def _do_cat_acl(self, obj): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) acl = {'allow': [], 'deny': []} for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' def grants(i): return ','.join('@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join('%s' % (Role.role_to_nick.get(i, '(%s)' % i)) for i in sorted(perms))) if principal in user_allow: acl['allow'].append('%s:%s:%s' % formatted_perms(user_allow[principal])) if principal in user_deny: acl['deny'].append('%s:%s:%s' % formatted_perms(user_deny[principal])) return acl
def _do_print_acl(self, obj, verbose, recursive, seen): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' if verbose: def grants(i): return ','.join( '@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join( '%s{%s}' % (Role.role_to_nick.get(i, '(%s)' % i), grants(i)) for i in sorted(perms))) else: return (typ, principal, ''.join( Role.role_to_nick.get(i, '(%s)' % i) for i in sorted(perms))) if principal in user_allow: self.write("%s:%s:+%s\n" % formatted_perms(user_allow[principal])) if principal in user_deny: self.write("%s:%s:-%s\n" % formatted_perms(user_deny[principal])) if recursive and IContainer.providedBy(follow_symlinks(obj)): for sobj in follow_symlinks(obj).listcontent(): if follow_symlinks(sobj) not in seen: seen.append(sobj) self.write('%s:\n' % canonical_path(sobj)) self._do_print_acl(sobj, verbose, recursive, seen)
def _do_print_acl(self, obj, verbose, recursive, seen): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' if verbose: def grants(i): return ','.join('@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join('%s{%s}' % (Role.role_to_nick.get(i, '(%s)' % i), grants(i)) for i in sorted(perms))) else: return (typ, principal, ''.join(Role.role_to_nick.get(i, '(%s)' % i) for i in sorted(perms))) if principal in user_allow: self.write("%s:%s:+%s\n" % formatted_perms(user_allow[principal])) if principal in user_deny: self.write("%s:%s:-%s\n" % formatted_perms(user_deny[principal])) if recursive and IContainer.providedBy(follow_symlinks(obj)): for sobj in follow_symlinks(obj).listcontent(): if follow_symlinks(sobj) not in seen: seen.append(sobj) self.write('%s:\n' % canonical_path(sobj)) self._do_print_acl(sobj, verbose, recursive, seen)
def _do_cat_acl(self, obj): prinrole = IPrincipalRoleManager(obj) auth = getUtility(IAuthentication, context=None) user_allow = collections.defaultdict(list) user_deny = collections.defaultdict(list) users = set() for role, principal, setting in prinrole.getPrincipalsAndRoles(): users.add(principal) if setting.getName() == 'Allow': user_allow[principal].append(role) else: user_deny[principal].append(role) acl = {'allow': [], 'deny': []} for principal in users: def formatted_perms(perms): prin = auth.getPrincipal(principal) typ = 'group' if isinstance(prin, Group) else 'user' def grants(i): return ','.join( '@%s' % i[0] for i in rolePermissionManager.getPermissionsForRole(i) if i[0] != 'oms.nothing') return (typ, principal, ''.join('%s' % (Role.role_to_nick.get(i, '(%s)' % i)) for i in sorted(perms))) if principal in user_allow: acl['allow'].append('%s:%s:%s' % formatted_perms(user_allow[principal])) if principal in user_deny: acl['deny'].append('%s:%s:%s' % formatted_perms(user_deny[principal])) return acl