Skip to content

erp5
erp5
Commit 0632686f authored by Jean-Paul Smets's avatar Jean-Paul Smets
Browse files
Options

New security scripts which are able to handle share.here, share.up and... 

New security scripts which are able to handle share.here, share.up and share.down rules in large trees as well as generate cartesian products for security groups whenever multiple values are defined for a given base category.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12985 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 2da4f704
Hide whitespace changes
Inline Side-by-side
Showing with 1233 additions and 49 deletions
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_asSecurityGroupId.xml
View file @ 0632686f
......@@ -104,9 +104,6 @@ to a Person instance. This is useful to implement user based local role assignme
instead of abstract security based local roles.\n
"""\n
\n
code_list = []\n
user_list = []\n
\n
# sort the category list lexicographically\n
# this prevents us to choose the exact order we want,\n
# but also prevents some human mistake to break everything by creating site_function instead of function_site\n
......@@ -116,34 +113,51 @@ if category_order not in (None, \'\'):\n
else:\n
category_order = []\n
\n
# Prepare a cartesian product\n
from Products.ERP5Type.Utils import cartesianProduct\n
list_of_list = []\n
user_list = []\n
for base_category in category_order:\n
category_list = kw[base_category]\n
if same_type(category_list, \'\'):\n
category_list = [category_list]\n
for category in category_list:\n
category_path = \'%s/%s\' % (base_category, category)\n
category_object = context.portal_categories.getCategoryValue(category_path)\n
if category_object in (None, \'\'):\n
raise "SecurityRoleDefinitionError", "Category \'%s\' doesn\'t exist" % (category_path)\n
if category_object.getPortalType() == \'Person\':\n
# We define a person here\n
user_name = category_object.getReference()\n
if user_name is not None: user_list.append(user_name)\n
else:\n
# We define a group item here based on codification or reference is possible\n
# ID, else\n
try:\n
category_code = category_object.getCodification() or category_object.getId()\n
except AttributeError:\n
try:\n
category_code = category_object.getReference() or category_object.getId()\n
except AttributeError:\n
category_code = category_object.getId()\n
code_list.append(category_code)\n
# It is acceptable for a category not to be defined\n
if kw.has_key(base_category):\n
category_list = kw[base_category]\n
associative_list = []\n
if same_type(category_list, \'\'):\n
category_list = [category_list]\n
for category in category_list:\n
if category.endswith(\'*\'):\n
category = category[:-1]\n
is_child_category = 1\n
else:\n
is_child_category = 0\n
category_path = \'%s/%s\' % (base_category, category)\n
category_object = context.portal_categories.getCategoryValue(category_path)\n
if category_object in (None, \'\'):\n
raise "SecurityRoleDefinitionError", "Category \'%s\' doesn\'t exist" % (category_path)\n
portal_type = category_object.getPortalType()\n
if portal_type == \'Person\':\n
# We define a person here\n
user_name = category_object.getReference()\n
if user_name is not None: user_list.append(user_name)\n
else:\n
if portal_type == \'Category\':\n
category_code = category_object.getCodification() or category_object.getId()\n
else:\n
try:\n
category_code = category_object.getReference() or category_object.getId()\n
except AttributeError:\n
category_code = category_object.getId()\n
if is_child_category: category_code += \'*\'\n
associative_list.append(category_code)\n
# Prevent making a cartesian product with an empty set\n
if associative_list:\n
list_of_list.append(associative_list)\n
\n
# Return a list of users or a single group\n
# Return a list of users if any was defined\n
if user_list: return user_list\n
return \'_\'.join(code_list)\n
\n
# Compute the cartesian product and return the codes\n
return filter(lambda x: x, map(lambda x: \'_\'.join(x), cartesianProduct(list_of_list)))\n
</string> </value>
</item>
<item>
......@@ -188,23 +202,30 @@ return \'_\'.join(code_list)\n
<tuple>
<string>category_order</string>
<string>kw</string>
<string>code_list</string>
<string>user_list</string>
<string>None</string>
<string>list</string>
<string>_getattr_</string>
<string>Products.ERP5Type.Utils</string>
<string>cartesianProduct</string>
<string>list_of_list</string>
<string>user_list</string>
<string>_getiter_</string>
<string>base_category</string>
<string>_getitem_</string>
<string>category_list</string>
<string>associative_list</string>
<string>same_type</string>
<string>category</string>
<string>is_child_category</string>
<string>category_path</string>
<string>context</string>
<string>category_object</string>
<string>portal_type</string>
<string>user_name</string>
<string>category_code</string>
<string>AttributeError</string>
<string>filter</string>
<string>map</string>
</tuple>
</value>
</item>
......
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromAssignment.xml
View file @ 0632686f
......@@ -70,19 +70,33 @@
<key> <string>_body</string> </key>
<value> <string encoding="cdata"><![CDATA[
# XXX For now, this script requires proxy manager to retrieve the Person object in all cases\n
"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current user assignment.\n
It is useful in the following cases:\n
\n
# base_category_list : list of category values we need to retrieve\n
# user_name : string obtained from getSecurityManager().getUser().getUserName() [NuxUserGroup]\n
# or from getSecurityManager().getUser().getId() [PluggableAuthService with ERP5GroupManager]\n
# object : object which we want to assign roles to.\n
# portal_type : portal type of object\n
- associate a document (ex. an accounting transaction)\n
to the division which the user was assigned to\n
at the time it was created\n
\n
# must always return a list of dicts\n
- calculate security membership of a user\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
# Get the Person module\n
person_module = context.portal_url.getPortalObject().getDefaultModule(\'Person\')\n
\n
# It is better to keep getObject(), in this script this\n
# prevent a very strange bug, sometimes without getObject the\n
# assignment is not found\n
......@@ -98,16 +112,23 @@ if len(person_object_list) != 1:\n
return []\n
person_object = person_object_list[0]\n
\n
# We look for valid assignments of this user\n
# We look for every valid assignments of this user\n
for assignment in person_object.contentValues(filter={\'portal_type\': \'Assignment\'}):\n
if assignment.getValidationState() == \'open\':\n
category_dict = {}\n
for base_category in base_category_list:\n
category_value = assignment.getProperty(base_category)\n
if category_value not in (None, \'\'):\n
category_dict[base_category] = category_value\n
else:\n
raise RuntimeError, "Error: \'%s\' property is required in order to update person security group" % (base_category)\n
category_value_list = assignment.getValueList(base_category)\n
if category_value_list:\n
for category_value in category_value_list:\n
if child:\n
if category_value.getPortalType() == \'Category\':\n
while category_value.getPortalType() == \'Category\':\n
category_dict.setdefault(base_category, []).append(\'%s*\' % category_value.getRelativeUrl())\n
category_value = category_value.getParentValue()\n
else:\n
category_dict.setdefault(base_category, []).append(category_value.getRelativeUrl())\n
else:\n
category_dict.setdefault(base_category, []).append(category_value.getRelativeUrl())\n
category_list.append(category_dict)\n
\n
return category_list\n
......@@ -129,7 +150,7 @@ return category_list\n
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
<value> <string>base_category_list, user_name, object, portal_type, child=0</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
......@@ -157,7 +178,7 @@ return category_list\n
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
<value> <int>5</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
......@@ -167,6 +188,7 @@ return category_list\n
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>child</string>
<string>category_list</string>
<string>_getattr_</string>
<string>context</string>
......@@ -183,10 +205,8 @@ return category_list\n
<string>assignment</string>
<string>category_dict</string>
<string>base_category</string>
<string>category_value_list</string>
<string>category_value</string>
<string>None</string>
<string>_write_</string>
<string>RuntimeError</string>
</tuple>
</value>
</item>
......@@ -198,7 +218,9 @@ return category_list\n
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
<tuple>
<int>0</int>
</tuple>
</value>
</item>
<item>
......
