def available(self):
"""See zope.app.publisher.interfaces.browser.IBrowserMenuItem"""
# Make sure we have the permission needed to access the menu's action
if self.permission is not None:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(self.permission, self.context):
return False
elif self.action != u'':
# Otherwise, test access by attempting access
path = self.action
l = self.action.find('?')
if l >= 0:
path = self.action[:l]
traverser = PublicationTraverser()
try:
view = traverser.traverseRelativeURL(self.request,
self.context, path)
except (Unauthorized, Forbidden, LookupError):
return False
else:
# we're assuming that view pages are callable
# this is a pretty sound assumption
if not canAccess(view, '__call__'):
return False
# Make sure that we really want to see this menu item
if self.filter is not None:
try:
include = self.filter(
Engine.getContext(
context=self.context,
nothing=None,
request=self.request,
modules=sys.modules,
))
except Unauthorized:
return False
else:
if not include:
return False
return True
def available(self):
"""See zope.app.publisher.interfaces.browser.IBrowserMenuItem"""
# Make sure we have the permission needed to access the menu's action
if self.permission is not None:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(self.permission, self.context):
return False
elif self.action != u'':
# Otherwise, test access by attempting access
path = self.action
l = self.action.find('?')
if l >= 0:
path = self.action[:l]
traverser = PublicationTraverser()
try:
view = traverser.traverseRelativeURL(
self.request, self.context, path)
except (Unauthorized, Forbidden, LookupError):
return False
else:
# we're assuming that view pages are callable
# this is a pretty sound assumption
if not canAccess(view, '__call__'):
return False
# Make sure that we really want to see this menu item
if self.filter is not None:
try:
include = self.filter(Engine.getContext(
context = self.context,
nothing = None,
request = self.request,
modules = sys.modules,
))
except Unauthorized:
return False
else:
if not include:
return False
return True
def getMenu(menu_id, object, request, max=999999):
traverser = PublicationTraverser()
result = []
seen = {}
# stuff for figuring out the selected view
request_url = request.getURL()
for item in globalBrowserMenuService.getAllMenuItems(menu_id, object):
# Make sure we don't repeat a specification for a given title
title = item.title
if title in seen:
continue
seen[title] = 1
permission = item.permission
action = item.action
if permission:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(permission, object):
continue
elif action:
# Otherwise, test access by attempting access
path = action
l = action.find('?')
if l >= 0:
path = action[:l]
try:
v = traverser.traverseRelativeURL(
request, object, path)
# TODO:
# tickle the security proxy's checker
# we're assuming that view pages are callable
# this is a pretty sound assumption
v.__call__
except (Unauthorized, Forbidden):
continue # Skip unauthorized or forbidden
normalized_action = action
if action.startswith('@@'):
normalized_action = action[2:]
if request_url.endswith('/'+normalized_action):
selected='selected'
elif request_url.endswith('/++view++'+normalized_action):
selected='selected'
elif request_url.endswith('/@@'+normalized_action):
selected='selected'
else:
selected=''
result.append({
'title': title,
'description': item.description,
'action': "%s" % action,
'filter': item.filter,
'selected': selected,
'extra': item.extra,
})
if len(result) >= max:
return result
return result
def getMenu(menu_id, object, request, max=999999):
traverser = PublicationTraverser()
result = []
seen = {}
# stuff for figuring out the selected view
request_url = request.getURL()
for item in globalBrowserMenuService.getAllMenuItems(menu_id, object):
# Make sure we don't repeat a specification for a given title
title = item.title
if title in seen:
continue
seen[title] = 1
permission = item.permission
action = item.action
if permission:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(permission, object):
continue
elif action:
# Otherwise, test access by attempting access
path = action
l = action.find('?')
if l >= 0:
path = action[:l]
try:
v = traverser.traverseRelativeURL(request, object, path)
# TODO:
# tickle the security proxy's checker
# we're assuming that view pages are callable
# this is a pretty sound assumption
v.__call__
except (Unauthorized, Forbidden):
continue # Skip unauthorized or forbidden
normalized_action = action
if action.startswith('@@'):
normalized_action = action[2:]
if request_url.endswith('/' + normalized_action):
selected = 'selected'
elif request_url.endswith('/++view++' + normalized_action):
selected = 'selected'
elif request_url.endswith('/@@' + normalized_action):
selected = 'selected'
else:
selected = ''
result.append({
'title': title,
'description': item.description,
'action': "%s" % action,
'filter': item.filter,
'selected': selected,
'extra': item.extra,
})
if len(result) >= max:
return result
return result
