def test_permissions(self): data = pd.RestrictedMemData( [pd.ColumnSpec(c, pd.String()) for c in ('x', 'y', 'z')], access_rights=pd.AccessRights(('x', (None, pd.Permission.ALL)), ('y', (None, pd.Permission.VIEW)), ('z', ((), pd.Permission.ALL))), ) row = pp.PresentedRow(( pp.Field('x'), pp.Field('y'), pp.Field('z'), pp.Field('zz', virtual=True, computer=pp.computer(lambda r, z: '-' + z + '-')), ), data, None, new=True) assert row.permitted('x', pd.Permission.VIEW) assert row.permitted('x', True) assert row.permitted('y', pd.Permission.VIEW) assert not row.permitted('y', pd.Permission.UPDATE) assert not row.permitted('z', pd.Permission.VIEW) protected_row = row.protected() with pytest.raises(protected_row.ProtectionError): protected_row['z'].value() with pytest.raises(protected_row.ProtectionError): protected_row['zz'].value() # Cover special cases for a non-permitted field in various methods. assert row.get('z', secure=True) is None assert row.display('z') == '' assert row.enumerate('z') == [] assert not row.editable('z')
class FormActionLogView(FormActionLog): # This specification is used for viewing the logs through admin forms. public = True access_rights = pd.AccessRights((None, ( ['dmp_view'], pd.Permission.VIEW, )))
class SystemRoles(Roles): title = _("Systémové role") help = _("Systémové role jsou uživatelům přiřazeny automaticky.") layout = columns = ('name', 'system_role', 'description') condition = pd.NE('system_role', pd.Value(pd.String(), None)) bindings = () access_rights = pd.AccessRights((None, ('cms_admin', pd.Permission.ALL)), (None, ('cms_user', pd.Permission.VIEW)))
class Specification(pp.Specification): access_rights = pd.AccessRights( (None, (('cms_user', 'cms_admin'), pd.Permission.ALL))) public = True def _spec_name(self, name, needed_in_wiking=True): # Hack to allow namespaced spec names in wx app and plain module names in Wiking (the # specification is inherited by the Wiking Module). return 'cms.' + name
class Actions(Specification): title = _("Dostupné akce") help = _("Výčet podporovaných akcí pro jednotlivé moduly.") table = 'cms_actions' access_rights = pd.AccessRights((None, ('cms_admin', pd.Permission.ALL)), (None, ('cms_user', pd.Permission.VIEW))) def fields(self): return (Field('action_id', default=nextval('cms_actions_action_id_seq')), Field('mod_id', _("Modul"), not_null=True, codebook=self._spec_name('Modules', False)), Field('name', _("Title"), width=16), Field('description', _("Description"), width=64)) sorting = (('action_id', ASC), ) layout = ('name', 'description') columns = ('name', 'description') cb = CodebookSpec(display='name')
class GenericActions(Actions): title = _("Akce společné pro všechny položky men") help = _("Výčet podporovaných akcí společných pro všechny položky menu.") condition = pd.EQ('mod_id', pd.Value(pd.Integer(), None)) access_rights = pd.AccessRights((None, ('cms_admin', pd.Permission.ALL)), (None, ('cms_user', pd.Permission.VIEW)))
class Modules(Specification): title = _("Moduly") help = _("Správa rozšiřujících modulů použitelných ve stránkách.") table = 'cms_modules' access_rights = pd.AccessRights((None, ('cms_admin', pd.Permission.ALL)), (None, ('cms_user', pd.Permission.VIEW))) def fields(self): return ( Field('mod_id', default=nextval('cms_modules_mod_id_seq')), Field('modname', _("Title"), width=32), Field('descr', _("Description"), width=64, virtual=True, editable=NEVER, computer=computer(self._descr)), ) def _module(self, modname): if modname: for python_module_name in self._SEARCH_MODULES: python_module = __import__(python_module_name) for component in python_module_name.split('.')