# -*- coding: utf-8 -*-

from AccessControl.SecurityInfo import ModuleSecurityInfo

PROJECTNAME = 'collective.loremipsum'

security = ModuleSecurityInfo(PROJECTNAME)

security.declarePublic('CanPopulate')
CanPopulate = PROJECTNAME + ': Can Populate'
# See also permissions.zcml, but we define them here in python too so
# they can be imported.
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('collective.proxyproperties')
security.declarePublic('ManageProperties')
ManageProperties = "collective.proxyproperties: ManageProperties"
setDefaultRoles(ManageProperties, ( 'Manager',) )
Esempio n. 3
0
# iterate is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# iterate is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with CMFDeployment; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
##################################################################

from Products.CMFEditions import Permissions
from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo

security = ModuleSecurityInfo('plone.app.iterate.permissions')

security.declarePublic('CheckinPermission')
CheckinPermission  = "iterate : Check in content"

security.declarePublic('CheckoutPermission')
CheckoutPermission = "iterate : Check out content"

DEFAULT_ROLES = ('Manager', 'Owner', 'Site Administrator', 'Editor')
setDefaultRoles(CheckinPermission, DEFAULT_ROLES)
setDefaultRoles(CheckoutPermission, DEFAULT_ROLES)
Esempio n. 4
0
File: utils.py Progetto: vwc/fv
from TT.Fischereiverband.config import MAX_TEXT_PREVIEW
from AccessControl.SecurityInfo import ModuleSecurityInfo
from AccessControl.SecurityInfo import ClassSecurityInfo

import re
from DateTime.DateTime import DateTime

security = ModuleSecurityInfo('TT.Fischereiverband.utils')

security.declarePublic('remove_html_tags')
def remove_html_tags(txt):
    p = re.compile(r'<.*?>')
    return p.sub('', txt)

security.declarePublic('back_space')
def back_space(txt, MAX_PREVIEW=300):
    if not txt: return ''
    if len(txt) <= MAX_PREVIEW: return txt
    m = MAX_PREVIEW
    while (txt[m] != ' '): m += 1
    return txt[0:m]+'...'

security.declarePublic('format')
def format(txt, MAX_PREVIEW=300):
    txt = remove_html_tags(txt)
    return back_space(txt, MAX_TEXT_PREVIEW)
Esempio n. 5
0
from OFS.PropertyManager import PropertyManager
from OFS.PropertySheets import PropertySheets
from OFS.SimpleItem import SimpleItem
from thread import allocate_lock
from webdav.common import rfc1123_date
from zope.component import getUtility
from zope.component.interfaces import ComponentLookupError
from zope.dottedname.resolve import resolve as resolve_dotted_name
from zope.i18nmessageid import MessageFactory

from Products.CMFCore.exceptions import AccessControl_Unauthorized
from Products.CMFCore.exceptions import NotFound

SUBTEMPLATE = '__SUBTEMPLATE__'

security = ModuleSecurityInfo( 'Products.CMFCore.utils' )

_globals = globals()
_dtmldir = os_path.join( package_home( globals() ), 'dtml' )
_wwwdir = os_path.join( package_home( globals() ), 'www' )

#
#   Simple utility functions, callable from restricted code.
#
_marker = []  # Create a new marker object.

_tool_interface_registry = {}

security.declarePrivate('registerToolInterface')
def registerToolInterface(tool_id, tool_interface):
    """ Register a tool ID for an interface
Esempio n. 6
0
from DocumentTemplate.DT_Var import whole_dollars
from DocumentTemplate.DT_Var import dollars_and_cents
from DocumentTemplate.DT_Var import structured_text
from DocumentTemplate.DT_Var import sql_quote
from DocumentTemplate.DT_Var import html_quote
from DocumentTemplate.DT_Var import url_quote
from DocumentTemplate.DT_Var import url_quote_plus
from DocumentTemplate.DT_Var import newline_to_br
from DocumentTemplate.DT_Var import thousands_commas
from DocumentTemplate.DT_Var import url_unquote
from DocumentTemplate.DT_Var import url_unquote_plus
from DocumentTemplate.DT_Var import restructured_text
from DocumentTemplate.security import RestrictedDTML
from ZPublisher.HTTPRequest import record

