def fields(self): """Dynamically generate a responsible field with the Keywordwidget for each selected template. """ # When using the keywordwidget autocomplete search, the widget is # traversing anonymously. Therefore we're not able to get the selected # templates and generate all fields correctly. # Therefore we handle all responsible widget traversals "manually". responsible_field_match = re.match( r'^{}(.*?)\.responsible$'.format(re.escape('++widget++form.widgets.')), self.request._steps[-1]) if IDeferSecurityCheck.providedBy(self.request) and responsible_field_match: field = Field(ITaskTemplate['responsible'], prefix=responsible_field_match.group(1),) field.widgetFactory[INPUT_MODE] = ParameterizedWidget( KeywordWidget, async=True) return Fields(field) self.fallback_field = ITaskTemplate['responsible'] fields = [] for template in self.get_selected_tasktemplates(): schema_field = copy.copy(ITaskTemplate['responsible']) field = Field(schema_field, prefix=template.id) field.field.required = True field.widgetFactory[INPUT_MODE] = ParameterizedWidget( KeywordWidget, async=True) fields.append(field) return Fields(*fields)
def getTile(self): # if IDeferSecurityCheck is provided by the request, # you can't use restricted traverse, perms aren't set up yet. if IDeferSecurityCheck.providedBy(self.request): view = getMultiAdapter((self.context, self.request), name=self.tileType.__name__) return view[self.tileId] else: return self.context.restrictedTraverse('@@{0}/{1}'.format( self.tileType.__name__, self.tileId))
def getTile(self): # if IDeferSecurityCheck is provided by the request, # you can't use restricted traverse, perms aren't set up yet. if IDeferSecurityCheck.providedBy(self.request): view = getMultiAdapter((self.context, self.request), name=self.tileType.__name__) return view[self.tileId] else: return self.context.restrictedTraverse('@@%s/%s' % ( self.tileType.__name__, self.tileId,))
def update(self): super(CustomEditForm, self).update() tile = self.getTile() if (not IDeferSecurityCheck.providedBy(self.request) and not tile.isAllowedToEdit()): # if IDeferSecurityCheck is provided by the request, # we're not going to worry about security, perms not set up yet raise Unauthorized( _(u'You are not allowed to add this kind of tile'))
def update(self): # Support drafting tile data context if PLONE_APP_DRAFTS: ICurrentDraftManagement(self.request).mark() # Override to check the tile add/edit permission if not IDeferSecurityCheck.providedBy(self.request): if not checkPermission(self.tileType.add_permission, self.context): raise Unauthorized( "You are not allowed to add this kind of tile") super(TileForm, self).update()
def update(self): # Set up draft information if required currentDraft = ICurrentDraftManagement(self.request) currentDraft.mark() # Override to check the tile add/edit permission if not IDeferSecurityCheck.providedBy(self.request): if not checkPermission(self.tileType.add_permission, self.context): raise Unauthorized( "You are not allowed to add this kind of tile") super(TileForm, self).update()
def update(self): if not IDeferSecurityCheck.providedBy(self.request): allowed_ids = [ fti.getId() for fti in self.context.allowedContentTypes() ] if self.portal_type not in allowed_ids: raise ValueError( 'Subobject type disallowed by IConstrainTypes adapter: %s' % self.portal_type) super(DefaultAddForm, self).update() # fire the edit begun only if no action was executed if len(self.actions.executedActions) == 0: notify(AddBegunEvent(self.context))
def update(self): if not IDeferSecurityCheck.providedBy(self.request): allowed_ids = [fti.getId() for fti in self.context.allowedContentTypes()] if self.portal_type not in allowed_ids: raise ValueError( 'Subobject type disallowed by IConstrainTypes adapter: %s' % self.portal_type ) super(DefaultAddForm, self).update() # fire the edit begun only if no action was executed if len(self.actions.executedActions) == 0: notify(AddBegunEvent(self.context))
def wrapper(self, *args, **kwargs): request = globalrequest.getRequest() if IDeferSecurityCheck.providedBy(request): old_security_manager = getSecurityManager() newSecurityManager( None, UnrestrictedUser('manager', '', ['Manager'], [])) try: return func(self, *args, **kwargs) except: pass finally: # Note that finally is also called before return setSecurityManager(old_security_manager) return func(self, *args, **kwargs) else: return func(self, *args, **kwargs)
def getContent(self): typeName = self.tileType.__name__ tileId = self.tileId # Traverse to the tile. If it is a transient tile, it will pick up # query string parameters from the original request It is necessary to # defer security checking because during initial form setup, the # security context is not yet set. Setting the IDeferSecurityCheck # interface on the request is handled in # plone.z3cform.traversal.FormWidgetTraversal if IDeferSecurityCheck.providedBy(self.request): tile = self.context.unrestrictedTraverse("@@%s/%s" % (typeName, tileId)) else: tile = self.context.restrictedTraverse("@@%s/%s" % (typeName, tileId)) dataManager = ITileDataManager(tile) return AcquirableDictionary(dataManager.get()).__of__(self.context)
def getContent(self): typeName = self.tileType.__name__ tileId = self.tileId # Traverse to the tile. If it is a transient tile, it will pick up # query string parameters from the original request It is necessary to # defer security checking because during initial form setup, the # security context is not yet set. Setting the IDeferSecurityCheck # interface on the request is handled in # plone.z3cform.traversal.FormWidgetTraversal if IDeferSecurityCheck.providedBy(self.request): tile = self.context.unrestrictedTraverse( '@@%s/%s' % (typeName, tileId,)) else: tile = self.context.restrictedTraverse( '@@%s/%s' % (typeName, tileId,)) dataManager = ITileDataManager(tile) return AcquirableDictionary(dataManager.get()).__of__(self.context)
def updateWidgets(self): """Change the label of the dynamically generated responsible fields. """ super(SelectResponsiblesWizardStep, self).updateWidgets() if IDeferSecurityCheck.providedBy(self.request): return for name in self.widgets: if not name.endswith('responsible'): continue widget = self.widgets[name] template_id = self.fields[name].prefix template = self.get_selected_task_templatefolder().get(template_id) widget.label = translate(_( 'label_responsible_for_task', default=u'Responsible \xab${template_title}\xbb', mapping={'template_title': template.title}), context=self.request) if template.responsible: widget.value = self.get_responsible_widget_value(template)
def updateWidgets(self): """Change the label of the dynamically generated responsible fields. """ super(SelectResponsiblesWizardStep, self).updateWidgets() if IDeferSecurityCheck.providedBy(self.request): return for name in self.widgets: if not name.endswith('responsible'): continue widget = self.widgets[name] template_id = self.fields[name].prefix template = self.get_selected_task_templatefolder().get(template_id) widget.label = translate( _('label_responsible_for_task', default=u'Responsible \xab${template_title}\xbb', mapping={'template_title': template.title}), context=self.request) if template.responsible: widget.value = self.get_responsible_widget_value(template)