]) if unchecked or new_roles: self["_permissions"][perm["name"]] = { "acquire": not unchecked, "roles": new_roles, }