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromAssignmentParent.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>return context.ERP5Type_getSecurityCategoryFromAssignment(base_category_list,\n
user_name, object, portal_type, child=1)\n
</string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>base_category_list</string>
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>_getattr_</string>
<string>context</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromAssignmentParent</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromContent.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current content. It is useful in the\n
following cases:\n
\n
- calculate a security group based on a given\n
category of the current object (ex. group). This\n
is used for example in ERP5 DMS to calculate\n
document security.\n
\n
- assign local roles to a document based on\n
the person which the object related to through\n
a given base category (ex. destination). This\n
is used for example in ERP5 Project to calculate\n
Task / Task Report security.\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
if object is None:\n
return []\n
\n
for base_category in base_category_list:\n
category_list.append({base_category: object.getCategoryMembershipList(base_category)})\n
\n
return category_list\n
</string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>base_category_list</string>
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>category_list</string>
<string>None</string>
<string>_getiter_</string>
<string>base_category</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromContent</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityChildCategoryFromAssignment.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string encoding="cdata"><![CDATA[
"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current user assignment.\n
It is useful in the following cases:\n
\n
- associate a document (ex. an accounting transaction)\n
to the division which the user was assigned to\n
at the time it was created\n
\n
- calculate security membership of a user\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
# Get the Person module\n
person_module = context.portal_url.getPortalObject().getDefaultModule(\'Person\')\n
\n
# It is better to keep getObject(), in this script this\n
# prevent a very strange bug, sometimes without getObject the\n
# assignment is not found\n
person_object_list = [x.getObject() for x in person_module.searchFolder(portal_type=\'Person\', reference=user_name)]\n
\n
if len(person_object_list) != 1:\n
if len(person_object_list) > 1:\n
raise ConsistencyError, "Error: There is more than one Person with reference \'%s\'" % user_name\n
else:\n
# if a person_object was not found in the module, we do nothing more\n
# this happens for example when a manager with no associated person object\n
# creates a person_object for a new user\n
return []\n
person_object = person_object_list[0]\n
\n
# We look for every valid assignments of this user\n
for assignment in person_object.contentValues(filter={\'portal_type\': \'Assignment\'}):\n
if assignment.getValidationState() == \'open\':\n
category_dict = {}\n
for base_category in base_category_list:\n
category_value_list = assignment.getValueList(base_category)\n
if category_value_list:\n
for category_value in category_value_list:\n
category_dict.setdefault(base_category, []).append(\'%s*\' % category_value.getRelativeUrl())\n
category_list.append(category_dict)\n
\n
return category_list\n
]]></string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>base_category_list</string>
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>category_list</string>
<string>_getattr_</string>
<string>context</string>
<string>person_module</string>
<string>append</string>
<string>$append0</string>
<string>_getiter_</string>
<string>x</string>
<string>person_object_list</string>
<string>len</string>
<string>ConsistencyError</string>
<string>_getitem_</string>
<string>person_object</string>
<string>assignment</string>
<string>category_dict</string>
<string>base_category</string>
<string>category_value_list</string>
<string>category_value</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityChildCategoryFromAssignment</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityChildCategoryFromContent.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current content. It is useful in the\n
following cases:\n
\n
- calculate a security group based on a given\n
category of the current object (ex. group). This\n
is used for example in ERP5 DMS to calculate\n
document security.\n
\n
- assign local roles to a document based on\n
the person which the object related to through\n
a given base category (ex. destination). This\n
is used for example in ERP5 Project to calculate\n
Task / Task Report security.\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
if object is None:\n
return []\n
\n
for base_category in base_category_list:\n
membership_list = map(lambda x: \'%s*\' % x, object.getCategoryMembershipList(base_category))\n
category_list.append({base_category: membership_list})\n
\n
return category_list\n
</string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>base_category_list</string>
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>category_list</string>
<string>None</string>
