def revoke_on_distinct_parent(self):
distinct_parent = self.get_distinct_parent()
# We disabled reindexObjectSecurity and reindex the security manually
# instead, to avoid reindexing all objects including all documents.
# Because there View permission isn't affected by the `Contributor` role
# on the dossier.
catalog = api.portal.get_tool('portal_catalog')
subdossiers = [
brain.getObject() for brain in catalog(
object_provides=[
IDossierMarker.__identifier__, IBaseProposal.__identifier__
],
path='/'.join(distinct_parent.getPhysicalPath()))
]
manager = RoleAssignmentManager(distinct_parent)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier,
self.task,
reindex=False)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY,
self.inbox_group_id,
self.task,
reindex=False)
for dossier in subdossiers:
reindex_object_security_without_children(dossier)
def revoke_on_distinct_parent(self):
distinct_parent = self.get_distinct_parent()
# We disabled reindexObjectSecurity and reindex the security manually
# instead, to avoid reindexing all objects including all documents.
# Because there View permission isn't affected by the `Contributor` role
# on the dossier.
catalog = api.portal.get_tool('portal_catalog')
subdossiers = [brain.getObject() for brain in catalog(
object_provides=[IDossierMarker.__identifier__,
IProposal.__identifier__],
path='/'.join(distinct_parent.getPhysicalPath()))]
manager = RoleAssignmentManager(distinct_parent)
manager.clear(
ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task, reindex=False)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY,
self.inbox_group_id, self.task, reindex=False)
for dossier in subdossiers:
reindex_object_security_without_children(dossier)
def revoke_on_related_items(self):
for item in getattr(aq_base(self.task), 'relatedItems', []):
document = item.to_object
manager = RoleAssignmentManager(document)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id,
self.task)
if self._is_inside_a_proposal(document):
proposal = document.get_proposal()
manager = RoleAssignmentManager(proposal)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id,
self.task)
def revoke_on_related_items(self):
for item in getattr(aq_base(self.task), 'relatedItems', []):
document = item.to_object
manager = RoleAssignmentManager(document)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY,
self.inbox_group_id, self.task)
if self._is_inside_a_proposal(document):
proposal = document.get_proposal()
manager = RoleAssignmentManager(proposal)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY,
self.inbox_group_id, self.task)
def revoke_roles_on_task(self):
manager = RoleAssignmentManager(self.task)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id,
self.task)
def revoke_roles_on_task(self):
manager = RoleAssignmentManager(self.task)
manager.clear(ASSIGNMENT_VIA_TASK,
self.responsible_permission_identfier, self.task)
manager.clear(ASSIGNMENT_VIA_TASK_AGENCY,
self.inbox_group_id, self.task)