Commit 6bab1e3f authored by Jean-Paul Smets's avatar Jean-Paul Smets

Merged changes by Klaus to support ERP5Security


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4169 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent ffc06cd9
...@@ -34,6 +34,19 @@ from Products.CMFCore.Expression import createExprContext ...@@ -34,6 +34,19 @@ from Products.CMFCore.Expression import createExprContext
from Products.ERP5Type import _dtmldir from Products.ERP5Type import _dtmldir
from Products.ERP5Type import Permissions as ERP5Permissions from Products.ERP5Type import Permissions as ERP5Permissions
# Security uses ERP5Security by default
try:
from Products.ERP5Security import ERP5UserManager
except ImportError:
ERP5UserManager = None
# If ERP5Security is not installed try NuxUserGroups
if ERP5UserManager is None:
try:
from Products import NuxUserGroups
except ImportError:
NuxUserGroups = None
from RoleProviderBase import RoleProviderBase from RoleProviderBase import RoleProviderBase
from RoleInformation import ori from RoleInformation import ori
...@@ -70,6 +83,11 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -70,6 +83,11 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
'label':'Product factory method'}, 'label':'Product factory method'},
{'id':'init_script', 'type': 'string', 'mode':'w', {'id':'init_script', 'type': 'string', 'mode':'w',
'label':'Init Script'}, 'label':'Init Script'},
{'id':'acquire_local_roles'
, 'type': 'boolean'
, 'mode':'w'
, 'label':'Acquire Local Roles'
},
{'id':'filter_content_types', 'type': 'boolean', 'mode':'w', {'id':'filter_content_types', 'type': 'boolean', 'mode':'w',
'label':'Filter content types?'}, 'label':'Filter content types?'},
{'id':'allowed_content_types' {'id':'allowed_content_types'
...@@ -95,9 +113,10 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -95,9 +113,10 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
, 'mode':'w' , 'mode':'w'
, 'label':'Base Categories' , 'label':'Base Categories'
, 'select_variable':'getBaseCategoryList' , 'select_variable':'getBaseCategoryList'
}, },
)) ))
acquire_local_roles = True
property_sheet_list = () property_sheet_list = ()
base_category_list = () base_category_list = ()
init_script = '' init_script = ''
...@@ -143,6 +162,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -143,6 +162,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
""" """
ob = FactoryTypeInformation.constructInstance( ob = FactoryTypeInformation.constructInstance(
self, container, id, *args, **kw) self, container, id, *args, **kw)
if bypass_init_script : if bypass_init_script :
return ob return ob
...@@ -198,15 +218,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -198,15 +218,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
""" """
Assign Local Roles to Groups on object, based on Portal Type Role Definitions Assign Local Roles to Groups on object, based on Portal Type Role Definitions
""" """
user_name = getSecurityManager().getUser().getUserName() if ERP5UserManager is not None:
# First of all, check that NuxUserGroups is here. Otherwise, it's not possible to give Roles to Groups user_name = getSecurityManager().getUser().getId() # We use id for roles in ERP5Security
try: elif NuxUserGroups is not None:
import Products.NuxUserGroups user_name = getSecurityManager().getUser().getUserName()
except ImportError: else:
raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\ raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\
'Please install it to benefit from group-based security' 'Please install it to benefit from group-based security'
# Retrieve applicable roles # Retrieve applicable roles
role_mapping = self.getFilteredRoleListFor(object = self) # kw provided in order to take any appropriate action role_mapping = self.getFilteredRoleListFor(object = self) # kw provided in order to take any appropriate action
role_category_list = {} role_category_list = {}
...@@ -276,12 +295,21 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -276,12 +295,21 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
if not group_id_role_dict.has_key(group_id): if not group_id_role_dict.has_key(group_id):
group_id_role_dict[group_id] = [] group_id_role_dict[group_id] = []
group_id_role_dict[group_id].append(role) group_id_role_dict[group_id].append(role)
#Clean old group roles if ERP5UserManager is not None: # Default implementation
old_group_list = object.get_local_group_roles() #Clean old group roles
object.manage_delLocalGroupRoles([x[0] for x in old_group_list]) old_group_list = object.get_local_roles()
#Assign new roles object.manage_delLocalRoles([x[0] for x in old_group_list])
for group, role_list in group_id_role_dict.items(): #Assign new roles
object.manage_addLocalGroupRoles(group, role_list) for group, role_list in group_id_role_dict.items():
object.manage_addLocalRoles(group, role_list)
else: # NuxUserGroups implementation
#Clean old group roles
old_group_list = object.get_local_group_roles()
object.manage_delLocalGroupRoles([x[0] for x in old_group_list])
#Assign new roles
for group, role_list in group_id_role_dict.items():
object.manage_addLocalGroupRoles(group, role_list)
security.declarePublic('getFilteredRoleListFor') security.declarePublic('getFilteredRoleListFor')
def getFilteredRoleListFor(self, object=None, **kw): def getFilteredRoleListFor(self, object=None, **kw):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment