for typename in (
"article",
"audio",
"discussion",
"etherpad",
"event",
"file",
"group",
"image",
"video",
):
ctype = "collective.rcse." + typename
permid = 'Add' + typename.capitalize()
permname = 'collective.rcse: Add ' + typename
security.declarePublic(permid)
setDefaultRoles(permname, TYPE_ROLES)
AddArticle = "collective.rcse: Add article"
AddAudio = "collective.rcse: Add audio"
AddDiscussion = "collective.rcse: Add discussion"
AddEtherpad = "collective.rcse: Add etherpad"
AddEvent = "collective.rcse: Add event"
AddFile = "collective.rcse: Add file"
AddGroup = "collective.rcse: Add group"
AddImage = "collective.rcse: Add image"
AddVideo = "collective.rcse: Add video"
security.declarePublic('AddCompany')
setDefaultRoles('collective.rcse: Add company', ('Manager', 'Authenticated',))
AddCompany = "collective.rcse: Add company"
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
from zExceptions import BadRequest # NOQA: F401
security = ModuleSecurityInfo('Products.GenericSetup.exceptions')
security.declarePublic('BadRequest') # NOQA: D001
PRODUCTS_CMFCALENDAR_INSTALLED = False
else:
PRODUCTS_CMFCALENDAR_INSTALLED = True
try:
get_distribution('Products.CMFUid')
except DistributionNotFound:
PRODUCTS_CMFUID_INSTALLED = False
else:
PRODUCTS_CMFUID_INSTALLED = True
security.declarePrivate('_dtmldir')
_dtmldir = os.path.join(package_home(globals()), 'dtml')
_wwwdir = os.path.join(package_home(globals()), 'www')
security.declarePublic('formatRFC822Headers')
def formatRFC822Headers(headers):
""" Convert the key-value pairs in 'headers' to valid RFC822-style
headers, including adding leading whitespace to elements which
contain newlines in order to preserve continuation-line semantics.
"""
munged = []
linesplit = re.compile(r'[\n\r]+?')
for key, value in headers:
vallines = linesplit.split(value)
while vallines:
if vallines[-1].rstrip() == '':
"""
from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import ApplicationDefaultPermissions
from AccessControl.Permission import pname
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('Products.CMFCore.permissions')
#
# General Zope permissions
#
security.declarePublic('AccessContentsInformation')
AccessContentsInformation = Permissions.access_contents_information
security.declarePublic('ChangePermissions')
ChangePermissions = Permissions.change_permissions
security.declarePublic('DeleteObjects')
DeleteObjects = Permissions.delete_objects
security.declarePublic('FTPAccess')
FTPAccess = Permissions.ftp_access
security.declarePublic('ManageProperties')
ManageProperties = Permissions.manage_properties
security.declarePublic('ManageUsers')
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
################################################################################
# Imports.
from AccessControl.SecurityInfo import ModuleSecurityInfo
import tempfile
# Product Imports.
from . import _fileutil
from . import standard
security = ModuleSecurityInfo('Products.zms.pilutil')
security.declarePublic('enabled')
def enabled():
try:
from PIL import Image
return True
except:
try:
import Image
return True
except:
return False
security.declarePublic('thumbnail')
def thumbnail(img, maxdim, qual=75):
"""
##############################################################################
#
# Copyright (c) 2002 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Package of template utility classes and functions.
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('ZTUtils')
security.declarePublic('encodeExpansion', 'decodeExpansion', 'a2b', 'b2a')
from .Tree import encodeExpansion, decodeExpansion, a2b, b2a # NOQA
security.declarePublic('Batch', 'TreeMaker', 'SimpleTreeMaker', 'LazyFilter')
from ZTUtils.Zope import Batch, TreeMaker, SimpleTreeMaker, LazyFilter # NOQA
security.declarePublic('url_query', 'make_query', 'make_hidden_input')
from ZTUtils.Zope import url_query, make_query, make_hidden_input # NOQA
return True
# Last-Modified will get stomped on by a cache policy if there is
# one set....
RESPONSE.setHeader('Last-Modified', rfc1123_date(last_mod))
class SimpleRecord:
""" record-like class """
def __init__(self, **kw):
self.__dict__.update(kw)
def base64_encode(text):
# Helper method to avoid deprecation warning under Python 3
if six.PY2:
return base64.encodestring(text).rstrip()
return base64.encodebytes(text).rstrip()
def base64_decode(text):
# Helper method to avoid deprecation warning under Python 3
if six.PY2:
return base64.decodestring(text)
return base64.decodebytes(text)
security.declarePublic('Message') # NOQA: flake8: D001
Message = MessageFactory('cmf_default')
for typename in (
"article",
"audio",
"discussion",
"etherpad",
"event",
"file",
"group",
"image",
"video",
):
ctype = "collective.rcse." + typename
permid = 'Add' + typename.capitalize()
permname = 'collective.rcse: Add ' + typename
security.declarePublic(permid)
setDefaultRoles(permname, TYPE_ROLES)
AddArticle = "collective.rcse: Add article"
AddAudio = "collective.rcse: Add audio"
AddDiscussion = "collective.rcse: Add discussion"
AddEtherpad = "collective.rcse: Add etherpad"
AddEvent = "collective.rcse: Add event"
AddFile = "collective.rcse: Add file"
AddGroup = "collective.rcse: Add group"
AddImage = "collective.rcse: Add image"
AddVideo = "collective.rcse: Add video"
security.declarePublic('AddCompany')
setDefaultRoles('collective.rcse: Add company', (
'Manager',
def initialize(context):
"""Initializer called when used as a Zope 2 product."""
#from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('acentoweb.submanagers')
security.declarePublic('Manage the site administratively')
setDefaultRoles('Manage the site administratively', ())
""" CMFCore product permissions. """
from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import ApplicationDefaultPermissions
from AccessControl.Permission import pname
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo("Products.CMFCore.permissions")
#
# General Zope permissions
#
security.declarePublic("AccessContentsInformation")
AccessContentsInformation = Permissions.access_contents_information
security.declarePublic("ChangePermissions")
ChangePermissions = Permissions.change_permissions
security.declarePublic("DeleteObjects")
DeleteObjects = Permissions.delete_objects
security.declarePublic("FTPAccess")
FTPAccess = Permissions.ftp_access
security.declarePublic("ManageProperties")
ManageProperties = Permissions.manage_properties
security.declarePublic("ManageUsers")
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('plumi.content')
security.declarePublic('plumi.content')
reTranscodePermission = 'Plumi: ReTranscode Video'
setDefaultRoles(reTranscodePermission, ())
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('collective.auditlog')
security.declarePublic('ViewAuditlog')
ViewAuditlog = 'collective.auditlog: View Auditlog'
setDefaultRoles(ViewAuditlog, ('Manager',))
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo()
security.declarePublic('AddLibrary')
AddLibrary = 'collective.library: Add library'
setDefaultRoles(AddLibrary, ('Manager', 'Owner'))
security.declarePublic('AddLibraryFolder')
AddLibraryFolder = 'collective.library: Add library folder'
setDefaultRoles(AddLibraryFolder, ('Manager', 'Owner'))
security.declarePublic('AddLibraryFolderProxy')
AddLibraryFolderProxy = 'collective.library: Add library folder proxy'
setDefaultRoles(AddLibraryFolderProxy, ())