security = ModuleSecurityInfo()

security.declarePublic('special_formats',
                       'whole_dollars',
                       'dollars_and_cents',
                       'structured_text',
                       'restructured_text',
                       'sql_quote',
                       'html_quote',
                       'url_quote',
                       'url_quote_plus',
                       'newline_to_br',
                       'thousands_commas',
                       'url_unquote',
                       'url_unquote_plus',
                       'urlencode',
Esempio n. 7
0
# -*- coding: utf-8 -*-
#
# Copyright 2018-2019 Botswana Harvard Partnership (BHP)

from AccessControl.SecurityInfo import ModuleSecurityInfo
from bhp.lims import api

security = ModuleSecurityInfo(__name__)

@security.public
def guard_send_to_lab(analysis_request):
    """ Guard for send_to_lab transition. Returns true if the current user is
    a client contact, the Sample (context) is active and it belongs to the same
    client.
    """
    if api.is_client_contact():
        user = api.get_current_user()
        client = analysis_request.getClient()
        if not client.getContactFromUsername(user.id):
            return False
    return True


@security.public
def guard_deliver(analysis_request):
    """Guard for deliver transition. Returns true if a Courier has been 
    assigned to the Sample and the Sample (context) is active. Note we
    do not check for roles or client here because permissions for clients
    when the sample is in state `sample_shipped` are already defined in the
    workflow definition.
    """
Esempio n. 8
0
#
##############################################################################
""" Some common utilities.

$Id$
"""

import os

from AccessControl.Permission import Permission
from AccessControl.Role import gather_permissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from App.Common import package_home
from zope.i18nmessageid import MessageFactory

security = ModuleSecurityInfo('Products.DCWorkflow.utils')

_dtmldir = os.path.join( package_home( globals() ), 'dtml' )
_xmldir = os.path.join( package_home( globals() ), 'xml' )


def ac_inherited_permissions(ob, all=0):
    # Get all permissions not defined in ourself that are inherited
    # This will be a sequence of tuples with a name as the first item and
    # an empty tuple as the second.
    d = {}
    perms = getattr(ob, '__ac_permissions__', ())
    for p in perms: d[p[0]] = None
    r = gather_permissions(ob.__class__, [], d)
    if all:
       if hasattr(ob, '_subobject_permissions'):
    'FTP access',
    'List folder contents',
    'List portal members',
    'List undoable changes',
    'Mail forgotten password',
    'Manage properties',
    'Modify portal content',
    'Modify view template',
    'Reply to item',
    'Request review',
    'Review comments',
    'Review portal content',
    'ZCatalog',
    'Set own password',
    'Set own properties',
    'Undo changes',
    'Use mailhost services',
    'Use version control',
    'View',
    'View Groups',
    'View management screens',
    'WebDAV Lock items',
    'WebDAV Unlock items',
    'WebDAV access',
]

security = ModuleSecurityInfo('uwosh.oie.studyabroadstudent')
for role in study_abroad_roles:
    security.declarePublic(role)  # noqa : D001
    setDefaultRoles(role, ())
Esempio n. 10
0
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.

$Id: exceptions.py 110425 2010-04-01 17:19:14Z tseaver $
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo

security = ModuleSecurityInfo('Products.GenericSetup.exceptions')

security.declarePublic('BadRequest')
from zExceptions import BadRequest
Esempio n. 11
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.WorkflowCore import WorkflowException
from Products.CMFCore.utils import getToolByName
from bika.lims import PMF
from bika.lims import enum, api
from bika.lims import logger
from bika.lims.browser import ulocalized_time
from bika.lims.interfaces import IJSONReadExtender
from bika.lims.jsonapi import get_include_fields
from bika.lims.utils import changeWorkflowState
from bika.lims.utils import t
from bika.lims.workflow.indexes import ACTIONS_TO_INDEXES
from zope.interface import implements

security = ModuleSecurityInfo('bika.lims.workflow')
security.declarePublic('guard_handler')

_marker = object()


def skip(instance, action, peek=False, unskip=False):
    """Returns True if the transition is to be SKIPPED

        peek - True just checks the value, does not set.
        unskip - remove skip key (for manual overrides).

    called with only (instance, action_id), this will set the request variable preventing the
    cascade's from re-transitioning the object and return None.
    """
Esempio n. 12
0
        ),
        visibility=None,
        icon='www/portal.gif')

    context.registerClass(
        ERP5AccessTokenExtractionPlugin.ERP5AccessTokenExtractionPlugin,
        permission=ManageUsers,
        constructors=(
            ERP5AccessTokenExtractionPlugin.
            manage_addERP5AccessTokenExtractionPluginForm,
            ERP5AccessTokenExtractionPlugin.addERP5AccessTokenExtractionPlugin,
        ),
        visibility=None,
        icon='www/portal.gif')

    context.registerClass(
        ERP5DumbHTTPExtractionPlugin.ERP5DumbHTTPExtractionPlugin,
        permission=ManageUsers,
        constructors=(
            ERP5DumbHTTPExtractionPlugin.
            manage_addERP5DumbHTTPExtractionPluginForm,
            ERP5DumbHTTPExtractionPlugin.addERP5DumbHTTPExtractionPlugin,
        ),
        visibility=None,
        icon='www/portal.gif')


from AccessControl.SecurityInfo import ModuleSecurityInfo
ModuleSecurityInfo('Products.ERP5Security.ERP5UserManager').declarePublic(
    'getUserByLogin')
Esempio n. 13
0
            try:
                t_browser = TableBrowser()
                t_browser.__name__ = t_info['table_name']
                t_browser._d = t_info
                t_browser._c = connection
                t_browser.icon = table_icons.get(t_info['table_type'], 'text')
                t_list.append(t_browser)
            except Exception:
                pass

        return t_list


InitializeClass(Connection)

mod_security = ModuleSecurityInfo('Products.ZMySQLDA.DA')
mod_security.declareProtected(
    add_zmysql_database_connections,  # NOQA
    'manage_addZMySQLConnectionForm')
manage_addZMySQLConnectionForm = HTMLFile('www/connectionAdd', globals())

mod_security.declareProtected(
    add_zmysql_database_connections,  # NOQA
    'manage_addZMySQLConnection')


def manage_addZMySQLConnection(self,
                               id,
                               title,
                               connection_string,
                               check=None,
Esempio n. 14
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
#http://developer.plone.org/security/custom_permissions.html
security = ModuleSecurityInfo('collective.rcse')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner')
perms = []

for typename in (
    "article",
    "audio",
    "discussion",
    "etherpad",
    "event",
    "file",
    "group",
    "image",
    "video",
):
    ctype = "collective.rcse." + typename
    permid = 'Add' + typename.capitalize()
    permname = 'collective.rcse: Add ' + typename
    security.declarePublic(permid)
    setDefaultRoles(permname, TYPE_ROLES)

AddArticle = "collective.rcse: Add article"
AddAudio = "collective.rcse: Add audio"
AddDiscussion = "collective.rcse: Add discussion"
AddEtherpad = "collective.rcse: Add etherpad"
AddEvent = "collective.rcse: Add event"
AddFile = "collective.rcse: Add file"
AddGroup = "collective.rcse: Add group"
Esempio n. 15
0
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" CMFCore product permissions. """

from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import ApplicationDefaultPermissions
from AccessControl.Permission import pname
from AccessControl.SecurityInfo import ModuleSecurityInfo

security = ModuleSecurityInfo('Products.CMFCore.permissions')

