def revoke_on_distinct_parent(self): distinct_parent = self.get_distinct_parent() # We disabled reindexObjectSecurity and reindex the security manually # instead, to avoid reindexing all objects including all documents. # Because there View permission isn't affected by the `Contributor` role # on the dossier. catalog = api.portal.get_tool('portal_catalog') subdossiers = [ brain.getObject() for brain in catalog( object_provides=[ IDossierMarker.__identifier__, IBaseProposal.__identifier__ ], path='/'.join(distinct_parent.getPhysicalPath())) ] manager = RoleAssignmentManager(distinct_parent) manager.clear(ASSIGNMENT_VIA_TASK, self.responsible_permission_identfier, self.task, reindex=False) manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id, self.task, reindex=False) for dossier in subdossiers: reindex_object_security_without_children(dossier)
def revoke_on_distinct_parent(self): distinct_parent = self.get_distinct_parent() # We disabled reindexObjectSecurity and reindex the security manually # instead, to avoid reindexing all objects including all documents. # Because there View permission isn't affected by the `Contributor` role # on the dossier. catalog = api.portal.get_tool('portal_catalog') subdossiers = [brain.getObject() for brain in catalog( object_provides=[IDossierMarker.__identifier__, IProposal.__identifier__], path='/'.join(distinct_parent.getPhysicalPath()))] manager = RoleAssignmentManager(distinct_parent) manager.clear( ASSIGNMENT_VIA_TASK, self.responsible_permission_identfier, self.task, reindex=False) manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id, self.task, reindex=False) for dossier in subdossiers: reindex_object_security_without_children(dossier)
def revoke_on_related_items(self): for item in getattr(aq_base(self.task), 'relatedItems', []): document = item.to_object manager = RoleAssignmentManager(document) manager.clear(ASSIGNMENT_VIA_TASK, self.responsible_permission_identfier, self.task) manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id, self.task) if self._is_inside_a_proposal(document): proposal = document.get_proposal() manager = RoleAssignmentManager(proposal) manager.clear(ASSIGNMENT_VIA_TASK, self.responsible_permission_identfier, self.task) manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id, self.task)
def revoke_roles_on_task(self): manager = RoleAssignmentManager(self.task) manager.clear(ASSIGNMENT_VIA_TASK, self.responsible_permission_identfier, self.task) manager.clear(ASSIGNMENT_VIA_TASK_AGENCY, self.inbox_group_id, self.task)