Exemplo n.º 1
0
    def cached_roles(self, parent, permission):
        cache = self.cache(parent)
        try:
            cache_roles = cache.roles
        except AttributeError:
            cache_roles = cache.roles = {}
        try:
            return cache_roles[permission]
        except KeyError:
            pass

        if parent is None:
            roles = dict(
                [(role, 1)
                 for (role, setting) in globalRolesForPermission(permission)
                 if setting is Allow])
            cache_roles[permission] = roles
            return roles

        roles = self.cached_roles(
            removeSecurityProxy(getattr(parent, '__parent__', None)),
            permission)
        roleper = IRolePermissionMap(parent, None)
        if roleper:
            roles = roles.copy()
            for role, setting in roleper.getRolesForPermission(permission):
                if setting is Allow:
                    roles[role] = 1
                elif role in roles:
                    del roles[role]

        cache_roles[permission] = roles
        return roles
Exemplo n.º 2
0
def get_roles_with_access_content(obj):
    if obj is None:
        return {}
    active_roles = get_roles_with_access_content(
        removeSecurityProxy(getattr(obj, '__parent__', None)))
    roleperm = IRolePermissionMap(obj)

    for role, permission in roleperm.getRow('plone.AccessContent'):
        active_roles[role] = permission
    return active_roles
Exemplo n.º 3
0
def settingsForObject(ob):
    """Analysis tool to show all of the grants to a process
    """
    result = []
    while ob is not None:
        data = {}
        result.append((getattr(ob, '__name__', '(no name)'), data))

        principalPermissions = IPrincipalPermissionMap(ob, None)
        if principalPermissions is not None:
            settings = principalPermissions.getPrincipalsAndPermissions()
            settings.sort()
            data['principalPermissions'] = [
                {'principal': pr, 'permission': p, 'setting': s}
                for (p, pr, s) in settings]

        principalRoles = IPrincipalRoleMap(ob, None)
        if principalRoles is not None:
            settings = principalRoles.getPrincipalsAndRoles()
            data['principalRoles'] = [
                {'principal': p, 'role': r, 'setting': s}
                for (r, p, s) in settings]

        rolePermissions = IRolePermissionMap(ob, None)
        if rolePermissions is not None:
            settings = rolePermissions.getRolesAndPermissions()
            data['rolePermissions'] = [
                {'permission': p, 'role': r, 'setting': s}
                for (p, r, s) in settings]

        ob = getattr(ob, '__parent__', None)

    data = {}
    result.append(('global settings', data))

    settings = principalPermissionManager.getPrincipalsAndPermissions()
    settings.sort()
    data['principalPermissions'] = [
        {'principal': pr, 'permission': p, 'setting': s}
        for (p, pr, s) in settings]

    settings = principalRoleManager.getPrincipalsAndRoles()
    data['principalRoles'] = [
        {'principal': p, 'role': r, 'setting': s}
        for (r, p, s) in settings]

    settings = rolePermissionManager.getRolesAndPermissions()
    data['rolePermissions'] = [
        {'permission': p, 'role': r, 'setting': s}
        for (p, r, s) in settings]

    return result
Exemplo n.º 4
0
async def sharing_get(context, request):
    roleperm = IRolePermissionMap(context)
    prinperm = IPrincipalPermissionMap(context)
    prinrole = IPrincipalRoleMap(context)
    result = {'local': {}, 'inherit': []}
    result['local']['role_permission'] = roleperm._byrow
    result['local']['principal_permission'] = prinperm._byrow
    result['local']['principal_role'] = prinrole._byrow
    for obj in iter_parents(context):
        roleperm = IRolePermissionMap(obj)
        prinperm = IPrincipalPermissionMap(obj)
        prinrole = IPrincipalRoleMap(obj)
        result['inherit'].append({
            '@id': IAbsoluteURL(obj, request)(),
            'role_permission': roleperm._byrow,
            'principal_permission': prinperm._byrow,
            'principal_role': prinrole._byrow,
        })
    await notify(ObjectPermissionsViewEvent(context))
    return result
    def cached_roles(self, parent, permission):
        cache = self.cache(parent)
        try:
            cache_roles = cache.roles
        except AttributeError:
            cache_roles = cache.roles = {}
        try:
            return cache_roles[permission]
        except KeyError:
            pass

        if parent is None:
            roles = dict([(role, 1)
                          for (role,
                               setting) in globalRolesForPermission(permission)
                          if setting is Allow])
            cache_roles[permission] = roles
            return roles

        if getattr(parent, 'inherit_permissions', False):
            roles = self.cached_roles(
                removeSecurityProxy(getattr(parent, '__parent__', None)),
                permission)
        else:
            roles = dict([(role, 1)
                          for (role,
                               setting) in globalRolesForPermission(permission)
                          if setting is Allow])

        roleper = IRolePermissionMap(parent, None)
        if roleper:
            for role, setting in roleper.getRolesForPermission(permission):
                if setting is Allow:
                    roles[role] = 1
                elif role in roles:
                    del roles[role]

        cache_roles[permission] = roles
        return roles