def default_data(self): site = get_site_folder(True) roles = [ r for r in get_roles(self.context, root=site, ignore_groups=True) if not getattr(DACE_ROLES.get(r, None), 'islocal', False) ] return {'roles': roles}
def default_data(self): roles = [r for r in get_roles(self.context) if not getattr(DACE_ROLES.get(r, None), 'islocal', False)] return {'roles': roles, 'title': getattr(self.context, 'title', ''), 'description': getattr(self.context, 'description', ''), 'members': getattr(self.context, 'members', ''), OBJECT_OID: str(get_oid(self.context))}
def test_copy_composite_unique_and_role(self): container, folder, item = self._create_objects() system = self.app['principals']['users']['system'] from dace.objectofcollaboration.principal.util import (grant_roles, get_roles) grant_roles(system, (('System', folder), )) roles = get_roles(user=system, obj=folder) self.assertEqual(roles, ['System']) folder.composition_u = item from dace.util import copy foldercopy = copy(folder, container) self.assertIs(folder.composition_u, item) self.assertIs(item.shared2_u, folder) self.assertIs(foldercopy.composition_u, None) self.assertTrue(hasattr(foldercopy, '__oid__')) self.assertEqual(foldercopy.__name__, 'copy_of_folder') # verify roles weren't copied roles = get_roles(user=system, obj=foldercopy) self.assertEqual(roles, []) foldercopy2 = copy(folder, container, composite_properties=True, roles=True) self.assertEqual(foldercopy2.__name__, 'copy_of_folder-2') # no change for folder and item self.assertIs(folder.composition_u, item) self.assertIs(item.shared2_u, folder) # the copy foldercopy2 of folder contains a copy of item # which is item2 here self.assertIsNot(foldercopy2.composition_u, None) item2 = foldercopy2.composition_u self.assertIsNot(item, item2) # item2 has the same name of item self.assertEqual(item2.__name__, 'item') self.assertTrue(hasattr(item2, '__oid__')) # and the copied composition item2 point to foldercopy2 self.assertIs(item2.shared2_u, foldercopy2) # roles should be copied roles = get_roles(user=system, obj=foldercopy2) self.assertEqual(roles, ['System'])
def test_copy_composite_unique_and_role(self): container, folder, item = self._create_objects() system = self.app['principals']['users']['system'] from dace.objectofcollaboration.principal.util import ( grant_roles, get_roles) grant_roles(system, (('System', folder),)) roles = get_roles(user=system, obj=folder) self.assertEqual(roles, ['System']) folder.composition_u = item from dace.util import copy foldercopy = copy(folder, container) self.assertIs(folder.composition_u, item) self.assertIs(item.shared2_u, folder) self.assertIs(foldercopy.composition_u, None) self.assertTrue(hasattr(foldercopy, '__oid__')) self.assertEqual(foldercopy.__name__, 'copy_of_folder') # verify roles weren't copied roles = get_roles(user=system, obj=foldercopy) self.assertEqual(roles, []) foldercopy2 = copy(folder, container, composite_properties=True, roles=True) self.assertEqual(foldercopy2.__name__, 'copy_of_folder-2') # no change for folder and item self.assertIs(folder.composition_u, item) self.assertIs(item.shared2_u, folder) # the copy foldercopy2 of folder contains a copy of item # which is item2 here self.assertIsNot(foldercopy2.composition_u, None) item2 = foldercopy2.composition_u self.assertIsNot(item, item2) # item2 has the same name of item self.assertEqual(item2.__name__, 'item') self.assertTrue(hasattr(item2, '__oid__')) # and the copied composition item2 point to foldercopy2 self.assertIs(item2.shared2_u, foldercopy2) # roles should be copied roles = get_roles(user=system, obj=foldercopy2) self.assertEqual(roles, ['System'])
def default_data(self): roles = [ r for r in get_roles(self.context) if not getattr(DACE_ROLES.get(r, None), 'islocal', False) ] return { 'roles': roles, 'title': getattr(self.context, 'title', ''), 'description': getattr(self.context, 'description', ''), 'members': getattr(self.context, 'members', ''), OBJECT_OID: str(get_oid(self.context)) }
def start(self, context, request, appstruct, **kw): new_roles = list(appstruct['roles']) authorized_roles = get_authorized_roles() new_roles = [r for r in new_roles if r in authorized_roles] if new_roles: current_roles = [ r for r in get_roles(context) if not getattr(DACE_ROLES.get(r, None), 'islocal', False) ] roles_to_revoke = [r for r in current_roles if r not in new_roles] roles_to_grant = [r for r in new_roles if r not in current_roles] revoke_roles(context, roles_to_revoke) grant_roles(context, roles_to_grant) context.modified_at = datetime.datetime.now(tz=pytz.UTC) context.reindex() request.registry.notify( ActivityExecuted(self, [context], get_current())) return {}
