예제 #1
0
 def get_principals(self):
     # index the principal which have View permission. This is according to
     # the allowedRolesAndUsers index but it does not car of global roles.
     allowed_roles = rolesForPermissionOn(View, self)
     principals = []
     for principal, roles in _mergedLocalRoles(self).items():
         for role in roles:
             if role in allowed_roles:
                 principals.append(safe_unicode(principal))
                 break
     return principals
예제 #2
0
 def get_principals(self):
     # index the principal which have View permission. This is according to
     # the allowedRolesAndUsers index but it does not car of global roles.
     allowed_roles = rolesForPermissionOn(View, self)
     principals = []
     for principal, roles in _mergedLocalRoles(self).items():
         for role in roles:
             if role in allowed_roles:
                 principals.append(safe_unicode(principal))
                 break
     return principals
예제 #3
0
    def test_mergedLocalRolesOnFunctions(self):
        from Products.CMFCore.utils import _mergedLocalRoles

        class Dummy(object):
            __ac_local_roles__ = {'a': 'b'}

            def render(self):
                pass

        obj = Dummy()
        self.assertDictEqual(
            _mergedLocalRoles(obj.render),
            {'a': 'b'},
        )
예제 #4
0
    def test_mergedLocalRolesManipulation(self):
        # The _mergedLocalRoles function used to return references to
        # actual local role settings and it was possible to manipulate them
        # by changing the return value. http://www.zope.org/Collectors/CMF/376
        from Products.CMFCore.tests.base.dummy import DummyContent
        from Products.CMFCore.utils import _mergedLocalRoles
        obj = DummyContent()
        obj.manage_addLocalRoles('dummyuser1', ['Manager', 'Owner'])
        self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)

        merged_roles = _mergedLocalRoles(obj)
        merged_roles['dummyuser1'].append('FOO')

        # The values on the object itself should still the the same
        self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)
예제 #5
0
파일: test_utils.py 프로젝트: goschtl/zope 
    def test_mergedLocalRolesManipulation(self):
        # The _mergedLocalRoles function used to return references to
        # actual local role settings and it was possible to manipulate them
        # by changing the return value. http://www.zope.org/Collectors/CMF/376
        from Products.CMFCore.tests.base.dummy import DummyContent
        from Products.CMFCore.utils import _mergedLocalRoles
        obj = DummyContent()
        obj.manage_addLocalRoles('dummyuser1', ['Manager', 'Owner'])
        self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)

        merged_roles = _mergedLocalRoles(obj)
        merged_roles['dummyuser1'].append('FOO')

        # The values on the object itself should still the the same
        self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)
예제 #6
0
 def allowedRolesAndUsers(self):
     """
     Return a list of roles and users with View permission.
     Used by PortalCatalog to filter out items you're not allowed to see.
     """
     ob = self.__ob
     allowed = {}
     for r in rolesForPermissionOn(View, ob):
         allowed[r] = 1
     localroles = _mergedLocalRoles(ob)
     for user, roles in localroles.items():
         for role in roles:
             if allowed.has_key(role):
                 allowed['user:'******'Owner'):
         del allowed['Owner']
     return list(allowed.keys())
예제 #7
0
파일: CatalogTool.py 프로젝트: goschtl/zope 
 def allowedRolesAndUsers(self):
     """
     Return a list of roles and users with View permission.
     Used by PortalCatalog to filter out items you're not allowed to see.
     """
     ob = self.__ob
     allowed = {}
     for r in rolesForPermissionOn(View, ob):
         allowed[r] = 1
     localroles = _mergedLocalRoles(ob)
     for user, roles in localroles.items():
         for role in roles:
             if allowed.has_key(role):
                 allowed['user:'******'Owner'):
         del allowed['Owner']
     return list(allowed.keys())
예제 #8
0
def editors(obj):
    """ Return a list of users who are editors of this folder.
    Pretty much copied from CatalogTool.allowedRolesAndUsers().
    """
    allowed_roles = ['Editor']
    allowed = {}
    try:
        acl_users = getToolByName(obj, 'acl_users', None)
        if acl_users is not None:
            localroles = acl_users._getAllLocalRoles(obj)
    except AttributeError:
        localroles = _mergedLocalRoles(obj)
    for user, roles in localroles.items():
        for role in roles:
            if role in allowed_roles:
                allowed['user:' + user] = 1
    return list(allowed.keys())
예제 #9
0
def index_task(obj, event):
    """Index the given task in opengever.globalindex.
    """
    # Skip this handler when trying to remove a Plone site. Otherwise the
    # component registry is already gone and we'll run into trouble.
    if IObjectRemovedEvent.providedBy(event) \
            and IPloneSiteRoot.providedBy(event.object):
        return None

