Пример #1
0
 def isAvailable(self):
     principal = self.space.principal
     if principal is not None:
         return checkPermissionForPrincipal(
             principal, 'zojax.PersonalContent', self.space)
     else:
         return False
Пример #2
0
    def canAssignPrincipal(self, principal):
        if (not IUnauthenticatedPrincipal.providedBy(principal) and
            IPrincipal.providedBy(principal) and
            not IGroup.providedBy(principal) and
            checkPermissionForPrincipal(principal,'zojax.PersonalSpace',self)):
            return True

        return False
Пример #3
0
def getAccessList(context, permission):
    context = removeAllProxies(context)
    grant = IExtendedGrantInfo(context)

    interaction = queryInteraction()
    if not IZojaxSecurityPolicy.providedBy(interaction):
        interaction = SecurityPolicy()

    allowed = {}
    for role, setting in grant.getRolesForPermission(permission):
        if role == 'content.Owner':
            for principal, setting in grant.getPrincipalsForRole('content.Owner'):
                if setting is Allow and principal:
                    allowed['user:'+principal] = 1

        elif setting is Allow:
            allowed[role] = 1

    for principal, setting in grant.getPrincipalsForPermission(permission):
        if principal:
            uid = 'user:'+principal
            if setting is Allow:
                allowed[uid] = 1
            elif setting is Deny and uid in allowed:
                del allowed[uid]

    roles = []
    for role in allowed.keys():
        if not role.startswith('user:'):
            hasPrincipals = False
            for principal, setting in grant.getPrincipalsForRole(role):
                uid = 'user:'+principal
                if interaction.cached_decision(context,principal,(),permission):
                    allowed[uid] = 1
                    hasPrincipals = True
                elif uid in allowed:
                    del allowed[uid]
            if not hasPrincipals:
                del allowed[role]

    # check special groups
    for grp in (IUnauthenticatedPrincipal, IAuthenticatedGroup, IEveryoneGroup):
        principal = queryUtility(grp)

        if principal is not None:
            uid = 'user:%s'%principal.id

            if checkPermissionForPrincipal(principal, permission, context):
                allowed[uid] = 1
            else:
                if uid in allowed:
                    del allowed[uid]

    return allowed.keys()
Пример #4
0
    def isRetractable(self, principal=None):
        if not IBoundContentType.providedBy(self):
            return False

        if not self.retractable or not self.retractperm:
            return False

        if principal is None:
            principal = getPrincipal()

        return checkPermissionForPrincipal(
            principal, self.retractperm, self.context)
Пример #5
0
 def isAvailable(self):
     return checkPermissionForPrincipal(
         self.space.principal, 'zojax.PersonalPhotos', self.space)