def check_permission(self, permission, obj):
# Always allow public attributes
if permission is Public:
return True
if IView.providedBy(obj):
obj = obj.__parent__
# Iterate through participations ('principals')
# and check permissions they give
seen = {}
for participation in self.participations:
principal = getattr(participation, 'principal', None)
# Invalid participation (no principal)
if principal is None:
continue
# System user always has access
if principal is SystemUser:
return True
# Speed up by skipping seen principals
if principal.id in seen:
continue
self.principal = principal
# Check the permission
groups = self._groups_for(principal)
if self.cached_decision(obj, principal.id, groups, permission):
return True
seen[principal.id] = 1 # mark as seen
return False
def check_permission(self, permission, obj):
# Always allow public attributes
if permission is Public:
return True
if IView.providedBy(obj):
obj = obj.__parent__
# Iterate through participations ('principals')
# and check permissions they give
seen = {}
for participation in self.participations:
principal = getattr(participation, 'principal', None)
# Invalid participation (no principal)
if principal is None:
continue
# System user always has access
if principal is SystemUser:
return True
# Speed up by skipping seen principals
if principal.id in seen:
continue
self.principal = principal
# Check the permission
groups = self._groups_for(principal)
if self.cached_decision(
obj,
principal.id,
groups,
permission):
return True
seen[principal.id] = 1 # mark as seen
return False
def check_permission(self, permission, obj):
# Always allow public attributes
if permission is Public:
return True
if IView.providedBy(obj):
obj = obj.__parent__
# Iterate through participations ('principals')
# and check permissions they give
if self.principal is not None:
# System user always has access
if self.principal is SystemUser:
return True
# Check the permission
groups = getattr(self.principal, "groups", None) or []
if self.cached_decision(obj, self.principal.id, groups, permission):
return True
return False