def crowd_user_roles(context, uid, registry): """ crowd roles provider return user default roles and user group roles""" roles = set() props = getattr(ptah.resolve(uid), 'properties', None) if props is not None: roles.update(props.get('roles',())) for grp in props.get('groups',()): roles.update(ptah.get_local_roles(grp, context)) return roles
def __call__(self, userid, request): managers = self.cfg['managers'] if userid == ptah.SUPERUSER_URI or '*' in managers: return True role = self.cfg['manager_role'] if role: root = getattr(request, 'root', None) if root is None: root_factory = request.registry.queryUtility( IRootFactory, default=DefaultRootFactory) root = root_factory(request) if role in ptah.get_local_roles(userid, request, root): return True principal = ptah.resolve(userid) if principal is not None and principal.login in managers: return True return False