def applyPermissionsForExistentCoUsers(factory): site = grok.getSite() hfm = IHomeFolderManager(site) principal = factory.object master_id = IMasterUser(principal).id if hfm.get(master_id) is None: hfm.create(IMasterUser(principal).id) homefolder = principal.homefolder #IHomeFolder(principal) if homefolder is None: return um = getUtility(IUserManagement) user = um.getUser(principal.id) if not user: return rollen = user['rollen'] if user['az'] != '00': pid = "%s-%s" % (user['mnr'], user['az']) else: pid = user['mnr'] if homefolder.__name__ != pid: for pf in homefolder.keys(): if pf in rollen: prm = IPrincipalRoleManager(homefolder.get(pf)) if prm.getSetting('uvc.Editor', pid).getName() == 'Unset': prm.assignRoleToPrincipal('uvc.Editor', pid) uvcsite.log('Give uvc.Editor to %s in folder %s' % (pid, pf))
def applyViewContentForCoUsers(factory): principal = factory.object homefolder = None #if IUnauthenticatedPrincipal.providedBy(principal): # homefolder = principal.homefolder #else: # # Workaround, um weiter arbeiten zu können - CK muss noch fixen # #try: # # homefolder = IHomeFolder(principal) # #except TypeError: # # return # homefolder = IHomeFolder(principal) homefolder = principal.homefolder if not homefolder: return if homefolder.__name__ != principal.id: hprm = IPrincipalRoleManager(homefolder) if hprm.getSetting('uvc.HomeFolderUser', principal.id).getName() in ('Deny', 'Unset'): hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id) uvcsite.log( 'applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s' % (principal.id, homefolder.__name__))
def applyViewContentForCoUsers(factory): principal = factory.object homefolder = IHomeFolder(principal).homeFolder if not homefolder: return if homefolder.__name__ != principal.id: hprm = IPrincipalRoleManager(homefolder) if hprm.getSetting('uvc.HomeFolderUser', principal.id).getName() in ('Deny', 'Unset'): hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id) log('applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s' % (principal.id, homefolder.__name__))
def applyViewContentForCoUsers(factory): principal = factory.object homefolder = IHomeFolder(principal).homeFolder if not homefolder: return if homefolder.__name__ != principal.id: hprm = IPrincipalRoleManager(homefolder) setting = hprm.getSetting('uvc.HomeFolderUser', principal.id).getName() if setting in ('Deny', 'Unset'): hprm.assignRoleToPrincipal('uvc.HomeFolderUser', principal.id) log('applying Role uvc.HomeFolderUser for USER %s in HOMEFOLDER %s' % (principal.id, homefolder.__name__))
def applyPermissionsForExistentCoUsers(factory): principal = factory.object createProductFolders(principal) homefolder = IHomeFolder(principal).homeFolder if not homefolder: return um = getUtility(IUserManagement) user = um.getUser(principal.id) rollen = user['rollen'] if user['az'] != '00': pid = "%s-%s" % (user['mnr'], user['az']) else: pid = user['mnr'] if homefolder.__name__ != pid: for pf in homefolder.keys(): if pf in rollen: prm = IPrincipalRoleManager(homefolder.get(pf)) if prm.getSetting('uvc.Editor', pid).getName() == 'Unset': prm.assignRoleToPrincipal('uvc.Editor', pid) uvcsite.log('Give uvc.Editor to %s in folder %s' % (pid, pf))
def status(self): setUpWidget(self, 'principal', self.principal_field, IInputWidget) if not self.principal_widget.hasInput(): return u'' try: principal = self.principal_widget.getInputValue() except MissingInputError: return u'' self.principal = principal # Make sure we can use the principal id in a form by base64ing it principal_token = unicode(principal).encode('base64').strip().replace( '=', '_') roles = [role for name, role in getUtilitiesFor(IRole)] roles.sort(lambda x, y: cmp(x.title, y.title)) principal_roles = IPrincipalRoleManager(self.context) self.roles = [] for role in roles: name = principal_token + '.role.'+role.id field = zope.schema.Choice(__name__= name, title=role.title, vocabulary=settings_vocabulary) setUpWidget(self, name, field, IInputWidget, principal_roles.getSetting(role.id, principal)) self.roles.append(getattr(self, name+'_widget')) perms = [perm for name, perm in getUtilitiesFor(IPermission)] perms.sort(lambda x, y: cmp(x.title, y.title)) principal_perms = IPrincipalPermissionManager(self.context) self.permissions = [] for perm in perms: if perm.id == 'zope.Public': continue name = principal_token + '.permission.'+perm.id field = zope.schema.Choice(__name__=name, title=perm.title, vocabulary=settings_vocabulary) setUpWidget(self, name, field, IInputWidget, principal_perms.getSetting(perm.id, principal)) self.permissions.append( getattr(self, name+'_widget')) if 'GRANT_SUBMIT' not in self.request: return u'' for role in roles: name = principal_token + '.role.'+role.id role_widget = getattr(self, name+'_widget') if role_widget.hasInput(): try: setting = role_widget.getInputValue() except MissingInputError: pass else: # Arrgh! if setting is Allow: principal_roles.assignRoleToPrincipal( role.id, principal) elif setting is Deny: principal_roles.removeRoleFromPrincipal( role.id, principal) else: principal_roles.unsetRoleForPrincipal( role.id, principal) for perm in perms: if perm.id == 'zope.Public': continue name = principal_token + '.permission.'+perm.id perm_widget = getattr(self, name+'_widget') if perm_widget.hasInput(): try: setting = perm_widget.getInputValue() except MissingInputError: pass else: # Arrgh! if setting is Allow: principal_perms.grantPermissionToPrincipal( perm.id, principal) elif setting is Deny: principal_perms.denyPermissionToPrincipal( perm.id, principal) else: principal_perms.unsetPermissionForPrincipal( perm.id, principal) return _('Grants updated.')