[1:]: python_module = getattr(python_module, component) if hasattr(python_module, modname): module = getattr(python_module, modname) import wiking if type(module) == type(wiking.Module) and issubclass( module, wiking.Module): return module return None def _descr(self, rrecord, modname): module = self._module(modname) if module: return module.descr() or module.title() else: return None sorting = ('modname', ASC), cb = CodebookSpec(display='modname', prefer_display=True) layout = ('modname', 'descr') columns = ('modname', 'descr') def bindings(self): return (Binding('actions', _("Dostupné akce tohoto modul"), self._spec_name('Actions'), 'mod_id'), ) def actions(self): return (Action('reload', _("Přenačíst dostupné akce"), self._reload_actions), ) def on_delete_record(self, record): import pytis.form data = pytis.form.create_data_object(self._spec_name('Menu')) count = data.select(condition=pd.EQ('mod_id', record['mod_id'])) data.close() if count: return _( "Modul je používán v existujících stránkách.\n" "Pokud jej chcete vymazat, zrušte nejprve všechny navázané stránky." ) else: return True #def on_new_record(self, prefill, transaction=None): # import pytis.form # record = pytis.form.new_record(self._spec_name('Modules'), prefill=prefill, # block_on_new_record=True, transaction=transaction) # if record: # # return record def _reload_actions(self, record): import wiking def action_descr(module, action): if issubclass(module, wiking.PytisModule): for a in module.Spec.actions: if a.name() == action: return a.descr() or a.title() try: return dict(self._DEFAULT_ACTIONS)[action] except KeyError: method = getattr(module, 'action_' + action) docstring = method.__doc__ return docstring and docstring.splitlines()[0] or _( "Neuvedeno") module = self._module(record['modname'].value()) if module: from pytis.form import run_dialog, CheckListDialog, create_data_object data = create_data_object(self._spec_name('Actions')) data.select(condition=pd.EQ('mod_id', record['mod_id'])) existing_actions = {} while True: row = data.fetchone() if row is None: break else: existing_actions[row['name'].value()] = row['action_id'] data.close() actions = [ attr[7:] for attr in dir(module) if attr.startswith('action_') and isinstance(getattr(module, attr), collections.Callable) ] default_actions = [a[0] for a in self._DEFAULT_ACTIONS] # Order default actions first and in the order of self._DEFAULT_ACTIONS. order = lambda a: a in default_actions and (default_actions.index( a) + 1) or a actions.sort(lambda a, b: cmp(order(a), order(b))) descriptions = [action_descr(module, action) for action in actions] result = run_dialog( CheckListDialog, title=_("Nalezené akce"), message=_("Zaškrtněte akce, které chcete zpřístupnit webovým " "uživatelům:"), items=zip([a in existing_actions for a in actions], actions, descriptions), columns=(_("Action"), _("Description"))) if result is not None: # TODO: Use a transaction. Respect existing actions. for i, action in enumerate(actions): if result[i]: description_value = pd.Value(pd.String(), descriptions[i] or None) try: key = existing_actions[action] except KeyError: rowdata = [('mod_id', record['mod_id']), ('name', pd.Value(pd.String(), action)), ('description', description_value)] data.insert(pd.Row(rowdata)) else: data.update( (key, ), pd.Row((('description', description_value), ))) _DEFAULT_ACTIONS = ( ('view', _("Zobrazení záznam")), ('list', _("Výpis všech záznamů")), ('export', _("Export tabulky do CSV formát")), ('rss', _("Zobrazení RSS kanálů")), ('insert', _("Vložení nového záznam")), ('update', _("Editace stávajícího záznam")), ('delete', _("Smazání záznam")), ('print_field', _("Export tisknutelných políček do PDF")), ) _SEARCH_MODULES = () """Defines list of names python modules which should be searched for available Wiking modules.
class DisabledCountries(Countries): """Just for testing the behavior of bindings with insufficient acceess rights.""" public = True access_rights = pd.AccessRights((None, (['xxx'], pd.Permission.VIEW)), )