def test_had_read_access(self): model = loadString(""" <model xmlns="http://namespaces.plone.org/supermodel/schema"> <schema /> </model> """) context = self.new_temporary_folder() # no permission -> has access self.assertTrue( security.has_read_access(model.schema, 'fieldname', context) ) security.set_read_permissions( model.schema, {'fieldname': 'cmf.ManagePortal'} ) # anonymous has no access now self.assertFalse( security.has_read_access(model.schema, 'fieldname', context) ) # but the admin does with self.user('admin'): self.assertTrue( security.has_read_access(model.schema, 'fieldname', context) )
def fields(self, position): has_access = lambda field: security.has_read_access( self.schema, field, self.context ) fields = get_detail_fields(self.schema).get(position) if not fields: return [] return [f for f in fields if has_access(f)]
def _get_schema_columns(schema, context, restricted): columns = [] titles = get_custom_column_titles(schema) for ix, fields in enumerate(get_columns(schema)): if restricted: fields = [ f for f in fields if has_read_access(schema, f, context) ] if fields: columns.append(SchemaColumn(schema, fields, titles[ix])) return columns