Commit 44960025 authored by Bartek Górny's avatar Bartek Górny

Changed security script naming - not to overwrite ERP5Type_getSecurityCategoryFromAssignment

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12591 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 4b44364c
<type_roles> <type_roles>
<role id='Associate'> <role id='Associate'>
<property id='title'>Project Associates</property> <property id='title'>Project Associates</property>
<property id='description'>Policy: */project <property id='description'>Policy: */project
Rule: all project members have a right to access document once it has been shared or released</property> Rule: all project members have a right to access document once it has been shared or released</property>
<property id='condition'>python:object.Document_policyApplies('*/project')</property> <property id='condition'>python:object.Document_policyApplies('*/project')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>source_project</multi_property> <multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Project Director</property> <property id='title'>Project Director</property>
<property id='description'>Policy: */project <property id='description'>Policy: */project
Rule: project director is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property> Rule: project director is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property>
<property id='condition'>python:object.Document_policyApplies('*/project')</property> <property id='condition'>python:object.Document_policyApplies('*/project')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
<multi_property id='category'>function/knowledge/manager</multi_property> <multi_property id='category'>function/knowledge/manager</multi_property>
<multi_property id='base_category'>function</multi_property> <multi_property id='base_category'>function</multi_property>
...@@ -21,87 +22,93 @@ Rule: project director is an Assignor (has management rights to the doc - can re ...@@ -21,87 +22,93 @@ Rule: project director is an Assignor (has management rights to the doc - can re
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Owner</property> <property id='title'>Owner</property>
<property id='description'>Policy: */* <property id='description'>Policy: */*
Rule: the creator is Assignee - can edit the doc and submit it</property> Rule: the creator is Assignee - can edit the doc and submit it</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromUser</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromUser</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>reference</multi_property> <multi_property id='base_category'>reference</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Organisation members</property> <property id='title'>Organisation members</property>
<property id='description'>Policy: */* <property id='description'>Policy: */*
Rule: all people working for the same organisation are Auditors (we identify the organisation by the first part of the "group" path) Rule: all people working for the same organisation are Auditors (we identify the organisation by the first part of the "group" path)
This does not apply if it is a project document and does not have a project</property> This does not apply if it is a project document and does not have a project</property>
<property id='condition'>python: not object.Document_policyApplies('*/restricted') and (object.Document_policyApplies('*/project') or not object.Document_policyApplies('*/project',True) )</property> <property id='condition'>python: not object.Document_policyApplies('*/restricted') and (object.Document_policyApplies('*/project') or not object.Document_policyApplies('*/project',True) )</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Project Collaborators</property> <property id='title'>Project Collaborators</property>
<property id='description'>Policy: collaborative/project <property id='description'>Policy: collaborative/project
Rule: all members of project team can edit the document before it is submitted, and can submit it</property> Rule: all members of project team can edit the document before it is submitted, and can submit it</property>
<property id='condition'>python:object.Document_policyApplies('collaborative/project')</property> <property id='condition'>python:object.Document_policyApplies('collaborative/project')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>source_project</multi_property> <multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Team Director</property> <property id='title'>Team Director</property>
<property id='description'>Policy: */team <property id='description'>Policy: */team
Rule: team manager is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property> Rule: team manager is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property>
<property id='condition'>python:object.Document_policyApplies('*/team')</property> <property id='condition'>python:object.Document_policyApplies('*/team')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignmentTree</property>
<multi_property id='category'>function/auc/department/director_of_department</multi_property> <multi_property id='category'>function/auc/department/director_of_department</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
<multi_property id='base_category'>function</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Team Deputy</property> <property id='title'>Team Deputy</property>
<property id='description'>Policy: */team <property id='description'>Policy: */team
Rule: team manager is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property> Rule: team manager is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property>
<property id='condition'>python:object.Document_policyApplies('*/team')</property> <property id='condition'>python:object.Document_policyApplies('*/team')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignmentTree</property>
<multi_property id='category'>function/auc/department/deputy_director_of_department</multi_property> <multi_property id='category'>function/auc/department/deputy_director_of_department</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
<multi_property id='base_category'>function</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Associate'> <role id='Associate'>
<property id='title'>Team Associates</property> <property id='title'>Team Associates</property>
<property id='description'>Policy: */team <property id='description'>Policy: */team
Rule: all team members have a right to access document once it has been shared or released</property> Rule: all team members have a right to access document once it has been shared or released</property>
<property id='condition'>python:object.Document_policyApplies('*/team')</property> <property id='condition'>python:object.Document_policyApplies('*/team')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignmentTree</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Team Collaborators</property> <property id='title'>Team Collaborators</property>
<property id='description'>Policy: collaborative/team <property id='description'>Policy: collaborative/team
Rule: all members of the team can edit the document before it is submitted, and can submit it</property> Rule: all members of the team can edit the document before it is submitted, and can submit it</property>
<property id='condition'>python:object.Document_policyApplies('collaborative/team')</property> <property id='condition'>python:object.Document_policyApplies('collaborative/team')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignmentTree</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Public Collaborators</property> <property id='title'>Public Collaborators</property>
<property id='description'>Policy: collaborative/public <property id='description'>Policy: collaborative/public
Rule: everyone in the organisation (root group) can edit the doc before it is submitted, and can suggest its publication</property> Rule: everyone in the organisation (root group) can edit the doc before it is submitted, and can suggest its publication</property>
<property id='condition'>python:object.Document_policyApplies('collaborative/public')</property> <property id='condition'>python:object.Document_policyApplies('collaborative/public')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property>
<multi_property id='category'></multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Public Reviewer</property> <property id='title'>Public Reviewer</property>
<property id='description'>Policy: collaborative/public <property id='description'>Policy: collaborative/public
Rule: any person with knowledge/manager role can publish the document and manage access rights to it</property> Rule: any person with knowledge/manager role can publish the document and manage access rights to it</property>
<property id='condition'>python:object.Document_policyApplies('collaborative/public')</property> <property id='condition'>python:object.Document_policyApplies('collaborative/public')</property>
<property id='priority'>10.0</property> <property id='priority'>10</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignmentTree</property>
<multi_property id='category'>function/knowledge/manager</multi_property> <multi_property id='category'>function/knowledge/manager</multi_property>
<multi_property id='base_category'>function</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
......