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
################################################################################
# Imports.
from AccessControl.SecurityInfo import ModuleSecurityInfo
import six
import xml.dom.minidom
security = ModuleSecurityInfo('Products.zms.zmsutil')
security.declarePublic('get_svg_dimensions')
def get_dimensions(image):
size = None
if image.filename.endswith('.svg'):
data = bytes(image.getData())
xmldoc = xml.dom.minidom.parseString(data)
for svg in xmldoc.getElementsByTagName('svg'):
if 'height' in svg.attributes and 'width' in svg.attributes:
w = int(float(svg.attributes['width'].value))
h = int(float(svg.attributes['height'].value))
size = (w, h)
break
elif 'viewBox' in svg.attributes:
viewBox = svg.attributes['viewBox'].value
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo("DiPP")
security.declarePublic("MANAGE_JOURNAL")
MANAGE_JOURNAL = "DiPP: Manage Journal"
security.declarePublic("VIEW_STATISTICS")
VIEW_STATISTICS = "DiPP: View Statistics"
setDefaultRoles(MANAGE_JOURNAL, ())
setDefaultRoles(VIEW_STATISTICS, ())
# Publishing Permission
ADD_CONTENTS_PERMISSION = "Fedora: Add Content"
setDefaultRoles(ADD_CONTENTS_PERMISSION, ('Manager', ))
VIEW_CONTENTS_PERMISSION = "Fedora: View Content"
setDefaultRoles(VIEW_CONTENTS_PERMISSION, ('Manager', ))
EDIT_CONTENTS_PERMISSION = "Fedora: Edit Content"
setDefaultRoles(EDIT_CONTENTS_PERMISSION, ('Manager', ))
# Review Permission
VIEW_ORIGINAL_MANUSCRIPT_PERMISSION = "DiPPReview: View the original manuscript"
VIEW_ANONYM_MANUSCRIPT_PERMISSION = "DiPPReview: View the anonymized manuscript"
ADD_ANONYM_MANUSCRIPT_PERMISSION = "DiPPReview: Add the anonymized manuscript"
VIEW_AUTHOR_REVIEW_PERMISSION = "DiPPReview: View the reviewers report for the author"
VIEW_EDITOR_REVIEW_PERMISSION = "DiPPReview: View the reviewers report for the editor"
VIEW_ORIGINAL_ATTACHMENT_PERMISSION = "DiPPReview: View the original attachment"
VIEW_ANONYM_ATTACHMENT_PERMISSION = "DiPPReview: View the anonymized attachment"
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
# http://developer.plone.org/security/custom_permissions.html
security = ModuleSecurityInfo('plone.app.contenttypes')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')
security.declarePublic('wildcard.media.AddWildcardVideo')
setDefaultRoles('wildcard.media.AddWildcardVideo', TYPE_ROLES)
AddWildcardVideo = "wildcard.media.AddWildcardVideo"
security.declarePublic('wildcard.media.AddWildcardAudio')
setDefaultRoles('wildcard.media.AddWildcardAudio', TYPE_ROLES)
AddWildcardAudio = "wildcard.media.AddWildcardAudio"
"""Define CMFNotification specific permissions.
$Id$
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from config import PROJECT_NAME
security = ModuleSecurityInfo(PROJECT_NAME)
security.declarePublic('CMFNotification: Subscribe/unsubscribe')
## Warning: this value is also defined in ``profiles/default/rolemap.xml``
SUBSCRIBE_PERMISSION = 'CMFNotification: Subscribe/unsubscribe'
setDefaultRoles(SUBSCRIBE_PERMISSION, ())
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('collective.favoriting')
security.declarePublic('AddToFavorites')
AddToFavorites = 'collective.favoriting: Add'
setDefaultRoles(AddToFavorites, ('Member', 'Manager'))
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
PROJECTNAME = "domense.homeboxes"
security = ModuleSecurityInfo(PROJECTNAME)
security.declarePublic('ManageSettings')
ManageSettings = PROJECTNAME + ': Manage Homeboxes settings'
def registerToolInterface(tool_id, tool_interface):
""" Register a tool ID for an interface
This method can go away when getToolByName is going away (CMF 2.3).
"""
global _tool_interface_registry
_tool_interface_registry[tool_id] = tool_interface
security.declarePrivate('getToolInterface')
def getToolInterface(tool_id):
""" Get the interface registered for a tool ID
"""
global _tool_interface_registry
return _tool_interface_registry.get(tool_id, None)
security.declarePublic('getToolByName')
def getToolByName(obj, name, default=_marker):
""" Get the tool, 'toolname', by acquiring it.
o Application code should use this method, rather than simply
acquiring the tool by name, to ease forward migration (e.g.,
to Zope3).
"""
tool_interface = _tool_interface_registry.get(name)
if tool_interface is not None:
try:
utility = getUtility(tool_interface)
# Site managers, except for five.localsitemanager, return unwrapped
# utilities. If the result is something which is acquisition-unaware
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('slc.docconv')
security.declarePublic('Convert')
Convert = 'slc.docconv: Convert'
setDefaultRoles(Convert, ('Manager'))
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Package of template utility classes and functions.
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
from .Tree import a2b # NOQA: F401
from .Tree import b2a # NOQA: F401
from .Tree import decodeExpansion # NOQA: F401
from .Tree import encodeExpansion # NOQA: F401
from .Zope import Batch # NOQA: F401
from .Zope import LazyFilter # NOQA: F401
from .Zope import SimpleTreeMaker # NOQA: F401
from .Zope import TreeMaker # NOQA: F401
from .Zope import make_hidden_input # NOQA: F401
from .Zope import make_query # NOQA: F401
from .Zope import url_query # NOQA: F401
security = ModuleSecurityInfo('ZTUtils')
for name in ('encodeExpansion', 'decodeExpansion', 'a2b', 'b2a', 'Batch',
'TreeMaker', 'SimpleTreeMaker', 'LazyFilter'
'url_query', 'make_query', 'make_hidden_input'):
security.declarePublic(name) # NOQA: D001
# -*- coding: utf-8 -*-
from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('rt.lastmodifier.permissions')
security.declarePublic('DocumentByLineViewAuthor')
DocumentByLineViewAuthor = 'rt.lastmodifier: documentByLine view author'
setDefaultRoles(DocumentByLineViewAuthor, ())
security.declarePublic('DocumentByLineViewLastModifier')
DocumentByLineViewLastModifier = 'rt.lastmodifier: documentByLine view last modifier'
setDefaultRoles(DocumentByLineViewLastModifier, ())
security.declarePublic('DocumentByLineViewModifiedDate')
DocumentByLineViewModifiedDate = 'rt.lastmodifier: documentByLine view modification date'
setDefaultRoles(DocumentByLineViewModifiedDate, ())
security.declarePublic('DocumentByLineViewPublishedDate')
DocumentByLineViewPublishedDate = 'rt.lastmodifier: documentByLine view publication date'
setDefaultRoles(DocumentByLineViewPublishedDate, ())
security.declarePublic('DocumentByLineViewChangeNote')
DocumentByLineViewChangeNote = 'rt.lastmodifier: documentByLine view change note'
setDefaultRoles(DocumentByLineViewChangeNote, ())
security.declarePublic('EditChangeNoteShowState')
EditChangeNoteShowState = 'rt.lastmodifier: choose to show change note'
setDefaultRoles(EditChangeNoteShowState, ())
# No roles exist and no grants requested. Leave unchanged.
return 0
else:
# Add new roles for this group.
local_roles[group] = list(grant_roles)
ob.__ac_local_roles__ = local_roles
return 1
# Edit the roles.
roles = list(roles)
changed = 0
for role in managed_roles:
if role in grant_roles and role not in roles:
# Add one role for this group.
roles.append(role)
changed = 1
elif role not in grant_roles and role in roles:
# Remove one role for this group.
roles.remove(role)
changed = 1
if changed:
if not roles and local_roles.has_key(group):
del local_roles[group]
else:
local_roles[group] = roles
ob.__ac_local_roles__ = local_roles
return changed
security.declarePublic('Message')
Message = _ = MessageFactory('cmf_default')
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('Products.CMFCore.permissions')
security.declarePublic("DexterityImport")
DexterityImport = "collective.importexport: Import"
#TODO: should allow readers to seee this too since they can do an export?
setDefaultRoles(DexterityImport, ("Owner", "Contributor" "Site Administrator", "Manager"))
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from zope.i18nmessageid import MessageFactory
_ = MessageFactory('collective.wfeffectiverange')
# Permissions
security = ModuleSecurityInfo('collective.wfeffectiverange')
security.declarePublic('collective.wfeffectiverange.addTaskFolder')
setDefaultRoles('collective.wfeffectiverange: Add Task Folder',
('Manager', 'Site Administrator')) # noqa
security.declarePublic('collective.wfeffectiverange.addTask')
setDefaultRoles('collective.wfeffectiverange: Add Task',
('Manager', 'Site Administrator', 'Reviewer')) # noqa
# iterate is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# iterate is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with CMFDeployment; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
##################################################################
from Products.CMFEditions import Permissions
from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('plone.app.iterate.permissions')
security.declarePublic('CheckinPermission')
CheckinPermission = "iterate : Check in content"
security.declarePublic('CheckoutPermission')
CheckoutPermission = "iterate : Check out content"
DEFAULT_ROLES = ('Manager', 'Owner', 'Site Administrator', 'Editor')
setDefaultRoles(CheckinPermission, DEFAULT_ROLES)
setDefaultRoles(CheckoutPermission, DEFAULT_ROLES)
# -*- coding: utf-8 -*-
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('collective.deepsitemap')
security.declarePublic('Use Deep Sitemap')
MyPermission = 'collective.deepsitemap: Use Deep Sitemap'
setDefaultRoles(MyPermission, ())
from DocumentTemplate.DT_Var import url_unquote_plus # NOQA
from DocumentTemplate.DT_Var import restructured_text # NOQA
from DocumentTemplate.security import RestrictedDTML
from ZPublisher.HTTPRequest import record
security = ModuleSecurityInfo('Products.PythonScripts.standard')
security.declarePublic(
'special_formats',
'whole_dollars',
'dollars_and_cents',
'structured_text',
'restructured_text',
'sql_quote',
'html_quote',
'url_quote',
'url_quote_plus',
'newline_to_br',
'thousands_commas',
'url_unquote',
'url_unquote_plus',
'urlencode',
'DTML',
'Object',
)
class DTML(RestrictedDTML, HTML):
"""DTML objects are DocumentTemplate.HTML objects that allow
dynamic, temporary creation of restricted DTML."""
def __call__(self, client=None, REQUEST={}, RESPONSE=None, **kw):
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('Products.CMFCore.permissions')
security.declarePublic("DexterityImport")
DexterityImport = "collective.importexport: Import"
#TODO: should allow readers to seee this too since they can do an export?
setDefaultRoles(DexterityImport, ("Owner", "Contributor"
"Site Administrator", "Manager"))
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('cpskin.core.permissions')
security.declarePublic('CPSkinSiteAdministrator')
CPSkinSiteAdministrator = 'CPSkin: Site administrator'
setDefaultRoles(CPSkinSiteAdministrator, ('Site Administrator',
'Manager'))
security.declarePublic('CPSkinEditKeywords')
CPSkinEditKeywords = 'CPSkin: Edit keywords'
setDefaultRoles(CPSkinEditKeywords, ('Site Administrator',
'Manager',
'Portlets Manager'))
from AccessControl import Permissions
from AccessControl.Permission import addPermission
from AccessControl.SecurityInfo import ModuleSecurityInfo
from zope.deferredimport import deprecated
deprecated('Please use addPermission from AccessControl.Permission.',
setDefaultRoles='AccessControl.Permission:addPermission')
security = ModuleSecurityInfo('Products.CMFCore.permissions')
#
# General Zope permissions
#
security.declarePublic('AccessContentsInformation') # NOQA: flake8: D001
AccessContentsInformation = Permissions.access_contents_information
security.declarePublic('ChangePermissions') # NOQA: flake8: D001
ChangePermissions = Permissions.change_permissions
security.declarePublic('DeleteObjects') # NOQA: flake8: D001
DeleteObjects = Permissions.delete_objects
security.declarePublic('FTPAccess') # NOQA: flake8: D001
FTPAccess = Permissions.ftp_access
security.declarePublic('ManageProperties') # NOQA: flake8: D001
ManageProperties = Permissions.manage_properties
security.declarePublic('ManageUsers') # NOQA: flake8: D001
"""
while hasattr(container,'meta_type') and not getattr(container,'meta_type') == meta_type and hasattr(container,'aq_parent'):
container = container.aq_parent
return container
def getExternalMethodModuleName(container, id):
"""
Add context-folder-id to module-name (to prevent deleting artefacts from other clients).
