def get_roles_with_access_content(obj, request=None):
""" Return the roles that has access to the content that are global roles"""
if obj is None:
return []
roles = cached_roles(obj, "guillotina.AccessContent", "o")
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
return result
def get_principals_with_access_content(obj, request=None):
if obj is None:
return []
roles = cached_roles(obj, "guillotina.AccessContent", "o")
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
users = cached_principals(obj, result, "guillotina.AccessContent", "o")
return list(users.keys())
async def addPerms(obj, perms, changed=False):
"""apply some permissions. Copied almost verbatim from sharingPOST service
"""
lroles = local_roles()
groles = global_roles()
if ("prinrole" not in perms and "roleperm" not in perms
and "prinperm" not in perms):
raise PreconditionFailed(obj,
"prinrole or roleperm or prinperm missing")
for prinrole in perms.get("prinrole") or []:
setting = prinrole.get("setting")
if setting not in PermissionMap["prinrole"]:
raise PreconditionFailed(obj, "Invalid Type {}".format(setting))
manager = IPrincipalRoleManager(obj)
operation = PermissionMap["prinrole"][setting]
func = getattr(manager, operation)
if (obj.type_name == "Container"
and prinrole["role"] not in groles + lroles):
raise PreconditionFailed(
obj, "Not a valid role: {}".format(prinrole["role"]))
if obj.type_name != "Container" and prinrole["role"] not in lroles:
raise PreconditionFailed(
obj, "Not a valid local role: {}".format(prinrole["role"]))
changed = True
func(prinrole["role"], prinrole["principal"])
for prinperm in perms.get("prinperm") or []:
setting = prinperm["setting"]
if setting not in PermissionMap["prinperm"]:
raise PreconditionFailed(obj, "Invalid Type")
manager = IPrincipalPermissionManager(obj)
operation = PermissionMap["prinperm"][setting]
func = getattr(manager, operation)
changed = True
func(prinperm["permission"], prinperm["principal"])
for roleperm in perms.get("roleperm") or []:
setting = roleperm["setting"]
if setting not in PermissionMap["roleperm"]:
raise PreconditionFailed(obj, "Invalid Type")
manager = IRolePermissionManager(obj)
operation = PermissionMap["roleperm"][setting]
func = getattr(manager, operation)
changed = True
func(roleperm["permission"], roleperm["role"])
if changed:
obj._p_register() # make sure data is saved
def get_roles_with_access_content(obj, request=None):
""" Return the roles that has access to the content that are global roles"""
if obj is None:
return []
if request is None:
request = get_current_request()
interaction = IInteraction(request)
roles = interaction.cached_roles(obj, 'guillotina.AccessContent', 'o')
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
return result
def get_principals_with_access_content(obj, request=None):
if obj is None:
return {}
if request is None:
request = get_current_request()
interaction = IInteraction(request)
roles = interaction.cached_roles(obj, 'guillotina.AccessContent', 'o')
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
users = interaction.cached_principals(obj, result, 'guillotina.AccessContent', 'o')
return list(users.keys())
def get_roles_with_access_content(obj, request=None):
""" Return the roles that has access to the content that are global roles"""
if obj is None:
return []
if request is None:
request = get_current_request()
interaction = IInteraction(request)
roles = interaction.cached_roles(obj, 'guillotina.AccessContent', 'o')
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
return result
def get_principals_with_access_content(obj, request=None):
if obj is None:
return {}
if request is None:
request = get_current_request()
interaction = IInteraction(request)
roles = interaction.cached_roles(obj, 'guillotina.AccessContent', 'o')
result = []
all_roles = role.global_roles() + role.local_roles()
for r in roles.keys():
if r in all_roles:
result.append(r)
users = interaction.cached_principals(obj, result, 'guillotina.AccessContent', 'o')
return list(users.keys())
async def __call__(self):
url = getMultiAdapter((self.context, self.request), IAbsoluteURL)()
result = []
roles = global_roles()
for role in roles:
role_obj = get_utility(IRole, name=role)
result.append(
{
"@id": f"{url}/@roles/{role}",
"@type": "role",
"id": role,
"title": role_obj.title,
}
)
return result
async def __call__(self):
roles = global_roles() + local_roles()
return roles