#
# General Zope permissions
#

security.declarePublic('AccessContentsInformation')
AccessContentsInformation = Permissions.access_contents_information

security.declarePublic('ChangePermissions')
ChangePermissions = Permissions.change_permissions

security.declarePublic('DeleteObjects')
DeleteObjects = Permissions.delete_objects

security.declarePublic('FTPAccess')
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product initialization.
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo

from Products.GenericSetup.interfaces import BASE
from Products.GenericSetup.interfaces import EXTENSION
from Products.GenericSetup.permissions import ManagePortal
from Products.GenericSetup.registry import _profile_registry \
    as profile_registry

security = ModuleSecurityInfo('Products.GenericSetup')
security.declareProtected(ManagePortal, 'profile_registry')

def initialize(context):

    import tool

    context.registerClass(tool.SetupTool,
                          constructors=(#tool.addSetupToolForm,
                                        tool.addSetupTool,
                                        ),
                          permissions=(ManagePortal,),
                          interfaces=None,
                          icon='www/tool.png',
                         )
Esempio n. 17
0
from ZTUtils.Zope import complex_marshal

from zope.component import getUtility
from zope.component import queryUtility
from zope import i18n  # disambiguation
from zope.i18n.interfaces import IUserPreferredCharsets
from zope.i18nmessageid import MessageFactory
from zope.publisher.interfaces.browser import IBrowserRequest

from Products.CMFCore.interfaces import IPropertiesTool

from Products.CMFDefault.interfaces import IHTMLScrubber
from Products.CMFDefault.exceptions import EmailAddressInvalid
from Products.CMFDefault.exceptions import IllegalHTML

security = ModuleSecurityInfo('Products.CMFDefault.utils')

security.declarePrivate('_dtmldir')
_dtmldir = os.path.join(package_home(globals()), 'dtml')
_wwwdir = os.path.join(package_home(globals()), 'www')

security.declarePublic('formatRFC822Headers')


def formatRFC822Headers(headers):
    """ Convert the key-value pairs in 'headers' to valid RFC822-style
        headers, including adding leading whitespace to elements which
        contain newlines in order to preserve continuation-line semantics.
    """
    munged = []
    linesplit = re.compile(r'[\n\r]+?')
Esempio n. 18
0
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.

$Id: exceptions.py 110425 2010-04-01 17:19:14Z tseaver $
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('Products.GenericSetup.exceptions')

security.declarePublic('BadRequest')
from zExceptions import BadRequest
Esempio n. 19
0
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
################################################################################

# Imports.
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.ExternalMethod import ExternalMethod
from Products.PageTemplates import ZopePageTemplate
from Products.PythonScripts import PythonScript
import OFS.Image
import os
import re
# Product Imports.
from Products.zms import standard
from Products.zms import _fileutil

security = ModuleSecurityInfo('Products.zms.zopeutil')


class MissingArtefactProxy(object):
    def __init__(self, id, meta_type, data=None):
        self.id = id
        self.meta_type = meta_type
        self.data = data

    icon__roles__ = None

    def zmi_icon(self):
        return 'fas fa-skull-crossbones text-danger'

    getId__roles__ = None
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from plone.app.contenttypes.utils import DEFAULT_TYPES

security = ModuleSecurityInfo('plone.app.contenttypes')

TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')

perms = []

for typename in DEFAULT_TYPES:
    permid = 'Add' + typename
    permname = 'plone.app.contenttypes: Add ' + typename
    security.declarePublic(permid)
    setDefaultRoles(permname, TYPE_ROLES)