<string>_getiter_</string>
<string>base_category</string>
<string>map</string>
<string>_getattr_</string>
<string>membership_list</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityChildCategoryFromContent</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityParentCategoryFromAssignment.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string encoding="cdata"><![CDATA[
"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current user assignment and from\n
all its parent assignments. It is useful in the following cases:\n
\n
- associate a document (ex. an accounting transaction)\n
to the division which the user was assigned to\n
at the time it was created and to all the\n
parent divisions. This is useful to get\n
a document reviewed by the managers of user\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
# Get the Person module\n
person_module = context.portal_url.getPortalObject().getDefaultModule(\'Person\')\n
\n
# It is better to keep getObject(), in this script this\n
# prevent a very strange bug, sometimes without getObject the\n
# assignment is not found\n
person_object_list = [x.getObject() for x in person_module.searchFolder(portal_type=\'Person\', reference=user_name)]\n
\n
if len(person_object_list) != 1:\n
if len(person_object_list) > 1:\n
raise ConsistencyError, "Error: There is more than one Person with reference \'%s\'" % user_name\n
else:\n
# if a person_object was not found in the module, we do nothing more\n
# this happens for example when a manager with no associated person object\n
# creates a person_object for a new user\n
return []\n
person_object = person_object_list[0]\n
\n
# We look for every valid assignments of this user\n
for assignment in person_object.contentValues(filter={\'portal_type\': \'Assignment\'}):\n
if assignment.getValidationState() == \'open\':\n
category_dict = {}\n
for base_category in base_category_list:\n
category_value_list = assignment.getValueList(base_category)\n
if category_value_list:\n
for category_value in category_value_list:\n
if category_value.getPortalType() == \'Category\':\n
while category_value.getPortalType() == \'Category\':\n
category_dict.setdefault(base_category, []).append(\'category_value.getRelativeUrl())\n
category_value = category_value.getParentValue()\n
else:\n
category_dict.setdefault(base_category, []).append(category_value.getRelativeUrl())\n
category_list.append(category_dict)\n
\n
return category_list\n
]]></string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple>
<string>EOL while scanning single-quoted string (Script (Python), line 53)</string>
</tuple>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityParentCategoryFromAssignment</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityParentCategoryFromContent.xml 0 → 100644
View file @ 0632686f
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<tuple>
<string>Products.PythonScripts.PythonScript</string>
<string>PythonScript</string>
</tuple>
<none/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Python_magic</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>__ac_local_roles__</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>"""\n
This script returns a list of dictionaries which represent\n
the security groups which a person is member of. It extracts\n
the categories from the current content. It is useful in the\n
following cases:\n
\n
- calculate a security group based on a given\n
category of the current object (ex. group). This\n
is used for example in ERP5 DMS to calculate\n
document security.\n
\n
- assign local roles to a document based on\n
the person which the object related to through\n
a given base category (ex. destination). This\n
is used for example in ERP5 Project to calculate\n
Task / Task Report security.\n
\n
The parameters are\n
\n
base_category_list -- list of category values we need to retrieve\n
user_name -- string obtained from getSecurityManager().getUser().getId()\n
object -- object which we want to assign roles to\n
portal_type -- portal type of object\n
\n
NOTE: for now, this script requires proxy manager\n
"""\n
\n
category_list = []\n
\n
if object is None:\n
return []\n
\n
# Consider all parents of all categories\n
for base_category in base_category_list:\n
member_list = []\n
for category in object.getValueList(base_category):\n
if category.getPortalType() == \'Category\':\n
while category.getPortalType() == \'Category\':\n
member_list.append(category.getRelativeUrl())\n
category = category.getParentValue()\n
else:\n
member_list.append(category.getRelativeUrl())\n
category_list.append({base_category: member_list})\n
\n
return category_list\n
</string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_filepath</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, object, portal_type</string> </value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>4</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>base_category_list</string>
<string>user_name</string>
<string>object</string>
<string>portal_type</string>
<string>category_list</string>
<string>None</string>
<string>_getiter_</string>
<string>base_category</string>
<string>member_list</string>
<string>_getattr_</string>
<string>category</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityParentCategoryFromContent</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7