Exemple #1
0
    def Groupfinder(self, userid, request=None, context=None):
        """
        returns the list of groups assigned to the user 
        """
        if request:
            try:
                user = request.environ["authenticated_user"]
            except KeyError:
                user = self.root().GetUser(userid)
                request.environ["authenticated_user"] = user

                def remove_user(request):
                    if "authenticated_user" in request.environ:
                        del request.environ["authenticated_user"]

                request.add_finished_callback(remove_user)
        else:
            user = self.root().GetUser(userid)

        if user is None:
            return None

        # users groups or empty list
        groups = user.groups or ()

        # lookup context for local roles
        if context is None and hasattr(request, "context"):
            context = request.context
        if context and ILocalGroups.providedBy(context):
            local = context.GetLocalGroups(userid, user=user)
            if not groups:
                return local
            return tuple(list(groups) + list(local))
        return groups
Exemple #2
0
    def Groupfinder(self, userid, request=None, context=None):
        """
        returns the list of groups assigned to the user 
        """
        if request:
            try:
                user = request.environ["authenticated_user"]
            except:
                user = self.root().GetUser(userid)
                request.environ["authenticated_user"] = user
                def remove_user(request):
                    if "authenticated_user" in request.environ:
                        del request.environ["authenticated_user"]
                request.add_finished_callback(remove_user)
        else:
                user = self.root().GetUser(userid)
        if not user:
            return None

        # users groups or empty list
        groups = user.groups or ()

        # lookup context for local roles
        if not context and hasattr(request, "context"):
            context = request.context
        if context and ILocalGroups.providedBy(context):
            local = context.GetLocalGroups(userid, user=user)
            if not groups:
                return local
            return tuple(list(groups)+list(local))
        return groups
Exemple #3
0
    def Allow(self, context, user):
        """
        Checks if the transition can be executed in the current context.

        parameters ::
        
            context: the context object
            user: the current user

        returns True/False        
        """
        # condition
        if self.conditions:
            for c in self.conditions:
                if isinstance(c, basestring):
                    c = ResolveName(c)
                if not c(transition=self,
                         context=context,
                         user=user,
                         values=self.values):
                    return False
        # roles
        if self.roles == WfAllRoles:
            return True
        if user:
            # call registered authentication policy
            groups = effective_principals()
            if groups == None:
                # no pyramid authentication policy activated
                # use custom user lookup
                groups = user.GetGroups(context)
                if context and ILocalGroups.providedBy(context):
                    local = context.GetLocalGroups(unicode(user))
                    groups = list(groups) + list(local)
        else:
            groups = (u"system.Everyone", )
        for r in groups:
            if r in self.process.adminGroups:
                return True
            if r in self.roles:
                return True
        return False
Exemple #4
0
    def Allow(self, context, user):
        """
        Checks if the transition can be executed in the current context.

        parameters ::
        
            context: the context object
            user: the current user

        returns True/False        
        """
        # condition
        if self.conditions:
            for c in self.conditions:
                if isinstance(c, basestring):
                    c = ResolveName(c)
                if not c(transition=self, context=context, user=user, values=self.values):
                    return False
        # roles
        if self.roles == WfAllRoles:
            return True
        if user:
            # call registered authentication policy
            groups = effective_principals()
            if groups==None:
                # no pyramid authentication policy activated
                # use custom user lookup
                groups = user.GetGroups(context)
                if context and ILocalGroups.providedBy(context):
                    local = context.GetLocalGroups(unicode(user))
                    groups = list(groups)+list(local)
        else:
            groups = (u"system.Everyone",)
        for r in groups:
            if r in self.process.adminGroups:
                return True
            if r in self.roles:
                return True
        return False