def get_sale_file_requirement_acl(self): """ Compile acl for SaleFileRequirement instances """ # Si le parent est validé et l'indicateur est ok, on ne peut plus modifier user_perms = ('view.indicator',) admin_perms = () locked = False if self.status == self.SUCCESS_STATUS: if hasattr(self.node, 'status') and self.node.status == 'valid': locked = True if not locked: acl = get_indicator_acl(self) if self.file_id is None: admin_perms += ("add.file",) user_perms += ("add.file",) else: admin_perms += ("edit.file",) user_perms += ("edit.file",) else: acl = DEFAULT_PERM_NEW[:] employee_logins = FindCompanyService.find_employees_login_from_node( self.node ) for login in employee_logins: acl.append((Allow, login, user_perms)) acl.append((Allow, 'group:admin', admin_perms)) acl.append((Allow, 'group:manager', admin_perms)) return acl
def get_business_acl(self): """ Compute the acl for the Business object """ acl = get_project_acl(self.project) perms = ( 'view.business', 'add.file', ) admin_perms = ('view.business', ) if not self.closed: admin_perms += ( 'edit.business', 'add.invoice', ) perms += ( 'edit.business', 'add.invoice', ) if not self.invoices: perms += ('delete.business', ) admin_perms += ('delete.business', ) if self.file_requirement_service.check(self): admin_perms += ('close.business', ) acl.append((Allow, 'group:admin', admin_perms)) acl.append((Allow, 'group:manager', perms)) company_id = FindCompanyService.find_company_id_from_node(self) acl.append((Allow, "company:{}".format(company_id), perms)) return acl
def get_custom_business_indicator_acl(self): """ Compute acl for CustomBusinessIndicator management """ # Si le parent est validé et l'indicateur est ok, on ne peut plus modifier user_perms = ['view.indicator'] locked = False if self.status == self.SUCCESS_STATUS: if self.business.closed: locked = True if not locked: acl = get_indicator_acl(self) if not self.status == self.SUCCESS_STATUS: user_perms.append('force.indicator') else: acl = DEFAULT_PERM_NEW[:] company_id = FindCompanyService.find_company_id_from_node(self.business) if company_id: acl.append((Allow, "company:{}".format(company_id), user_perms)) return acl
def get_phase_acl(self): """ Return acl for a phase """ acl = DEFAULT_PERM[:] perms = ("edit.phase", ) if DBSESSION().query(Task.id).filter_by(phase_id=self.id).count() == 0: perms += ('delete.phase', ) else: acl.insert(0, (Deny, Everyone, ('delete.phase', ))) company_id = FindCompanyService.find_company_id_from_node(self) acl.append((Allow, "company:{}".format(company_id), perms)) return acl