def _resolve_maximum_acces_rights(uid):
'''
returns [max_role, lcul] to use in execute_action and check_transaction_permissions.
Defaults to ['guest',0] if user has no roles assigned.
Always returns the maximum privilege.
'''
roles = {bconfig.CLAIMPAPER_ADMIN_ROLE: acc_get_role_id(bconfig.CLAIMPAPER_ADMIN_ROLE),
bconfig.CLAIMPAPER_USER_ROLE: acc_get_role_id(bconfig.CLAIMPAPER_USER_ROLE)}
uroles = acc_get_user_roles(uid)
max_role = ['guest', 0]
for r in roles:
if roles[r] in uroles:
rright = bconfig.CMPROLESLCUL[r]
if rright >= max_role[1]:
max_role = [r, rright]
return max_role
if acc_add_action("referee", "", "no", ("doctype","categ")) == 0:
return errorMsg("Cannot create action 'referee'", req)
else:
actionId = acc_get_action_id("referee")
#create arguments
arg1Id = acc_add_argument("doctype", doctype)
arg2Id = acc_add_argument("categ", categ[1])
# then link the role with the action
if acc_add_role_action_arguments(roleId, actionId, -1, 0, 0, [arg1Id, arg2Id]) == 0:
return errorMsg("Cannot link role with action", req)
roleId = acc_get_role_id(role)
# For each id in the array
if isinstance(addusers, types.ListType):
for adduser in addusers:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(adduser)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(adduser, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
else:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(addusers)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(addusers, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
return page(title="websubmit admin - referee selection",
body=displayRefereesPage(doctype, warningText),
def index(req, c=CFG_SITE_NAME, ln=CFG_SITE_LANG, todo="", id="", doctype="",
categ="", addusers="", warningText="", role=""):
"""Main entry point for the management of referees."""
ln = wash_language(ln)
# get user ID:
uid = getUid(req)
(auth_code, auth_message) = acc_authorize_action(req, "cfgwebsubmit", verbose=0)
if auth_code != 0:
## user is not authorised to use WebSubmit Admin:
return page_not_authorized(req=req, text=auth_message)
# request for deleting a user
if todo == "deleteuser":
acc_delete_user_role(id, name_role=role)
# request for adding user(s)
if todo == "adduser":
role = "referee_%s_%s" % (doctype, categ[1])
roleId = acc_get_role_id(role)
# if the role does not exists, we create it
if roleId == 0:
if acc_add_role(role, "referees for document type %s category %s" % (doctype, categ[1])) == 0:
return errorMsg("Cannot create referee role", req, uid)
else:
roleId = acc_get_role_id(role)
# if the action does not exist, we create it
actionId = acc_get_action_id("referee")
if actionId == 0:
if acc_add_action("referee", "", "no", ("doctype","categ")) == 0:
return errorMsg("Cannot create action 'referee'", req, uid)
else:
actionId = acc_get_action_id("referee")
#create arguments
arg1Id = acc_add_argument("doctype", doctype)
arg2Id = acc_add_argument("categ", categ[1])
# then link the role with the action
if acc_add_role_action_arguments(roleId, actionId, -1, 0, 0, [arg1Id, arg2Id]) == 0:
return errorMsg("Cannot link role with action", req, uid)
roleId = acc_get_role_id(role)
# For each id in the array
if isinstance(addusers, types.ListType):
for adduser in addusers:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(adduser)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(adduser, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
else:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(addusers)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(addusers, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
return page(title="websubmit admin - referee selection",
body=displayRefereesPage(doctype, warningText),
description="",
keywords="",
uid=uid,
language=ln,
req=req)
def index(req,
c=CFG_SITE_NAME,
ln=CFG_SITE_LANG,
todo="",
id="",
doctype="",
categ="",
addusers="",
warningText="",
role=""):
"""Main entry point for the management of referees."""
ln = wash_language(ln)
# get user ID:
uid = getUid(req)
(auth_code, auth_message) = acc_authorize_action(req,
"cfgwebsubmit",
verbose=0)
if auth_code != 0:
## user is not authorised to use WebSubmit Admin:
return page_not_authorized(req=req, text=auth_message)
# request for deleting a user
if todo == "deleteuser":
acc_delete_user_role(id, name_role=role)
# request for adding user(s)
if todo == "adduser":
role = "referee_%s_%s" % (doctype, categ[1])
roleId = acc_get_role_id(role)
# if the role does not exists, we create it
if roleId == 0:
if acc_add_role(
role, "referees for document type %s category %s" %
(doctype, categ[1])) == 0:
return errorMsg("Cannot create referee role", req, uid)
else:
roleId = acc_get_role_id(role)
# if the action does not exist, we create it
actionId = acc_get_action_id("referee")
if actionId == 0:
if acc_add_action("referee", "", "no",
("doctype", "categ")) == 0:
return errorMsg("Cannot create action 'referee'", req, uid)
else:
actionId = acc_get_action_id("referee")
#create arguments
arg1Id = acc_add_argument("doctype", doctype)
arg2Id = acc_add_argument("categ", categ[1])
# then link the role with the action
if acc_add_role_action_arguments(roleId, actionId, -1, 0, 0,
[arg1Id, arg2Id]) == 0:
return errorMsg("Cannot link role with action", req, uid)
roleId = acc_get_role_id(role)
# For each id in the array
if isinstance(addusers, types.ListType):
for adduser in addusers:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(adduser)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(adduser, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
else:
# First check whether this id is not already associated with this rule
myRoles = acc_get_user_roles(addusers)
if not roleId in myRoles:
# Actually add the role to the user
acc_add_user_role(addusers, roleId)
else:
warningText = '<span style="color:#f00">Sorry... This user is already a referee for this category.</span>'
return page(title="websubmit admin - referee selection",
body=displayRefereesPage(doctype, warningText),
description="",
keywords="",
uid=uid,
language=ln,
req=req)