...@@ -69,11 +69,11 @@ ...@@ -69,11 +69,11 @@
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>"""\n <value> <string>"""\n
This does the same as ERP5Type_getSecurityCategoryFromAssignment, but we use it if we want\n This does the same as ERP5Type_getSecurityCategoryFromAssignmentTree, but we use it if we want\n
only the group the user is directly assigned to (not the whole group hierarchy path).\n only the group the user is directly assigned to (not the whole group hierarchy path).\n
"""\n """\n
\n \n
return context.ERP5Type_getSecurityCategoryFromAssignment(base_category_list, user_name, object, portal_type, strict=True)\n return context.ERP5Type_getSecurityCategoryFromAssignmentTree(base_category_list, user_name, object, portal_type, strict=True)\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
......
...@@ -239,7 +239,7 @@ return category_list\n ...@@ -239,7 +239,7 @@ return category_list\n
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromAssignment</string> </value> <value> <string>ERP5Type_getSecurityCategoryFromAssignmentTree</string> </value>
</item> </item>
<item> <item>
<key> <string>warnings</string> </key> <key> <string>warnings</string> </key>
......
...@@ -75,10 +75,10 @@ Core security script - defines the way to get security groups of the current use ...@@ -75,10 +75,10 @@ Core security script - defines the way to get security groups of the current use
# XXX-JPS This code is quite frightening. I wonder really what it is for.\n # XXX-JPS This code is quite frightening. I wonder really what it is for.\n
\n \n
return (\n return (\n
(\'ERP5Type_getSecurityCategoryFromAssignment\', [\'function\'] ),\n (\'ERP5Type_getSecurityCategoryFromAssignmentTree\', [\'function\'] ),\n
(\'ERP5Type_getSecurityCategoryFromAssignment\', [\'source_project\'] ),\n (\'ERP5Type_getSecurityCategoryFromAssignmentTree\', [\'source_project\'] ),\n
(\'ERP5Type_getSecurityCategoryFromAssignment\', [\'function\', \'source_project\'] ),\n (\'ERP5Type_getSecurityCategoryFromAssignmentTree\', [\'function\', \'source_project\'] ),\n
(\'ERP5Type_getSecurityCategoryFromAssignment\', [\'group\'] ),\n (\'ERP5Type_getSecurityCategoryFromAssignmentTree\', [\'group\'] ),\n
(\'ERP5Type_getSecurityCategoryRoot\', [\'group\']),\n (\'ERP5Type_getSecurityCategoryRoot\', [\'group\']),\n
)\n )\n
</string> </value> </string> </value>
......
...@@ -69,14 +69,14 @@ ...@@ -69,14 +69,14 @@
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>"""\n <value> <string>"""\n
This is the same as ERP5Type_getSecurityCategoryFromAssignment\n This is the same as ERP5Type_getSecurityCategoryFromAssignmentTree\n
only it returns only the first part of category\n only it returns only the first part of category\n
It is used e.g. to figure out if the user is working anywhere\n It is used e.g. to figure out if the user is working anywhere\n
in the certain organisation - for this, all we need is the first part\n in the certain organisation - for this, all we need is the first part\n
of the group category.\n of the group category.\n
"""\n """\n
\n \n
return context.ERP5Type_getSecurityCategoryFromAssignment(base_category_list, user_name, object, portal_type, strict=True, root=True)\n return context.ERP5Type_getSecurityCategoryFromAssignmentTree(base_category_list, user_name, object, portal_type, strict=True, root=True)\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
......
506 508
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment