def applyPermissionsForExistentCoUsers(factory):
site = grok.getSite()
hfm = IHomeFolderManager(site)
principal = factory.object
master_id = IMasterUser(principal).id
if hfm.get(master_id) is None:
hfm.create(IMasterUser(principal).id)
homefolder = principal.homefolder #IHomeFolder(principal)
if homefolder is None:
return
um = getUtility(IUserManagement)
user = um.getUser(principal.id)
if not user:
return
rollen = user['rollen']
if user['az'] != '00':
pid = "%s-%s" % (user['mnr'], user['az'])
else:
pid = user['mnr']
if homefolder.__name__ != pid:
for pf in homefolder.keys():
if pf in rollen:
prm = IPrincipalRoleManager(homefolder.get(pf))
if prm.getSetting('uvc.Editor', pid).getName() == 'Unset':
prm.assignRoleToPrincipal('uvc.Editor', pid)
uvcsite.log('Give uvc.Editor to %s in folder %s' %
(pid, pf))
def applyViewContentForCoUsers(factory):
principal = factory.object
homefolder = None
#if IUnauthenticatedPrincipal.providedBy(principal):
# homefolder = principal.homefolder
#else:
# # Workaround, um weiter arbeiten zu können - CK muss noch fixen
# #try:
# # homefolder = IHomeFolder(principal)
# #except TypeError:
# # return
# homefolder = IHomeFolder(principal)
homefolder = principal.homefolder
if not homefolder:
return
if homefolder.__name__ != principal.id:
hprm = IPrincipalRoleManager(homefolder)
if hprm.getSetting('uvc.HomeFolderUser',
principal.id).getName() in ('Deny', 'Unset'):
hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id)
uvcsite.log(
'applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s'
% (principal.id, homefolder.__name__))
def applyViewContentForCoUsers(factory):
principal = factory.object
homefolder = IHomeFolder(principal).homeFolder
if not homefolder:
return
if homefolder.__name__ != principal.id:
hprm = IPrincipalRoleManager(homefolder)
if hprm.getSetting('uvc.HomeFolderUser', principal.id).getName() in ('Deny', 'Unset'):
hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id)
log('applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s' % (principal.id, homefolder.__name__))
def applyViewContentForCoUsers(factory):
principal = factory.object
homefolder = IHomeFolder(principal).homeFolder
if not homefolder:
return
if homefolder.__name__ != principal.id:
hprm = IPrincipalRoleManager(homefolder)
setting = hprm.getSetting('uvc.HomeFolderUser', principal.id).getName()
if setting in ('Deny', 'Unset'):
hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id)
log('applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s'
% (principal.id, homefolder.__name__))
def applyPermissionsForExistentCoUsers(factory):
principal = factory.object
createProductFolders(principal)
homefolder = IHomeFolder(principal).homeFolder
if not homefolder:
return
um = getUtility(IUserManagement)
user = um.getUser(principal.id)
rollen = user['rollen']
if user['az'] != '00':
pid = "%s-%s" % (user['mnr'], user['az'])
else:
pid = user['mnr']
if homefolder.__name__ != pid:
for pf in homefolder.keys():
if pf in rollen:
prm = IPrincipalRoleManager(homefolder.get(pf))
if prm.getSetting('uvc.Editor', pid).getName() == 'Unset':
prm.assignRoleToPrincipal('uvc.Editor', pid)
uvcsite.log('Give uvc.Editor to %s in folder %s' % (pid, pf))
def status(self):
setUpWidget(self, 'principal', self.principal_field, IInputWidget)
if not self.principal_widget.hasInput():
return u''
try:
principal = self.principal_widget.getInputValue()
except MissingInputError:
return u''
self.principal = principal
# Make sure we can use the principal id in a form by base64ing it
principal_token = unicode(principal).encode('base64').strip().replace(
'=', '_')
roles = [role for name, role in getUtilitiesFor(IRole)]
roles.sort(lambda x, y: cmp(x.title, y.title))
principal_roles = IPrincipalRoleManager(self.context)
self.roles = []
for role in roles:
name = principal_token + '.role.'+role.id
field = zope.schema.Choice(__name__= name,
title=role.title,
vocabulary=settings_vocabulary)
setUpWidget(self, name, field, IInputWidget,
principal_roles.getSetting(role.id, principal))
self.roles.append(getattr(self, name+'_widget'))
perms = [perm for name, perm in getUtilitiesFor(IPermission)]
perms.sort(lambda x, y: cmp(x.title, y.title))
principal_perms = IPrincipalPermissionManager(self.context)
self.permissions = []
for perm in perms:
if perm.id == 'zope.Public':
continue
name = principal_token + '.permission.'+perm.id
field = zope.schema.Choice(__name__=name,
title=perm.title,
vocabulary=settings_vocabulary)
setUpWidget(self, name, field, IInputWidget,
principal_perms.getSetting(perm.id, principal))
self.permissions.append(
getattr(self, name+'_widget'))
if 'GRANT_SUBMIT' not in self.request:
return u''
for role in roles:
name = principal_token + '.role.'+role.id
role_widget = getattr(self, name+'_widget')
if role_widget.hasInput():
try:
setting = role_widget.getInputValue()
except MissingInputError:
pass
else:
# Arrgh!
if setting is Allow:
principal_roles.assignRoleToPrincipal(
role.id, principal)
elif setting is Deny:
principal_roles.removeRoleFromPrincipal(
role.id, principal)
else:
principal_roles.unsetRoleForPrincipal(
role.id, principal)
for perm in perms:
if perm.id == 'zope.Public':
continue
name = principal_token + '.permission.'+perm.id
perm_widget = getattr(self, name+'_widget')
if perm_widget.hasInput():
try:
setting = perm_widget.getInputValue()
except MissingInputError:
pass
else:
# Arrgh!
if setting is Allow:
principal_perms.grantPermissionToPrincipal(
perm.id, principal)
elif setting is Deny:
principal_perms.denyPermissionToPrincipal(
perm.id, principal)
else:
principal_perms.unsetPermissionForPrincipal(
perm.id, principal)
return _('Grants updated.')