AddCollection = "plone.app.contenttypes: Add Collection"
AddDocument = "plone.app.contenttypes: Add Document"
AddEvent = "plone.app.contenttypes: Add Event"
AddFile = "plone.app.contenttypes: Add File"
AddFolder = "plone.app.contenttypes: Add Folder"
AddImage = "plone.app.contenttypes: Add Image"
AddLink = "plone.app.contenttypes: Add Link"
AddNewsItem = "plone.app.contenttypes: Add News Item"
Esempio n. 21
0
    LOG('ERP5Type.__init__', INFO, 'initializeLocalInteractorRegistry')
  initializeLocalInteractorRegistry()
  # We can now install all interactors
  from Products.ERP5Type.InitGenerator import installInteractorClassRegistry
  if DISPLAY_BOOT_PROCESS:
    LOG('ERP5Type.__init__', INFO, 'installInteractorClassRegistry')
  installInteractorClassRegistry()


from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import ModuleSecurityInfo

allow_module('Products.ERP5Type.Cache')
ModuleSecurityInfo('Products.ERP5Type.Utils').declarePublic(
    'sortValueList', 'convertToUpperCase', 'UpperCase',
    'convertToMixedCase', 'cartesianProduct', 'sleep', 'getCommonTimeZoneList',
    'int2letter', 'getMessageIdWithContext', 'getTranslationStringWithContext',
    'Email_parseAddressHeader', 'guessEncodingFromText',
    'isValidTALESExpression')

allow_module('Products.ERP5Type.Message')
ModuleSecurityInfo('Products.ERP5Type.Message').declarePublic('translateString')

allow_module('Products.ERP5Type.Error')
allow_module('Products.ERP5Type.Errors')
allow_module('Products.ERP5Type.JSONEncoder')
allow_module('Products.ERP5Type.Log')
ModuleSecurityInfo('Products.ERP5Type.JSON').declarePublic('dumps', 'loads')
ModuleSecurityInfo('Products.ERP5Type.Constraint').declarePublic('PropertyTypeValidity')
ModuleSecurityInfo('Products.ERP5Type.DiffUtils').declarePublic('DiffFile')
ModuleSecurityInfo('pprint').declarePublic('pformat', 'pprint')
ModuleSecurityInfo('Products.ERP5Type.XMLUtils').declarePublic('parseStream')
Esempio n. 22
0
from DocumentTemplate.DT_Var import whole_dollars
from DocumentTemplate.DT_Var import dollars_and_cents
from DocumentTemplate.DT_Var import structured_text
from DocumentTemplate.DT_Var import sql_quote
from DocumentTemplate.DT_Var import html_quote
from DocumentTemplate.DT_Var import url_quote
from DocumentTemplate.DT_Var import url_quote_plus
from DocumentTemplate.DT_Var import newline_to_br
from DocumentTemplate.DT_Var import thousands_commas
from DocumentTemplate.DT_Var import url_unquote
from DocumentTemplate.DT_Var import url_unquote_plus
from DocumentTemplate.DT_Var import restructured_text
from DocumentTemplate.security import RestrictedDTML
from ZPublisher.HTTPRequest import record

security = ModuleSecurityInfo()

security.declarePublic(
    'special_formats',
    'whole_dollars',
    'dollars_and_cents',
    'structured_text',
    'restructured_text',
    'sql_quote',
    'html_quote',
    'url_quote',
    'url_quote_plus',
    'newline_to_br',
    'thousands_commas',
    'url_unquote',
    'url_unquote_plus',
Esempio n. 23
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('Products.CMFCore.permissions')

security.declarePublic('AddToFavorites')
AddToFavorites = 'collective.favoriting: Add'
setDefaultRoles(AddToFavorites, ('Member', 'Manager'))
Esempio n. 24
0
# -*- coding: utf-8 -*-

from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('cpskin.core.permissions')

security.declarePublic('CPSkinSiteAdministrator')
CPSkinSiteAdministrator = 'CPSkin: Site administrator'
setDefaultRoles(CPSkinSiteAdministrator, ('Site Administrator',
                                          'Manager'))

security.declarePublic('CPSkinEditKeywords')
CPSkinEditKeywords = 'CPSkin: Edit keywords'
setDefaultRoles(CPSkinEditKeywords, ('Site Administrator',
                                     'Manager',
                                     'Portlets Manager'))
Esempio n. 25
0
##############################################################################
""" GenericSetup product initialization.
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo

from Products.GenericSetup.interfaces import BASE
from Products.GenericSetup.interfaces import EXTENSION
from Products.GenericSetup.permissions import ManagePortal
from Products.GenericSetup.registry import _profile_registry \
    as profile_registry

# This is for easier imports by add-ons.
BASE, EXTENSION, profile_registry  # pyflakes

security = ModuleSecurityInfo('Products.GenericSetup')
security.declareProtected(ManagePortal, 'profile_registry')


def initialize(context):

    from . import tool

    context.registerClass(tool.SetupTool,
                          constructors=(#tool.addSetupToolForm,
                                        tool.addSetupTool,
                                        ),
                          permissions=(ManagePortal,),
                          interfaces=None,
                          icon='www/tool.png',
                         )
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('incf.abstractsubmission')
security.declarePublic('AbstractSubmissionCSVExport')
AbstractSubmissionCSVExport = 'AbstractSubmission: CSVExport'
setDefaultRoles(AbstractSubmissionCSVExport, ('Manager', 'Owner'))
Esempio n. 27
0
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from zope.i18nmessageid import MessageFactory

_ = MessageFactory('collective.wfeffectiverange')

# Permissions
security = ModuleSecurityInfo('collective.wfeffectiverange')

security.declarePublic('collective.wfeffectiverange.addTaskFolder')
setDefaultRoles('collective.wfeffectiverange: Add Task Folder',
                ('Manager', 'Site Administrator'))  # noqa

security.declarePublic('collective.wfeffectiverange.addTask')
setDefaultRoles('collective.wfeffectiverange: Add Task',
                ('Manager', 'Site Administrator', 'Reviewer'))  # noqa
Esempio n. 28
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('restarter.policy')
security.declarePublic('ManageAssociationLikes')
ManageAssociationLikes = 'restarter.policy: ManageAssociationLikes'
ManageStories = 'restarter.policy: ManageStories'
setDefaultRoles(ManageAssociationLikes, ('Association',))
Esempio n. 29
0
def initialize(context):
    """Initializer called when used as a Zope 2 product."""

#from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('acentoweb.submanagers')

security.declarePublic('Manage the site administratively')
setDefaultRoles('Manage the site administratively', ())
# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
try:
    __import__('pkg_resources').declare_namespace(__name__)
except ImportError:
    from pkgutil import extend_path
    __path__ = extend_path(__path__, __name__)


from zope.i18nmessageid import MessageFactory
messageFactory = MessageFactory('collective.portlet.oembed')
ploneMessageFactory = MessageFactory('plone')

from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo

security = ModuleSecurityInfo('collective.portlet.oembed')
security.declarePublic('')
AddOembedPortlet = 'collective.portlet.embed: Add oembed portlet'
setDefaultRoles(AddOembedPortlet,
                ('Manager', 'Site Administrator', 'Owner',))
Esempio n. 31
0
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" CMFCore product permissions. """

from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import ApplicationDefaultPermissions
from AccessControl.Permission import pname
from AccessControl.SecurityInfo import ModuleSecurityInfo


security = ModuleSecurityInfo("Products.CMFCore.permissions")

#
# General Zope permissions
#

security.declarePublic("AccessContentsInformation")
AccessContentsInformation = Permissions.access_contents_information

security.declarePublic("ChangePermissions")
ChangePermissions = Permissions.change_permissions

security.declarePublic("DeleteObjects")
DeleteObjects = Permissions.delete_objects

security.declarePublic("FTPAccess")
# -*- coding: utf-8 -*-

from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('collective.deepsitemap')

security.declarePublic('Use Deep Sitemap')
MyPermission = 'collective.deepsitemap: Use Deep Sitemap'
setDefaultRoles(MyPermission, ())

Esempio n. 33
0
from OFS.PropertyManager import PropertyManager
from OFS.SimpleItem import SimpleItem
from zope.component import getUtility
from zope.component import queryUtility
from zope.dottedname.resolve import resolve as resolve_dotted_name
from zope.i18nmessageid import MessageFactory
from zope.interface.interfaces import ComponentLookupError

from .exceptions import AccessControl_Unauthorized
from .exceptions import NotFound
from .interfaces import ICachingPolicyManager


SUBTEMPLATE = '__SUBTEMPLATE__'
ProductsPath = [abspath(ppath) for ppath in Products.__path__]
security = ModuleSecurityInfo('Products.CMFCore.utils')

_globals = globals()
_dtmldir = os_path.join(package_home(globals()), 'dtml')
_wwwdir = os_path.join(package_home(globals()), 'www')

#
#   Simple utility functions, callable from restricted code.
#
_marker = []  # Create a new marker object.

_tool_interface_registry = {}


@security.private
def registerToolInterface(tool_id, tool_interface):
Esempio n. 34
0
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

# http://developer.plone.org/security/custom_permissions.html
security = ModuleSecurityInfo('plone.app.contenttypes')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')

security.declarePublic('wildcard.media.AddWildcardVideo')
setDefaultRoles('wildcard.media.AddWildcardVideo', TYPE_ROLES)
AddWildcardVideo = "wildcard.media.AddWildcardVideo"

security.declarePublic('wildcard.media.AddWildcardAudio')
setDefaultRoles('wildcard.media.AddWildcardAudio', TYPE_ROLES)
AddWildcardAudio = "wildcard.media.AddWildcardAudio"
"""Define CMFNotification specific permissions.

$Id$
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from config import PROJECT_NAME

security = ModuleSecurityInfo(PROJECT_NAME)

security.declarePublic('CMFNotification: Subscribe/unsubscribe')
## Warning: this value is also defined in ``profiles/default/rolemap.xml``
SUBSCRIBE_PERMISSION = 'CMFNotification: Subscribe/unsubscribe'
setDefaultRoles(SUBSCRIBE_PERMISSION, ())
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('collective.favoriting')

security.declarePublic('AddToFavorites')
AddToFavorites = 'collective.favoriting: Add'
setDefaultRoles(AddToFavorites, ('Member', 'Manager'))
Esempio n. 37
0
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo

PROJECTNAME = "domense.homeboxes"
security = ModuleSecurityInfo(PROJECTNAME)

security.declarePublic('ManageSettings')
ManageSettings = PROJECTNAME + ': Manage Homeboxes settings'
Esempio n. 38
0
from zope.component import getUtility
from zope.component import queryUtility
from zope import i18n # disambiguation
from zope.i18n.interfaces import IUserPreferredCharsets
from zope.i18nmessageid import MessageFactory
from zope.publisher.interfaces.browser import IBrowserRequest

from Products.CMFCore.interfaces import IPropertiesTool

from Products.CMFDefault.interfaces import IHTMLScrubber
from Products.CMFDefault.exceptions import EmailAddressInvalid
from Products.CMFDefault.exceptions import IllegalHTML


security = ModuleSecurityInfo( 'Products.CMFDefault.utils' )

security.declarePrivate('_dtmldir')
_dtmldir = os.path.join( package_home( globals() ), 'dtml' )
_wwwdir = os.path.join( package_home( globals() ), 'www' )

security.declarePublic('formatRFC822Headers')
def formatRFC822Headers( headers ):

    """ Convert the key-value pairs in 'headers' to valid RFC822-style
        headers, including adding leading whitespace to elements which
        contain newlines in order to preserve continuation-line semantics.
    """
    munged = []
    linesplit = re.compile( r'[\n\r]+?' )
Esempio n. 39
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('slc.docconv')
security.declarePublic('Convert')
Convert = 'slc.docconv: Convert'
setDefaultRoles(Convert, ('Manager'))
import config
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo(config.PROJECTNAME)
for p in config.ADD_PERMISSIONS:
    
    security.declarePublic(config.ADD_PERMISSIONS[p])
    MyPermission = config.ADD_PERMISSIONS[p]
    setDefaultRoles(MyPermission, ('Manager', 'Owner'))
Esempio n. 41
0
# -*- coding: utf-8 -*-
from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo


security = ModuleSecurityInfo('rt.lastmodifier.permissions')

security.declarePublic('DocumentByLineViewAuthor')
DocumentByLineViewAuthor = 'rt.lastmodifier: documentByLine view author'
setDefaultRoles(DocumentByLineViewAuthor, ())

security.declarePublic('DocumentByLineViewLastModifier')
DocumentByLineViewLastModifier = 'rt.lastmodifier: documentByLine view last modifier'
setDefaultRoles(DocumentByLineViewLastModifier, ())

security.declarePublic('DocumentByLineViewModifiedDate')
DocumentByLineViewModifiedDate = 'rt.lastmodifier: documentByLine view modification date'
setDefaultRoles(DocumentByLineViewModifiedDate, ())

security.declarePublic('DocumentByLineViewPublishedDate')
DocumentByLineViewPublishedDate = 'rt.lastmodifier: documentByLine view publication date'
setDefaultRoles(DocumentByLineViewPublishedDate, ())

security.declarePublic('DocumentByLineViewChangeNote')
DocumentByLineViewChangeNote = 'rt.lastmodifier: documentByLine view change note'
setDefaultRoles(DocumentByLineViewChangeNote, ())

security.declarePublic('EditChangeNoteShowState')
EditChangeNoteShowState = 'rt.lastmodifier: choose to show change note'
setDefaultRoles(EditChangeNoteShowState, ())
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('plumi.content')

security.declarePublic('ReTranscodePermission')
ReTranscodePermission = 'plumi.content: ReTranscode Video'
setDefaultRoles(ReTranscodePermission, ())
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('Products.CMFCore.permissions')

security.declarePublic("DexterityImport")
DexterityImport = "collective.importexport: Import"
#TODO: should allow readers to seee this too since they can do an export?
setDefaultRoles(DexterityImport, ("Owner", "Contributor" "Site Administrator", "Manager"))
Esempio n. 44
0
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" CMFCore product permissions.

$Id: permissions.py 113196 2010-06-06 13:46:20Z hannosch $
"""

from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import ApplicationDefaultPermissions
from AccessControl.Permission import pname
from AccessControl.SecurityInfo import ModuleSecurityInfo


security = ModuleSecurityInfo('Products.CMFCore.permissions')

#
# General Zope permissions
#

security.declarePublic('AccessContentsInformation')
AccessContentsInformation = Permissions.access_contents_information

security.declarePublic('ChangePermissions')
ChangePermissions = Permissions.change_permissions

security.declarePublic('DeleteObjects')
DeleteObjects = Permissions.delete_objects

security.declarePublic('FTPAccess')
Esempio n. 45
0
import sys

from AccessControl.class_init import InitializeClass
from AccessControl.SecurityInfo import ClassSecurityInfo
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Acquisition import Implicit
from App.config import getConfiguration 
from App.special_dtml import DTMLFile
from DateTime.DateTime import DateTime
from OFS.SimpleItem import Item
from OFS.PropertyManager import PropertyManager
from OFS.History import Historical
from OFS.History import html_diff
from Persistence import Persistent

modulesecurity = ModuleSecurityInfo()

modulesecurity.declareProtected('View management screens',
    'manage_addZReSTForm')
manage_addZReSTForm = DTMLFile('dtml/manage_addZReSTForm', globals())

modulesecurity.declareProtected('Add RestructuredText Document', 'manage_addZReST')
def manage_addZReST(self, id, file='', REQUEST=None):
    """Add a ZReST product """
    # validate the instance_home
    self._setObject(id, ZReST(id))
    self._getOb(id).manage_upload(file)
    if REQUEST is not None:
        return self.manage_main(self, REQUEST)

class Warnings: