예제 #1
0
    def cached_prinper(self, parent, principal, groups, permission):
        # Compute the permission, if any, for the principal.
        cache = self.cache(parent)
        try:
            cache_prin = cache.prin
        except AttributeError:
            cache_prin = cache.prin = {}

        cache_prin_per = cache_prin.get(principal)
        if not cache_prin_per:
            cache_prin_per = cache_prin[principal] = {}

        try:
            return cache_prin_per[permission]
        except KeyError:
            pass

        if parent is None:
            prinper = SettingAsBoolean[
                globalPrincipalPermissionSetting(permission, principal, None)]
            cache_prin_per[permission] = prinper
            return prinper

        prinper = IPrincipalPermissionMap(parent, None)
        if prinper is not None:
            prinper = SettingAsBoolean[
                prinper.getSetting(permission, principal, None)]
            if prinper is not None:
                cache_prin_per[permission] = prinper
                return prinper

        parent = removeSecurityProxy(getattr(parent, '__parent__', None))
        prinper = self.cached_prinper(parent, principal, groups, permission)
        cache_prin_per[permission] = prinper
        return prinper
예제 #2
0
def get_principals_with_access_content(obj):
    if obj is None:
        return {}
    active_roles = get_principals_with_access_content(
        removeSecurityProxy(getattr(obj, '__parent__', None)))
    prinperm = IPrincipalPermissionMap(obj)

    for role, permission in prinperm.getRow('plone.AccessContent'):
        active_roles[role] = permission
    return active_roles
예제 #3
0
def settingsForObject(ob):
    """Analysis tool to show all of the grants to a process
    """
    result = []
    while ob is not None:
        data = {}
        result.append((getattr(ob, '__name__', '(no name)'), data))

        principalPermissions = IPrincipalPermissionMap(ob, None)
        if principalPermissions is not None:
            settings = principalPermissions.getPrincipalsAndPermissions()
            settings.sort()
            data['principalPermissions'] = [
                {'principal': pr, 'permission': p, 'setting': s}
                for (p, pr, s) in settings]

        principalRoles = IPrincipalRoleMap(ob, None)
        if principalRoles is not None:
            settings = principalRoles.getPrincipalsAndRoles()
            data['principalRoles'] = [
                {'principal': p, 'role': r, 'setting': s}
                for (r, p, s) in settings]

        rolePermissions = IRolePermissionMap(ob, None)
        if rolePermissions is not None:
            settings = rolePermissions.getRolesAndPermissions()
            data['rolePermissions'] = [
                {'permission': p, 'role': r, 'setting': s}
                for (p, r, s) in settings]

        ob = getattr(ob, '__parent__', None)

    data = {}
    result.append(('global settings', data))

    settings = principalPermissionManager.getPrincipalsAndPermissions()
    settings.sort()
    data['principalPermissions'] = [
        {'principal': pr, 'permission': p, 'setting': s}
        for (p, pr, s) in settings]

    settings = principalRoleManager.getPrincipalsAndRoles()
    data['principalRoles'] = [
        {'principal': p, 'role': r, 'setting': s}
        for (r, p, s) in settings]

    settings = rolePermissionManager.getRolesAndPermissions()
    data['rolePermissions'] = [
        {'permission': p, 'role': r, 'setting': s}
        for (p, r, s) in settings]

    return result
예제 #4
0
async def sharing_get(context, request):
    roleperm = IRolePermissionMap(context)
    prinperm = IPrincipalPermissionMap(context)
    prinrole = IPrincipalRoleMap(context)
    result = {'local': {}, 'inherit': []}
    result['local']['role_permission'] = roleperm._byrow
    result['local']['principal_permission'] = prinperm._byrow
    result['local']['principal_role'] = prinrole._byrow
    for obj in iter_parents(context):
        roleperm = IRolePermissionMap(obj)
        prinperm = IPrincipalPermissionMap(obj)
        prinrole = IPrincipalRoleMap(obj)
        result['inherit'].append({
            '@id': IAbsoluteURL(obj, request)(),
            'role_permission': roleperm._byrow,
            'principal_permission': prinperm._byrow,
            'principal_role': prinrole._byrow,
        })
    await notify(ObjectPermissionsViewEvent(context))
    return result
    def cached_prinper(self, parent, principal, groups, permission):
        cache = self.cache(parent)
        try:
            cache_prin = cache.prin
        except AttributeError:
            cache_prin = cache.prin = {}

        cache_prin_per = cache_prin.get(principal)
        if not cache_prin_per:
            cache_prin_per = cache_prin[principal] = {}

        try:
            return cache_prin_per[permission]
        except KeyError:
            pass

        if parent is None:
            prinper = SettingAsBoolean[globalPrincipalPermissionSetting(
                permission, principal, None)]
            cache_prin_per[permission] = prinper
            return prinper

        prinper = IPrincipalPermissionMap(parent, None)
        if prinper is not None:
            prinper = SettingAsBoolean[prinper.getSetting(
                permission, principal, None)]
            if prinper is not None:
                cache_prin_per[permission] = prinper
                return prinper

        if getattr(parent, 'inherit_permissions', None):
            parent = removeSecurityProxy(getattr(parent, '__parent__', None))
            prinper = self.cached_prinper(parent, principal, groups,
                                          permission)
            cache_prin_per[permission] = prinper
            return prinper

        prinper = SettingAsBoolean[globalPrincipalPermissionSetting(
            permission, principal, None)]
        cache_prin_per[permission] = prinper
        return prinper