configure.permission("guillotina.RefreshToken", "Refresh token")
configure.permission("guillotina.SeeSession", "Check open session")
configure.permission("guillotina.Logout", "Logout site")
configure.permission("guillotina.SearchContent", "Search content")
configure.permission("guillotina.RawSearchContent", "Raw search content")
configure.permission("guillotina.ReindexContent", "Reindex Content")
configure.permission("guillotina.ManageCatalog", "Manage catalog")
configure.permission("guillotina.GetAPIDefinition", "Get the API definition")
configure.permission("guillotina.Public", "Public access to content")
configure.permission("guillotina.WebSocket", "Access to websocket")
configure.permission("guillotina.CacheManage", "Manage cache")
configure.role("guillotina.Anonymous", "Everybody",
"All users have this role implicitly", False)
configure.role(
"guillotina.Authenticated",
"Authenticated user",
"Role automatically assigned to authenticated users",
False,
)
configure.role("guillotina.Member", "Member", False)
configure.role("guillotina.Reader", "Reader", "can read content", True)
configure.role("guillotina.Editor", "Editor", "can edit content", True)
configure.role("guillotina.Reviewer", "Reviewer", "can review content", True)
configure.role("guillotina.Owner", "Content Manager", "can add/delete content",
True)
configure.role("guillotina.Manager", "Container Manager", False)
from guillotina import configure
app_settings = {
}
configure.role("guillotina_chat.ConversationParticipant",
"Conversation Participant",
"Users that are part of a conversation", False)
configure.grant(
permission="guillotina.ViewContent",
role="guillotina_chat.ConversationParticipant")
configure.grant(
permission="guillotina.AccessContent",
role="guillotina_chat.ConversationParticipant")
configure.grant(
permission="guillotina.AddContent",
role="guillotina_chat.ConversationParticipant")
def includeme(root):
"""
custom application initialization here
"""
configure.scan('guillotina_chat.install')
configure.scan('guillotina_chat.content')
configure.scan('guillotina_chat.subscribers')
configure.scan('guillotina_chat.serialize')
configure.scan('guillotina_chat.services')
configure.scan('guillotina_chat.utility')
configure.scan('guillotina_chat.ws')
from . import settings
from guillotina import configure
from guillotina.interfaces import IFolder
import json
import pytest
pytestmark = pytest.mark.asyncio
configure.permission("dbusers.SeeTopSecret", "SeeTopSecret", "Ability to see TopSecret docs")
configure.role("dbusers.DoubleO", "00 Agent")
configure.grant(permission="dbusers.SeeTopSecret", role="dbusers.DoubleO")
@configure.service(
context=IFolder, method="GET", permission="dbusers.SeeTopSecret", name="@top-secret",
)
async def top_secret(context, request):
return {"documents": ["abcd"]}
@pytest.mark.app_settings(settings.DEFAULT_SETTINGS)
async def test_roles_in_groups(dbusers_requester):
async with dbusers_requester as requester:
# Create the group 'top-agents' and assign the role "dbusers.DoubleO"
resp, status = await requester(
"POST",
"/db/guillotina/groups",
data=json.dumps({"id": "top-agents", "@type": "Group", "user_roles": ["dbusers.DoubleO"]}),
from guillotina import configure
configure.role("guillotina.Contributor", "Contributor", "Can add content", True)
configure.permission(
"guillotina.ManageVersioning", "Ability to modify versioning on an object"
)
configure.permission(
"guillotina.ManageConstraints", "Allow to check and change type constraints"
)
configure.permission("guillotina.AccessControlPanel", "Access control panel")
configure.permission("guillotina.ReviewContent", "Review content permission")
configure.permission("guillotina.RequestReview", "Request review content permission")
configure.permission("guillotina.ViewComments", "View comments")
configure.permission("guillotina.ModifyComments", "Modify comments")
configure.permission("guillotina.AddComments", "Add comments")
configure.permission("guillotina.DeleteComments", "Delete comments")
configure.permission("guillotina.DeleteAllComments", "Delete all comments")
configure.grant(permission="guillotina.ManageVersioning", role="guillotina.Manager")
configure.grant(permission="guillotina.ManageConstraints", role="guillotina.Manager")
configure.grant(
permission="guillotina.ManageConstraints", role="guillotina.ContainerAdmin"
)
configure.grant(permission="guillotina.ReviewContent", role="guillotina.Reviewer")