コード例 #1
0
    def _principal_search_results(self,
                                  search_for_principal,
                                  get_principal_by_id,
                                  get_principal_title,
                                  principal_type,
                                  id_key):
        """Return search results for a query to add new users or groups.

        Returns a list of dicts, as per role_settings().

        Arguments:
            search_for_principal -- a function that takes an IPASSearchView and
                a search string. Uses the former to search for the latter and
                returns the results.
            get_principal_by_id -- a function that takes a user id and returns
                the user of that id
            get_principal_title -- a function that takes a user and a default
                title and returns a human-readable title for the user. If it
                can't think of anything good, returns the default title.
            principal_type -- either 'user' or 'group', depending on what kind
                of principals you want
            id_key -- the key under which the principal id is stored in the
                dicts returned from search_for_principal
        """
        context = self.context

        translated_message = translate(_(u"Search for user or group"),
                context=self.request)
        search_term = self.request.form.get('search_term', None)
        if not search_term or search_term == translated_message:
            return []

        existing_principals = set([p['id'] for p in self.existing_role_settings()
                                if p['type'] == principal_type])
        empty_roles = dict([(r['id'], False) for r in self.roles()])
        info = []

        hunter = getMultiAdapter((context, self.request), name='pas_search')
        for principal_info in search_for_principal(hunter, search_term):
            principal_id = principal_info[id_key]
            if principal_id not in existing_principals:
                principal = get_principal_by_id(principal_id)
                roles = empty_roles.copy()
                if principal is None:
                    continue

                for r in principal.getRoles():
                    if r in roles:
                        roles[r] = 'global'
                login = principal.getUserName()
                if principal_type == 'group':
                    login = None
                info.append(dict(id = principal_id,
                                 title = get_principal_title(principal,
                                                             principal_id),
                                 login = login,
                                 type = principal_type,
                                 roles = roles))
        return info
コード例 #2
0
ファイル: patches.py プロジェクト: AndreaVentur10/ulearn.core
def handle_form(self):
    """
        We split this out so we can reuse this for ajax.
        Will return a boolean if it was a post or not
        """
    postback = True

    form = self.request.form
    submitted = form.get('form.submitted', False)
    save_button = form.get('form.button.Save', None) is not None
    cancel_button = form.get('form.button.Cancel', None) is not None

    if submitted and save_button and not cancel_button:
        if not self.request.get('REQUEST_METHOD', 'GET') == 'POST':
            raise Forbidden

        authenticator = self.context.restrictedTraverse(
            '@@authenticator', None)
        if not authenticator.verify():
            raise Forbidden

        # Update the acquire-roles setting
        if self.can_edit_inherit():
            inherit = bool(form.get('inherit', False))
            reindex = self.update_inherit(inherit, reindex=False)
        else:
            reindex = False

        # Update settings for users and groups
        entries = form.get('entries', [])
        roles = [r['id'] for r in self.roles()]
        settings = []
        for entry in entries:
            settings.append(
                dict(id=entry['id'],
                     type=entry['type'],
                     roles=[
                         r for r in roles if entry.get('role_%s' % r, False)
                     ]))
        if settings:
            reindex = self.update_role_settings(settings,
                                                reindex=False) or reindex
            notify(LocalrolesModifiedEvent(self.context, self.request))
        if reindex:
            self.context.reindexObjectSecurity()
            notify(LocalrolesModifiedEvent(self.context, self.request))
        IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."),
                                                      type='info')

    # Other buttons return to the sharing page
    if cancel_button:
        postback = False

    return postback
コード例 #3
0
ファイル: sharing.py プロジェクト: CGTIC/Plone_SP
    def handle_form(self):
        """
        We split this out so we can reuse this for ajax.
        Will return a boolean if it was a post or not
        """
        postback = True

        form = self.request.form
        submitted = form.get('form.submitted', False)
        save_button = form.get('form.button.Save', None) is not None
        cancel_button = form.get('form.button.Cancel', None) is not None
        if submitted and save_button and not cancel_button:
            if not self.request.get('REQUEST_METHOD', 'GET') == 'POST':
                raise Forbidden

            authenticator = self.context.restrictedTraverse('@@authenticator',
                                                            None)
            if not authenticator.verify():
                raise Forbidden

            # Update the acquire-roles setting
            if self.can_edit_inherit():
                inherit = bool(form.get('inherit', False))
                reindex = self.update_inherit(inherit, reindex=False)
            else:
                reindex = False

            # Update settings for users and groups
            entries = form.get('entries', [])
            roles = [r['id'] for r in self.roles()]
            settings = []
            for entry in entries:
                settings.append(
                    dict(id=entry['id'],
                         type=entry['type'],
                         roles=[r for r in roles
                            if entry.get('role_%s' % r, False)]))
            if settings:
                reindex = self.update_role_settings(settings, reindex=False) \
                            or reindex
            if reindex:
                self.context.reindexObjectSecurity()
                notify(LocalrolesModifiedEvent(self.context, self.request))
            IStatusMessage(self.request).addStatusMessage(
                _(u"Changes saved."), type='info')

        # Other buttons return to the sharing page
        if cancel_button:
            postback = False

        return postback
コード例 #4
0
    def __call__(self):
        """Perform the update and redirect if necessary, or render the page
        """
        
        postback = True
        
        form = self.request.form
        submitted = form.get('form.submitted', False)
    
        cancel_button = form.get('form.button.Cancel', None) is not None
    
        if submitted and not cancel_button:

            if not self.request.get('REQUEST_METHOD','GET') == 'POST':
                raise Forbidden

            authenticator = self.context.restrictedTraverse('@@authenticator', None) 
            if not authenticator.verify(): 
                raise Forbidden

            # Update the acquire-roles setting
            inherit = bool(form.get('inherit', False))
            reindex = self.update_inherit(inherit, reindex=False)

            # Update settings for users and groups
            entries = form.get('entries', [])
            roles = [r['id'] for r in self.roles()]
            settings = []
            for entry in entries:
                settings.append(
                    dict(id = entry['id'],
                         type = entry['type'],
                         roles = [r for r in roles if entry.get('role_%s' % r, False)]))
            if settings:
                reindex = self.update_role_settings(settings, reindex=False) or reindex

            if reindex:
                self.context.reindexObjectSecurity()
            IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."), type='info')

        # Other buttons return to the sharing page
        if cancel_button:
            postback = False

        if postback:
            return self.index()
        else:
            context_state = self.context.restrictedTraverse("@@plone_context_state")
            url = context_state.view_url()
            self.request.response.redirect(url)
コード例 #5
0
ファイル: sharing.py プロジェクト: plamut/plone.app.workflow
    def handle_form(self):
        """
        We split this out so we can reuse this for ajax.
        Will return a boolean if it was a post or not
        """
        postback = True

        form = self.request.form
        submitted = form.get("form.submitted", False)
        save_button = form.get("form.button.Save", None) is not None
        cancel_button = form.get("form.button.Cancel", None) is not None
        if submitted and save_button and not cancel_button:
            if not self.request.get("REQUEST_METHOD", "GET") == "POST":
                raise Forbidden

            authenticator = self.context.restrictedTraverse("@@authenticator", None)
            if not authenticator.verify():
                raise Forbidden

            # Update the acquire-roles setting
            if self.can_edit_inherit():
                inherit = bool(form.get("inherit", False))
                reindex = self.update_inherit(inherit, reindex=False)
            else:
                reindex = False

            # Update settings for users and groups
            entries = form.get("entries", [])
            roles = [r["id"] for r in self.roles()]
            settings = []
            for entry in entries:
                settings.append(
                    dict(
                        id=entry["id"], type=entry["type"], roles=[r for r in roles if entry.get("role_%s" % r, False)]
                    )
                )
            if settings:
                reindex = self.update_role_settings(settings, reindex=False) or reindex
            if reindex:
                self.context.reindexObjectSecurity()
            IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."), type="info")

        # Other buttons return to the sharing page
        if cancel_button:
            postback = False

        return postback
コード例 #6
0
    def existing_role_settings(self):
        """Get current settings for users and groups that have already got
        at least one of the managed local roles.

        Returns a list of dicts as per role_settings()
        """
        context = self.context

        portal_membership = getToolByName(context, 'portal_membership')
        portal_groups = getToolByName(context, 'portal_groups')
        acl_users = getToolByName(context, 'acl_users')

        info = []

        # This logic is adapted from computeRoleMap.py

        local_roles = acl_users._getLocalRolesForDisplay(context)
        acquired_roles = self._inherited_roles() + self._borg_localroles()
        available_roles = [r['id'] for r in self.roles()]

        # first process acquired roles
        items = {}
        for name, roles, rtype, rid in acquired_roles:
            items[rid] = dict(id = rid,
                              name = name,
                              type = rtype,
                              sitewide = [],
                              acquired = roles,
                              local = [], )

        # second process local roles
        for name, roles, rtype, rid in local_roles:
            if rid in items:
                items[rid]['local'] = roles
            else:
                items[rid] = dict(id = rid,
                                  name = name,
                                  type = rtype,
                                  sitewide = [],
                                  acquired = [],
                                  local = roles, )

        # Make sure we always get the authenticated users virtual group
        if AUTH_GROUP not in items:
            items[AUTH_GROUP] = dict(id = AUTH_GROUP,
                                     name = _(u'Logged-in users'),
                                     type = 'group',
                                     sitewide = [],
                                     acquired = [],
                                     local = [], )

        # If the current user has been given roles, remove them so that he
        # doesn't accidentally lock himself out.

        member = portal_membership.getAuthenticatedMember()
        if member.getId() in items:
            items[member.getId()]['disabled'] = True

        # Sort the list: first the authenticated users virtual group, then
        # all other groups and then all users, alphabetically

        dec_users = [(a['id'] not in self.STICKY,
                       a['type'],
                       a['name'],
                       a) for a in items.values()]
        dec_users.sort()

        # Add the items to the info dict, assigning full name if possible.
        # Also, recut roles in the format specified in the docstring

        for d in dec_users:
            item = d[-1]
            name = item['name']
            rid = item['id']
            login = rid
            global_roles = set()

            if item['type'] == 'user':
                member = acl_users.getUserById(rid)
                if member is not None:
                    name = member.getProperty('fullname') or member.getUserName() or name
                    global_roles = set(member.getRoles())
                    login = member.getUserName()
            elif item['type'] == 'group':
                g = portal_groups.getGroupById(rid)
                name = g.getGroupTitleOrName()
                login = None
                global_roles = set(g.getRoles())

                # This isn't a proper group, so it needs special treatment :(
                if rid == AUTH_GROUP:
                    name = _(u'Logged-in users')

            info_item = dict(id = item['id'],
                             type = item['type'],
                             title = name,
                             disabled = item.get('disabled', False),
                             roles = {})
            if login != name:
                info_item['login'] = login

            # Record role settings
            have_roles = False
            for r in available_roles:
                if r in global_roles:
                    info_item['roles'][r] = 'global'
                elif r in item['acquired']:
                    info_item['roles'][r] = 'acquired'
                    have_roles = True # we want to show acquired roles
                elif r in item['local']:
                    info_item['roles'][r] = True
                    have_roles = True # at least one role is set
                else:
                    info_item['roles'][r] = False

            if have_roles or rid in self.STICKY:
                info.append(info_item)

        return info
コード例 #7
0
class ManagerRole(object):
    implements(IRolesPageRole)
    title = _(u"title_can_manage", default=u"Can manage")
    required_permission = "Change local roles"
コード例 #8
0
class ReviewerRole(object):
    implements(ISharingPageRole)

    title = _(u"title_can_review", default=u"Can review")
    required_permission = permissions.DelegateReviewerRole
    required_interface = None
コード例 #9
0
class ContributorRole(object):
    implements(ISharingPageRole)

    title = _(u"title_can_add", default=u"Can add")
    required_permission = permissions.DelegateContributorRole
    required_interface = None
コード例 #10
0
def sharing_handle_form(self):
    """
    We split this out so we can reuse this for ajax.
    Will return a boolean if it was a post or not
    """

    postback = True

    form = self.request.form
    submitted = form.get('form.submitted', False)
    save_button = form.get('form.button.Save', None) is not None
    cancel_button = form.get('form.button.Cancel', None) is not None
    if submitted and save_button and not cancel_button:
        if not self.request.get('REQUEST_METHOD', 'GET') == 'POST':
            raise Forbidden

        old_ac_local_roles_block = getattr(
            self.context, '__ac_local_roles_block__', None)

        authenticator = self.context.restrictedTraverse('@@authenticator',
                                                        None)
        if not authenticator.verify():
            raise Forbidden

        # Update the acquire-roles setting
        if self.can_edit_inherit():
            inherit = bool(form.get('inherit', False))
            reindex = self.update_inherit(inherit, reindex=False)
        else:
            reindex = False

        entries = form.get('entries', [])
        roles = [r['id'] for r in self.roles()]
        settings = []
        for entry in entries:
            settings.append(
                dict(id=entry['id'],
                     type=entry['type'],
                     roles=[r for r in roles
                            if entry.get('role_%s' % r, False)]))
        if settings:

            old_settings = self.context.get_local_roles()
            old_settings_dict = dict([(userid, set(roles))
                                      for userid, roles in old_settings])
            settings_dict = dict([(d['id'], set(d['roles']))
                                  for d in settings])

            old_userids = set(
                [tp[0] for tp in old_settings if list(tp[1]) != ['Owner']])
            new_userids = set([d['id'] for d in settings if d['roles']])
            all_userids = old_userids | new_userids

            reindex = self.update_role_settings(settings, reindex=False) \
                or reindex
            new_ac_local_roles_block = getattr(
                self.context, '__ac_local_roles_block__', None)

            diff_context = dict()
            diff_context['removed_userids'] = old_userids - new_userids
            diff_context['added_userids'] = new_userids - old_userids
            diff_context['block_localroles'] = bool(new_ac_local_roles_block)
            diff_context['role_changes'] = dict()
            for userid, roles in settings_dict.items():
                old_roles = old_settings_dict.get(userid, set())
                if roles == old_roles:
                    continue

                roles_added = roles - old_roles
                roles_removed = old_roles - roles
                user = plone.api.user.get(userid)
                fullname = email = None
                if user:
                    fullname = user.getProperty('fullname')
                    email = user.getProperty('email')
                diff_context['role_changes'][userid] = dict(
                    fullname=fullname, email=email, added=roles_added, removed=roles_removed)

        if reindex:
            self.context.reindexObjectSecurity()
            event = LocalrolesModifiedEvent(self.context, self.request)
            event.diff_context = diff_context
            notify(event)

        IStatusMessage(self.request).addStatusMessage(
            _(u"Changes saved."), type='info')

    # Other buttons return to the sharing page
    if cancel_button:
        postback = False

    return postback
コード例 #11
0
ファイル: utilities.py プロジェクト: hellfish2/opengever.core
class AdministratorRole(grok.GlobalUtility):
    grok.name('Administrator')
    implements(ISharingPageRole)

    title = _(u"title_can_administrate", default=u"Can administrate")
    required_permission = permissions.DelegateRoles
コード例 #12
0
ファイル: utilities.py プロジェクト: hellfish2/opengever.core
class PublisherRole(grok.GlobalUtility):
    grok.name('Publisher')
    implements(ISharingPageRole)

    title = _(u"title_can_publish", default=u"Can publish")
    required_permission = permissions.DelegateRoles
コード例 #13
0
ファイル: localroles.py プロジェクト: vedantc98/Plone-test
class ReviewerRole(object):

    title = _(u"title_can_review", default=u"Can review")
    required_permission = permissions.DelegateReviewerRole
    required_interface = None
コード例 #14
0
ファイル: localroles.py プロジェクト: vedantc98/Plone-test
class ContributorRole(object):

    title = _(u"title_can_add", default=u"Can add")
    required_permission = permissions.DelegateContributorRole
    required_interface = None
コード例 #15
0
ファイル: localroles.py プロジェクト: vedantc98/Plone-test
class EditorRole(object):

    title = _(u"title_can_edit", default=u"Can edit")
    required_permission = permissions.DelegateEditorRole
    required_interface = None
コード例 #16
0
class EditorRole(object):
    implements(ISharingPageRole)

    title = _(u"title_can_edit", default=u"Can edit")
    required_permission = permissions.DelegateEditorRole
    required_interface = None
コード例 #17
0
def sharing_handle_form(self):
    """
    We split this out so we can reuse this for ajax.
    Will return a boolean if it was a post or not
    """

    postback = True

    form = self.request.form
    submitted = form.get('form.submitted', False)
    save_button = form.get('form.button.Save', None) is not None
    cancel_button = form.get('form.button.Cancel', None) is not None
    if submitted and save_button and not cancel_button:
        if not self.request.get('REQUEST_METHOD', 'GET') == 'POST':
            raise Forbidden

        old_ac_local_roles_block = getattr(self.context,
                                           '__ac_local_roles_block__', None)

        authenticator = self.context.restrictedTraverse(
            '@@authenticator', None)
        if not authenticator.verify():
            raise Forbidden

        # Update the acquire-roles setting
        if self.can_edit_inherit():
            inherit = bool(form.get('inherit', False))
            reindex = self.update_inherit(inherit, reindex=False)
        else:
            reindex = False

        entries = form.get('entries', [])
        roles = [r['id'] for r in self.roles()]
        settings = []
        for entry in entries:
            settings.append(
                dict(id=entry['id'],
                     type=entry['type'],
                     roles=[
                         r for r in roles if entry.get('role_%s' % r, False)
                     ]))
        if settings:

            old_settings = self.context.get_local_roles()
            old_settings_dict = dict([(userid, set(roles))
                                      for userid, roles in old_settings])
            settings_dict = dict([(d['id'], set(d['roles']))
                                  for d in settings])

            old_userids = set(
                [tp[0] for tp in old_settings if list(tp[1]) != ['Owner']])
            new_userids = set([d['id'] for d in settings if d['roles']])
            all_userids = old_userids | new_userids

            reindex = self.update_role_settings(settings, reindex=False) \
                or reindex
            new_ac_local_roles_block = getattr(self.context,
                                               '__ac_local_roles_block__',
                                               None)

            diff_context = dict()
            diff_context['removed_userids'] = old_userids - new_userids
            diff_context['added_userids'] = new_userids - old_userids
            diff_context['block_localroles'] = bool(new_ac_local_roles_block)
            diff_context['role_changes'] = dict()
            for userid, roles in settings_dict.items():
                old_roles = old_settings_dict.get(userid, set())
                if roles == old_roles:
                    continue

                roles_added = roles - old_roles
                roles_removed = old_roles - roles
                user = plone.api.user.get(userid)
                fullname = email = None
                if user:
                    fullname = user.getProperty('fullname')
                    email = user.getProperty('email')
                diff_context['role_changes'][userid] = dict(
                    fullname=fullname,
                    email=email,
                    added=roles_added,
                    removed=roles_removed)

        if reindex:
            self.context.reindexObjectSecurity()
            event = LocalrolesModifiedEvent(self.context, self.request)
            event.diff_context = diff_context
            notify(event)

        IStatusMessage(self.request).addStatusMessage(_(u"Changes saved."),
                                                      type='info')

    # Other buttons return to the sharing page
    if cancel_button:
        postback = False

    return postback