def query_iterator(query, parent):
"""Generator of the items in a query.
Checks if the user has view permission on the objects """
for item in query:
item.__parent__ = parent
if checkPermission(view_permission(item), item):
yield item
def query_iterator(query, parent):
"""Generator of the items in a query.
Checks if the user has view permission on the objects """
for item in query:
item.__parent__ = parent
if checkPermission(view_permission(item), item):
yield item
def for_display(self):
"""Do not display viewlet unless the user can view at least one item.
"""
if len(self.context):
for item in self.context.values():
if checkPermission(view_permission(item), item):
return True
return False
def for_display(self):
"""Do not display viewlet unless the user can view at least one item.
"""
if len(self.context):
for item in self.context.values():
if checkPermission(view_permission(item), item):
return True
return False
def values(self):
workflow = capi.get_type_info(self.context.domain_model).workflow
public_wfstates = workflow.get_state_ids(tagged=["public"],
restrict=False)
return [
x for x in self.context.values()
if checkPermission(view_permission(x), x)
and x.status in public_wfstates
]
def version_data_items(self):
# version log is only concerned with own versions (not of any child
# objects) i.e. only own "version changes"; as "data_provider" we
# simply use the versions attribute on context:
if self._data_items is None:
self._data_items = []
# sorted desc by sqlalchemy, so following sorting not necessary:
permission = view_permission(self.context)
for v in removeSecurityProxy(self.context).versions:
if checkPermission(permission, v):
self._data_items.append(v)
return self._data_items
def version_data_items(self):
# version log is only concerned with own versions (not of any child
# objects) i.e. only own "version changes"; as "data_provider" we
# simply use the versions attribute on context:
if self._data_items is None:
self._data_items = []
# sorted desc by sqlalchemy, so following sorting not necessary:
permission = view_permission(self.context)
for v in removeSecurityProxy(self.context).versions:
if checkPermission(permission, v):
self._data_items.append(v)
return self._data_items
def _query(self, **kw):
principal = common.get_request_principal()
roles = get_workspace_roles()
group_roles_domain_status = self.item_status_filter(kw, roles)
session = Session()
results = []
count = 0
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
for domain_class, status in group_roles_domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
#filter on title
query = self.filter_title(query, domain_class, kw)
#filter on status_date
query = self.filter_status_date(query, domain_class, kw)
# Order results
query = self.order_query(query, domain_class, kw, reverse)
results.extend(query.all())
for obj_role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS:
object_roles_domain_status = self.item_status_filter(
kw, [obj_role])
for domain_class, status in object_roles_domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
#filter on title
query = self.filter_title(query, domain_class, kw)
#filter on status_date
query = self.filter_status_date(query, domain_class, kw)
# Order results
query = self.order_query(query, domain_class, kw, reverse)
for obj in query.all():
if obj in results:
continue
prm = IPrincipalRoleMap(obj)
if (prm.getSetting(obj_role, principal.id) == Allow):
results.append(
contained(obj, self, self.string_key(obj)))
results = [
item for item in results
if checkPermission(view_permission(item),
contained(item, self, self.string_key(item)))
]
# Sort items
if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
reverse=reverse)
count = len(results)
if not (kw.get("filter_title", None) or kw.get("filter_type", None)
or kw.get("filter_status", None)
or kw.get("filter_status_date", None)):
self.set_tab_count(principal.id, count)
return (results, count)
def _query(self, **kw):
principal = utils.get_principal()
roles = get_workspace_roles()
group_roles_domain_status = self.item_status_filter(kw, roles)
session = Session()
results = []
count = 0
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
for domain_class, status in group_roles_domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
#filter on title
query = self.filter_title(query, domain_class, kw)
#filter on status_date
query = self.filter_status_date(query, domain_class, kw)
# Order results
query = self.order_query(query, domain_class, kw, reverse)
results.extend(query.all())
for obj_role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS:
object_roles_domain_status = self.item_status_filter(
kw, [obj_role])
for domain_class, status in object_roles_domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
#filter on title
query = self.filter_title(query, domain_class, kw)
#filter on status_date
query = self.filter_status_date(query, domain_class, kw)
# Order results
query = self.order_query(query, domain_class, kw, reverse)
for obj in query.all():
if obj in results:
continue
prm = IPrincipalRoleMap(obj)
if (prm.getSetting(obj_role, principal.id) == Allow):
results.append(
contained(obj, self, self.string_key(obj)))
results = [item for item in results if checkPermission(
view_permission(item), contained(item, self, self.string_key(item)))]
# Sort items
if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
reverse=reverse)
count = len(results)
if not (kw.get("filter_title", None) or
kw.get("filter_type", None) or
kw.get("filter_status", None) or
kw.get("filter_status_date", None)
):
self.set_tab_count(principal.id, count)
return (results, count)
def _query(self, **kw):
# !+REWORK **kw to be explicit keywords, see context.query() in ui/workspace.py
session = Session()
results = []
count = 0
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
principal_id = common.get_request_principal().id
def extend_results_for_roles(roles):
domain_status = self.item_status_filter(kw, roles)
OBJECT_ROLES = [
role for role in roles
if role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS
]
for domain_class, status in domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
query = self.filter_group(query, domain_class, kw)
query = self.filter_title(query, domain_class, kw)
query = self.filter_status_date(query, domain_class, kw)
query = self.order_query(query, domain_class, kw, reverse)
for obj in query.all():
if obj in results:
continue
if OBJECT_ROLES:
prm = IPrincipalRoleMap(obj)
if not prm.getSetting(obj_role, principal_id) == Allow:
continue
results.append(contained(obj, self, self.string_key(obj)))
# get results for roles
extend_results_for_roles(get_workspace_roles())
for obj_role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS:
extend_results_for_roles([obj_role])
# filter
results = [
item for item in results
if checkPermission(view_permission(item), item)
]
# sort items
if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
reverse=reverse)
count = len(results)
if not (kw.get("filter_title", None) or kw.get("filter_type", None)
or kw.get("filter_status", None)
or kw.get("filter_status_date", None)):
self.set_tab_count(principal_id, count)
return (results, count)
def _query(self, **kw):
# !+REWORK **kw to be explicit keywords, see context.query() in ui/workspace.py
session = Session()
results = []
count = 0
reverse = True if (kw.get("sort_dir", "desc") == "desc") else False
principal_id = common.get_request_principal().id
def extend_results_for_roles(roles):
domain_status = self.item_status_filter(kw, roles)
OBJECT_ROLES = [
role for role in roles if role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS ]
for domain_class, status in domain_status.iteritems():
query = session.query(domain_class).filter(
domain_class.status.in_(status)).enable_eagerloads(False)
query = self.filter_group(query, domain_class, kw)
query = self.filter_title(query, domain_class, kw)
query = self.filter_status_date(query, domain_class, kw)
query = self.order_query(query, domain_class, kw, reverse)
for obj in query.all():
if obj in results:
continue
if OBJECT_ROLES:
prm = IPrincipalRoleMap(obj)
if not prm.getSetting(obj_role, principal_id) == Allow:
continue
results.append(contained(obj, self, self.string_key(obj)))
# get results for roles
extend_results_for_roles(get_workspace_roles())
for obj_role in ROLES_DIRECTLY_DEFINED_ON_OBJECTS:
extend_results_for_roles([obj_role])
# filter
results = [ item for item in results
if checkPermission(view_permission(item), item) ]
# sort items
if (kw.get("sort_on", None) and kw.get("sort_dir", None)):
results.sort(key=lambda x: getattr(x, str(kw.get("sort_on"))),
reverse=reverse)
count = len(results)
if not (kw.get("filter_title", None) or
kw.get("filter_type", None) or
kw.get("filter_status", None) or
kw.get("filter_status_date", None)
):
self.set_tab_count(principal_id, count)
return (results, count)
def list_container_items(container_instance, permission=None):
"""Generate list of container items with permission check
Note that we first try to generate the permission name or fall
back to zope.View
"""
sort_fields = []
from bungeni.core.workflows.utils import view_permission
trusted = proxy.removeSecurityProxy(container_instance)
domain_model = trusted._class
type_info = capi.get_type_info(domain_model)
descriptor = type_info.descriptor_model
if descriptor.sort_on:
order_func = sort_dir_funcs.get(descriptor.sort_dir, sql.desc)
for field in descriptor.sort_on:
sort_fields.append(order_func(getattr(domain_model, field)))
if not permission:
permission = view_permission(domain_model)
for item in trusted.batch(limit=None, order_by=tuple(sort_fields)):
if checkPermission(permission, item):
yield item
def list_container_items(container_instance, permission=None):
"""Generate list of container items with permission check
Note that we first try to generate the permission name or fall
back to zope.View
"""
sort_fields = []
from bungeni.core.workflows.utils import view_permission
trusted = proxy.removeSecurityProxy(container_instance)
domain_model = trusted._class
type_info = capi.get_type_info(domain_model)
descriptor = type_info.descriptor_model
if descriptor.sort_on:
order_func = sort_dir_funcs.get(descriptor.sort_dir, sql.desc)
for field in descriptor.sort_on:
sort_fields.append(order_func(getattr(domain_model, field)))
if not permission:
permission = view_permission(domain_model)
for item in trusted.batch(limit=None, order_by=tuple(sort_fields)):
if checkPermission(permission, item):
yield item
def append_visible_changes_on_item(item):
permission = view_permission(item)
for c in domain.get_changes(item, *self.param_audit_actions):
if checkPermission(permission, c):
changes.append(c)
def values(self):
workflow = capi.get_type_info(self.context.domain_model).workflow
public_wfstates = workflow.get_state_ids(tagged=["public"],
restrict=False)
return [ x for x in self.context.values()
if checkPermission(view_permission(x), x) and x.status in public_wfstates ]