def start(self, context, request, appstruct, **kw): new_roles = list(appstruct['roles']) authorized_roles = get_authorized_roles() new_roles = [r for r in new_roles if r in authorized_roles] if new_roles: current_roles = [r for r in get_roles(context) if not getattr( DACE_ROLES.get(r, None), 'islocal', False)] roles_to_revoke = [r for r in current_roles if r not in new_roles] roles_to_grant = [r for r in new_roles if r not in current_roles] revoke_roles(context, roles_to_revoke) grant_roles(context, roles_to_grant) context.modified_at = datetime.datetime.now(tz=pytz.UTC) context.reindex() request.registry.notify(ActivityExecuted( self, [context], get_current())) return {}
def start(self, context, request, appstruct, **kw): new_roles = list(appstruct['roles']) site = get_site_folder(True) if 'global_site' in kw: site = getSite() current_roles = [r for r in get_roles(context, root=site, ignore_groups=True) if not getattr(DACE_ROLES.get(r, None), 'islocal', False)] roles_to_revoke = [(r, site) for r in current_roles if r not in new_roles] roles_to_grant = [(r, site) for r in new_roles if r not in current_roles] revoke_roles(context, roles_to_revoke) grant_roles(context, roles_to_grant) if 'Member' in roles_to_grant: grant_roles(context, ('Member',)) context.reindex() request.registry.notify(ActivityExecuted(self, [context], get_current())) return {}
def start(self, context, request, appstruct, **kw): new_roles = list(appstruct['roles']) site = get_site_folder(True) if 'global_site' in kw: site = getSite() current_roles = [ r for r in get_roles(context, root=site, ignore_groups=True) if not getattr(DACE_ROLES.get(r, None), 'islocal', False) ] roles_to_revoke = [(r, site) for r in current_roles if r not in new_roles] roles_to_grant = [(r, site) for r in new_roles if r not in current_roles] revoke_roles(context, roles_to_revoke) grant_roles(context, roles_to_grant) if 'Member' in roles_to_grant: grant_roles(context, ('Member', )) context.reindex() request.registry.notify( ActivityExecuted(self, [context], get_current())) return {}
def test_grantroles(self): object1, object2 = self._create_objects() user = self.request.user #Admin self.assertEqual(len(get_roles(user)), 1) self.assertTrue(has_any_roles(user, roles=('Admin', ))) grant_roles(user, roles=('Collaborator', ('Owner', object1))) self.assertTrue(has_any_roles(user, roles=('Collaborator', 'Owner'))) self.assertTrue(has_any_roles(user, roles=('Collaborator', ('Owner', object1)))) self.assertFalse(has_any_roles(user, roles=(('Owner', object2),))) roles = get_roles(user) self.assertEqual(len(roles), 3) self.assertIn('Collaborator',roles) self.assertIn('Owner',roles) self.assertIn('Admin',roles) self.assertTrue(has_all_roles(user, ('Collaborator', 'Owner'))) self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner', 'Other'))) users = get_users_with_role(role=('Owner', object1)) self.assertEqual(len(users), 1) self.assertIn(self.request.user,users) users = get_users_with_role(role='Owner') self.assertEqual(len(users), 1) self.assertIn(self.request.user,users) objects = get_objects_with_role(user=self.request.user, role='Owner') self.assertEqual(len(objects), 1) self.assertIn(object1,objects) revoke_roles(user, roles=(('Owner', object1),)) self.assertFalse(has_all_roles(user, ('Collaborator', 'Owner'))) self.assertTrue(has_all_roles(user, ('Collaborator', ))) revoke_roles(user, roles=('Collaborator', )) self.assertEqual(len(get_roles(user)), 1) self.request.user = self.users['alice'] user = self.request.user #Alice roles = get_roles(user) self.assertEqual(len(roles), 0) grant_roles(user, roles=('Admin',)) roles = get_roles(user) self.assertEqual(len(roles), 1) self.assertIn('Admin',roles) self.assertTrue(has_any_roles(user, roles=('Collaborator', ))) revoke_roles(user, roles=('Admin', )) self.assertFalse(has_any_roles(user, roles=('Collaborator', ))) grant_roles(user, roles=('Developer',)) roles = get_roles(user) self.assertEqual(len(roles), 1) self.assertIn('Developer',roles) self.assertTrue(has_any_roles(user, roles=('Collaborator', ))) self.assertFalse(has_any_roles(user, ('Collaborator', ), True)) #exclude superiors #Anonymous self.request.user = None roles = get_roles() self.assertEqual(len(roles), 1) self.assertIn('Anonymous',roles) self.assertFalse(has_any_roles(roles=('Collaborator', 'Owner'))) self.assertTrue(has_any_roles(roles=('Anonymous',)))
def default_data(self): roles = [ r for r in get_roles(self.context) if not getattr(DACE_ROLES.get(r, None), 'islocal', False) ] return {'roles': roles}
def default_data(self): roles = [r for r in get_roles(self.context) if not getattr(DACE_ROLES.get(r, None), 'islocal', False)] return {'roles': roles}
def default_data(self): site = get_site_folder(True) roles = [r for r in get_roles( self.context, root=site, ignore_groups=True) if not getattr(DACE_ROLES.get(r, None), 'islocal', False)] return {'roles': roles}