ERP5Workflow: add updateRoleMappings method for updating roles on objects

c701ed94 · iv · 332281fb · c701ed94
Commit c701ed94 authored Sep 01, 2016 by iv
Hide whitespace changes
Inline Side-by-side

Showing with 62 additions and 21 deletions

product/ERP5Workflow/Document/Workflow.py product/ERP5Workflow/Document/Workflow.py +62 -21

No files found.
--- a/product/ERP5Workflow/Document/Workflow.py
+++ b/product/ERP5Workflow/Document/Workflow.py
@@ -62,6 +62,8 @@ from tempfile import mktemp
 from types import StringTypes
 from zLOG import LOG, INFO, WARNING

+ACTIVITY_GROUPING_COUNT = 100
+
 class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
  """
  A ERP5 Workflow.
@@ -209,31 +211,70 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):

  security.declarePrivate('updateRoleMappingsFor')
  def updateRoleMappingsFor(self, document):
-    """Changes the object permissions according to the current state.
+    """
+    Changes the object permissions according to the current state.
    """
    changed = 0
-    sdef = self._getWorkflowStateOf(document, id_only=0)
-    if sdef is None:
-        return 0
-    # zwj: get all matrix cell objects
-    permission_role_matrix_cells = sdef.objectValues(portal_type = "PermissionRoles")
-    # zwj: build a permission roles dict
-    for perm_role in permission_role_matrix_cells:
-      permission, role = perm_role.getPermissionRole()
-      # zwj: double check the right role and permission are obtained
-      if permission != 'None':
-        if self.erp5_permission_roles.has_key(permission):
-          self.erp5_permission_roles[permission] += (role,)
-        else:
-          self.erp5_permission_roles.update({permission : (role,)})
-    # zwj: update role list to permission
-    for permission_roles in self.erp5_permission_roles.keys():
-      if modifyRolesForPermission(document, permission_roles, self.erp5_permission_roles[permission_roles]):
-        changed = 1
-        # zwj: clean Permission Role list for the next role mapping
-      del self.erp5_permission_roles[permission_roles]
+    state = self._getWorkflowStateOf(document, id_only=False)
+    if state is not None:
+      for permission, role_list in state.state_permission_roles.items():
+        if modifyRolesForPermission(document, permission, role_list):
+          changed = 1
    return changed

+  # This method allows to update all objects using one workflow, for example
+  # after the permissions per state for this workflow were modified
+  def updateRoleMappings(self, REQUEST=None):
+    """
+    Changes permissions of all objects related to this workflow
+    """
+    # XXX(WORKFLOW) add test for roles update:
+    #  - edit permission/roles on a workflow
+    #  - check permission on an existing object of a type using this workflow
+    workflow_tool = aq_parent(aq_inner(self))
+    chain_by_type = workflow_tool._chains_by_type
+    type_info_list = workflow_tool._listTypeInfo()
+    workflow_id = self.id
+    portal_type_id_list = []
+
+    # look into old chain_by_type (for compatibility)
+    for type_info in type_info_list:
+      type_info_id = type_info.getId()
+      if chain_by_type.has_key(type_info_id) and \
+         workflow_id in chain_by_type[type_info_id]:
+          portal_type_id_list.append(type_info_id)
+      elif workflow_id in workflow_tool._default_chain:
+        portal_type_id_list.append(type_info_id)
+
+    # check the workflow defined on the portal type objects
+    for portal_type in self.getPortalObject().portal_types.objectValues(portal_type='Base Type'):
+      if workflow_id in portal_type.getTypeWorkflowList():
+        portal_type_id_list.append(portal_type.getId())
+
+    if portal_type_id_list:
+      object_list = self.portal_catalog(portal_type=portal_type_id_list, limit=None)
+      portal_activities = self.portal_activities
+      object_path_list = [x.path for x in object_list]
+      for i in xrange(0, len(object_list), ACTIVITY_GROUPING_COUNT):
+        current_path_list = object_path_list[i:i+ACTIVITY_GROUPING_COUNT]
+        portal_activities.activate(activity='SQLQueue',
+                                    priority=3)\
+              .callMethodOnObjectList(current_path_list,
+                                      'updateRoleMappingsFor',
+                                      wf_id = self.getId())
+    else:
+      object_list = []
+
+    if REQUEST is not None:
+      message = 'No object updated.'
+      if object_list:
+        message = '%d object(s) updated: \n %s.' % (len(object_list),
+          ', '.join([o.getTitleOrId() + ' (' + o.getPortalType() + ')'
+                     for o in object_list]))
+      return message
+    else:
+      return len(object_list)
+
  def getManagedRoleList(self):
    return sorted(self.getPortalObject().getDefaultModule('acl_users').valid_roles())