"""
m = id
next = nextObject(container,'Folder')
if hasattr(next,"id"):
m = '%s.%s'%(next.getId(),id)
return m
security.declarePublic('addObject')
def addObject(container, meta_type, id, title, data, permissions={}):
"""
Add Zope-object to container.
"""
if meta_type == 'DTML Document':
# Enforce to utf-8 text, try Zope2, except Zope4
try:
data = standard.pystr2(data, 'utf-8', 'ignore').encode('utf-8')
except:
data = standard.pystr2(data, 'utf-8', 'ignore')
addDTMLDocument( container, id, title, data)
elif meta_type == 'DTML Method':
# Enforce to utf-8 text, try Zope2, except Zope4
try:
data = standard.pystr2(data, 'utf-8', 'ignore').encode('utf-8')
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('cpskin.core.permissions')
security.declarePublic('CPSkinSiteAdministrator')
CPSkinSiteAdministrator = 'CPSkin: Site administrator'
setDefaultRoles(CPSkinSiteAdministrator, ('Site Administrator', 'Manager'))
security.declarePublic('CPSkinEditKeywords')
CPSkinEditKeywords = 'CPSkin: Edit keywords'
setDefaultRoles(CPSkinEditKeywords,
('Site Administrator', 'Manager', 'Portlets Manager'))
from TT.Fischereiverband.config import MAX_TEXT_PREVIEW
from AccessControl.SecurityInfo import ModuleSecurityInfo
from AccessControl.SecurityInfo import ClassSecurityInfo
import re
from DateTime.DateTime import DateTime
security = ModuleSecurityInfo('TT.Fischereiverband.utils')
security.declarePublic('remove_html_tags')
def remove_html_tags(txt):
p = re.compile(r'<.*?>')
return p.sub('', txt)
security.declarePublic('back_space')
def back_space(txt, MAX_PREVIEW=300):
if not txt: return ''
if len(txt) <= MAX_PREVIEW: return txt
m = MAX_PREVIEW
while (txt[m] != ' '): m += 1
return txt[0:m]+'...'
security.declarePublic('format')
def format(txt, MAX_PREVIEW=300):
txt = remove_html_tags(txt)
return back_space(txt, MAX_TEXT_PREVIEW)
if not grant_roles:
# No roles exist and no grants requested. Leave unchanged.
return 0
else:
# Add new roles for this group.
local_roles[group] = list(grant_roles)
ob.__ac_local_roles__ = local_roles
return 1
# Edit the roles.
roles = list(roles)
changed = 0
for role in managed_roles:
if role in grant_roles and role not in roles:
# Add one role for this group.
roles.append(role)
changed = 1
elif role not in grant_roles and role in roles:
# Remove one role for this group.
roles.remove(role)
changed = 1
if changed:
if not roles and local_roles.has_key(group):
del local_roles[group]
else:
local_roles[group] = roles
ob.__ac_local_roles__ = local_roles
return changed
security.declarePublic('Message')
Message = _ = MessageFactory('cmf_default')
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.
$Id$
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('Products.GenericSetup.exceptions')
security.declarePublic('BadRequest')
from zExceptions import BadRequest
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.
$Id: exceptions.py 110425 2010-04-01 17:19:14Z tseaver $
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('Products.GenericSetup.exceptions')
security.declarePublic('BadRequest')
from zExceptions import BadRequest
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('incf.abstractsubmission')
security.declarePublic('AbstractSubmissionCSVExport')
AbstractSubmissionCSVExport = 'AbstractSubmission: CSVExport'
setDefaultRoles(AbstractSubmissionCSVExport, ('Manager', 'Owner'))
from zope.publisher.interfaces.browser import IBrowserRequest
from Products.CMFCore.interfaces import IPropertiesTool
from Products.CMFDefault.interfaces import IHTMLScrubber
from Products.CMFDefault.exceptions import EmailAddressInvalid
from Products.CMFDefault.exceptions import IllegalHTML
security = ModuleSecurityInfo( 'Products.CMFDefault.utils' )
security.declarePrivate('_dtmldir')
_dtmldir = os.path.join( package_home( globals() ), 'dtml' )
_wwwdir = os.path.join( package_home( globals() ), 'www' )
security.declarePublic('formatRFC822Headers')
def formatRFC822Headers( headers ):
""" Convert the key-value pairs in 'headers' to valid RFC822-style
headers, including adding leading whitespace to elements which
contain newlines in order to preserve continuation-line semantics.
"""
munged = []
linesplit = re.compile( r'[\n\r]+?' )
for key, value in headers:
vallines = linesplit.split( value )
while vallines:
if vallines[-1].rstrip() == '':
vallines = vallines[:-1]
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
PROJECTNAME = 'collective.loremipsum'
security = ModuleSecurityInfo(PROJECTNAME)
security.declarePublic('CanPopulate')
CanPopulate = PROJECTNAME + ': Can Populate'
RESPONSE.setStatus(304)
return True
# Last-Modified will get stomped on by a cache policy if there is
# one set....
RESPONSE.setHeader('Last-Modified', rfc1123_date(last_mod))
class SimpleRecord:
""" record-like class """
def __init__(self, **kw):
self.__dict__.update(kw)
def base64_encode(text):
# Helper method to avoid deprecation warning under Python 3
if six.PY2:
return base64.encodestring(text).rstrip()
return base64.encodebytes(text).rstrip()
def base64_decode(text):
# Helper method to avoid deprecation warning under Python 3
if six.PY2:
return base64.decodestring(text)
return base64.decodebytes(text)
security.declarePublic('Message') # NOQA: flake8: D001
Message = MessageFactory('cmf_default')
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
# http://developer.plone.org/security/custom_permissions.html
security = ModuleSecurityInfo('plone.app.contenttypes')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Editor')
security.declarePublic('video.converter.AddVideo')
setDefaultRoles('video.converter.AddVideo', TYPE_ROLES)
AddVideo = "video.converter.AddVideo"
import config
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo(config.PROJECTNAME)
for p in config.ADD_PERMISSIONS:
security.declarePublic(config.ADD_PERMISSIONS[p])
MyPermission = config.ADD_PERMISSIONS[p]
setDefaultRoles(MyPermission, ('Manager', 'Owner'))
"""
global _tool_interface_registry
_tool_interface_registry[tool_id] = tool_interface
security.declarePrivate('getToolInterface')
def getToolInterface(tool_id):
""" Get the interface registered for a tool ID
"""
global _tool_interface_registry
return _tool_interface_registry.get(tool_id, None)
security.declarePublic('getToolByName')
def getToolByName(obj, name, default=_marker):
""" Get the tool, 'toolname', by acquiring it.
o Application code should use this method, rather than simply
acquiring the tool by name, to ease forward migration (e.g.,
to Zope3).
"""
tool_interface = _tool_interface_registry.get(name)
if tool_interface is not None:
try:
utility = getUtility(tool_interface)
# Site managers, except for five.localsitemanager, return unwrapped
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from plone.app.contenttypes.utils import DEFAULT_TYPES
security = ModuleSecurityInfo('plone.app.contenttypes')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')
perms = []
for typename in DEFAULT_TYPES:
permid = 'Add' + typename
permname = 'plone.app.contenttypes: Add ' + typename
security.declarePublic(permid)
setDefaultRoles(permname, TYPE_ROLES)
AddCollection = "plone.app.contenttypes: Add Collection"
AddDocument = "plone.app.contenttypes: Add Document"
AddEvent = "plone.app.contenttypes: Add Event"
AddFile = "plone.app.contenttypes: Add File"
AddFolder = "plone.app.contenttypes: Add Folder"
AddImage = "plone.app.contenttypes: Add Image"
AddLink = "plone.app.contenttypes: Add Link"
AddNewsItem = "plone.app.contenttypes: Add News Item"
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('restarter.policy')
security.declarePublic('ManageAssociationLikes')
ManageAssociationLikes = 'restarter.policy: ManageAssociationLikes'
ManageStories = 'restarter.policy: ManageStories'
setDefaultRoles(ManageAssociationLikes, ('Association',))
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('plumi.content')
security.declarePublic('ReTranscodePermission')
ReTranscodePermission = 'plumi.content: ReTranscode Video'
setDefaultRoles(ReTranscodePermission, ())
# See also permissions.zcml, but we define them here in python too so
# they can be imported.
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
security = ModuleSecurityInfo('collective.proxyproperties')
security.declarePublic('ManageProperties')
ManageProperties = "collective.proxyproperties: ManageProperties"
setDefaultRoles(ManageProperties, ( 'Manager',) )
from DocumentTemplate.DT_Var import url_unquote
from DocumentTemplate.DT_Var import url_unquote_plus
from DocumentTemplate.DT_Var import restructured_text
from DocumentTemplate.security import RestrictedDTML
from ZPublisher.HTTPRequest import record
security = ModuleSecurityInfo()
security.declarePublic('special_formats',
'whole_dollars',
'dollars_and_cents',
'structured_text',
'restructured_text',
'sql_quote',
'html_quote',
'url_quote',
'url_quote_plus',
'newline_to_br',
'thousands_commas',
'url_unquote',
'url_unquote_plus',
'urlencode',
)
security.declarePublic('DTML')
class DTML(RestrictedDTML, HTML):
"""DTML objects are DocumentTemplate.HTML objects that allow
dynamic, temporary creation of restricted DTML."""
def __call__(self, client=None, REQUEST={}, RESPONSE=None, **kw):
"""Render the DTML given a client object, REQUEST mapping,
Response, and key word arguments."""
# See http://peak.telecommunity.com/DevCenter/setuptools#namespace-packages
try:
__import__('pkg_resources').declare_namespace(__name__)
except ImportError:
from pkgutil import extend_path
__path__ = extend_path(__path__, __name__)
from zope.i18nmessageid import MessageFactory
messageFactory = MessageFactory('collective.portlet.oembed')
ploneMessageFactory = MessageFactory('plone')
from Products.CMFCore.permissions import setDefaultRoles
from AccessControl.SecurityInfo import ModuleSecurityInfo
security = ModuleSecurityInfo('collective.portlet.oembed')
security.declarePublic('')
AddOembedPortlet = 'collective.portlet.embed: Add oembed portlet'
setDefaultRoles(AddOembedPortlet,
('Manager', 'Site Administrator', 'Owner',))
from Products.Archetypes.config import UID_CATALOG
from Products.CMFCore.WorkflowCore import WorkflowException
from Products.CMFCore.utils import getToolByName
from bika.lims import PMF
from bika.lims import api
from bika.lims import logger
from bika.lims.browser import ulocalized_time
from bika.lims.interfaces import IJSONReadExtender
from bika.lims.jsonapi import get_include_fields
from bika.lims.utils import changeWorkflowState
from bika.lims.utils import t
from bika.lims.workflow.indexes import ACTIONS_TO_INDEXES
from zope.interface import implements
security = ModuleSecurityInfo('bika.lims.workflow')
security.declarePublic('guard_handler')
_marker = object()
def skip(instance, action, peek=False, unskip=False):
"""Returns True if the transition is to be SKIPPED
peek - True just checks the value, does not set.
unskip - remove skip key (for manual overrides).
called with only (instance, action_id), this will set the request variable preventing the
cascade's from re-transitioning the object and return None.
"""
uid = callable(instance.UID) and instance.UID() or instance.UID
'FTP access',
'List folder contents',
'List portal members',
'List undoable changes',
'Mail forgotten password',
'Manage properties',
'Modify portal content',
'Modify view template',
'Reply to item',
'Request review',
'Review comments',
'Review portal content',
'ZCatalog',
'Set own password',
'Set own properties',
'Undo changes',
'Use mailhost services',
'Use version control',
'View',
'View Groups',
'View management screens',
'WebDAV Lock items',
'WebDAV Unlock items',
'WebDAV access',
]
security = ModuleSecurityInfo('uwosh.oie.studyabroadstudent')
for role in study_abroad_roles:
security.declarePublic(role) # noqa : D001
setDefaultRoles(role, ())