    parent = aq_parent(aq_inner(obj))

    client_id = get_client_id()
    intids = getUtility(IIntIds)
    try:
        int_id = intids.getId(obj)
    except KeyError:
        try:
            # In some case (remote task updating etc)
            # only the base_object provides an intid.
            int_id = intids.getId(aq_base(obj))
        except KeyError:
            # The intid event handler didn' create a intid for this object
            # yet. The event will be fired again after creating the id.
            return

    session = Session()
    try:
        task = session.query(Task).filter(Task.client_id == client_id).filter(
            Task.int_id == int_id).one()
    except NoResultFound:
        task = Task(int_id, client_id)
        session.add(task)

    # title
    maximum_title_length = Task.title.property.columns[0].type.length
    title = obj.title
    if not isinstance(title, unicode):
        title = title.decode('utf-8')
    title = title[:maximum_title_length]
    task.title = title

    # Generate and store the breadcrumb tooltip
    breadcrumb_titles = []
    breadcrumbs_view = getMultiAdapter((obj, obj.REQUEST),
                                       name='breadcrumbs_view')
    for elem in breadcrumbs_view.breadcrumbs():
        if isinstance(elem.get('Title'), unicode):
            breadcrumb_titles.append(elem.get('Title'))
        else:
            breadcrumb_titles.append(elem.get('Title').decode('utf-8'))

    # we prevent to raise database-error, if we have a too long string
    # Shorten the breadcrumb_title to: mandant1 > repo1 > ...
    join_value = ' > '
    end_value = '...'

    maximum_length = Task.breadcrumb_title.property.columns[0].type.length
    maximum_length -= len(end_value)

    breadcrumb_title = breadcrumb_titles
    actual_length = 0

    for i, breadcrumb in enumerate(breadcrumb_titles):
        add_length = len(breadcrumb) + len(join_value) + len(end_value)
        if (actual_length + add_length) > maximum_length:
            breadcrumb_title = breadcrumb_titles[:i]
            breadcrumb_title.append(end_value)
            break

        actual_length += len(breadcrumb) + len(join_value)

    task.breadcrumb_title = join_value.join(breadcrumb_title)

    url_tool = obj.unrestrictedTraverse('@@plone_tools').url()
    task.physical_path = '/'.join(url_tool.getRelativeContentPath(obj))
    wftool = getToolByName(obj, 'portal_workflow')
    task.review_state = wftool.getInfoFor(obj, 'review_state')
    task.icon = obj.getIcon()
    task.responsible = obj.responsible
    task.issuer = obj.issuer

    # we need to have python datetime objects for make it work with sqlite etc.
    task.deadline = obj.deadline
    task.completed = obj.date_of_completion
    task.modified = obj.modified().asdatetime().replace(tzinfo=None)

    task.task_type = obj.task_type
    task.is_subtask = parent.portal_type == 'opengever.task.task'

    task.sequence_number = getUtility(ISequenceNumber).get_number(obj)
    task.reference_number = IReferenceNumber(obj).get_number()

    #get the containing_dossier value directly with the indexer
    catalog = getToolByName(obj, 'portal_catalog')
    task.containing_dossier = getMultiAdapter(
        (obj, catalog), IIndexer, name='containing_dossier')()

    # the dossier_sequence_number index is required for generating lists
    # of tasks as PDFs (LaTeX) as defined by the customer.
    task.dossier_sequence_number = get_dossier_sequence_number(obj)

    task.assigned_client = obj.responsible_client

    # index the predecessor
    if obj.predecessor:
        pred_client_id, pred_init_id = obj.predecessor.split(':', 1)
        try:
            predecessor = session.query(Task).filter_by(
                client_id=pred_client_id, int_id=pred_init_id).one()
        except NoResultFound:
            # For some reason the referenced predecessor doesn't exist
            predecessor = None

    else:
        predecessor = None

    task.predecessor = predecessor

    # index the principal which have View permission. This is according to the
    # allowedRolesAndUsers index but it does not car of global roles.
    allowed_roles = rolesForPermissionOn(View, obj)
    principals = []
    for principal, roles in _mergedLocalRoles(obj).items():
        for role in roles:
            if role in allowed_roles:
                principals.append(principal.decode('utf-8'))
                break

    task.principals = principals