Commit ae15fad8 authored by Yusuke Muraoka's avatar Yusuke Muraoka

2010-04-06 yusuke

* Updated Base_viewSecurity to see what a user has any local roles on an object in context.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@34295 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent e9dd5b9a
...@@ -54,6 +54,7 @@ ...@@ -54,6 +54,7 @@
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>from AccessControl import getSecurityManager\n <value> <string>from AccessControl import getSecurityManager\n
from zExceptions import Unauthorized\n
u=getSecurityManager().getUser()\n u=getSecurityManager().getUser()\n
print \'User:\',u\n print \'User:\',u\n
print \'Is owner:\',u.allowed(context,(\'Owner\',))\n print \'Is owner:\',u.allowed(context,(\'Owner\',))\n
...@@ -72,6 +73,16 @@ try:\n ...@@ -72,6 +73,16 @@ try:\n
print u.getGroups()\n print u.getGroups()\n
except AttributeError:\n except AttributeError:\n
print \'no getGroups\'\n print \'no getGroups\'\n
\n
print \'\'\'\n
----------------\n
Security mapping\n
----------------\'\'\'\n
try:\n
print context.Base_viewSecurityMappingAsUser(u.getId())\n
except Unauthorized:\n
print "user doesn\'t have permission to security mapping in this context"\n
\n
return printed\n return printed\n
</string> </value> </string> </value>
</item> </item>
...@@ -113,6 +124,8 @@ return printed\n ...@@ -113,6 +124,8 @@ return printed\n
<string>_print</string> <string>_print</string>
<string>AccessControl</string> <string>AccessControl</string>
<string>getSecurityManager</string> <string>getSecurityManager</string>
<string>zExceptions</string>
<string>Unauthorized</string>
<string>_getattr_</string> <string>_getattr_</string>
<string>u</string> <string>u</string>
<string>context</string> <string>context</string>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<tuple>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
<tuple/>
</tuple>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string encoding="cdata"><![CDATA[
group_id_list_generator = getattr(context, \'ERP5Type_asSecurityGroupId\')\n
\n
security_category_dict = {}\n
for method_id, base_category_list in context.ERP5Type_getSecurityCategoryMapping():\n
security_category_dict.setdefault(tuple(base_category_list), []).extend(\n
getattr(context, method_id)(base_category_list, login, context, \'\'))\n
\n
for base_category_list, category_value_list in security_category_dict.items():\n
print \'base_category_list:\', base_category_list\n
for category_dict in category_value_list:\n
print \'-> category_dict:\', category_dict\n
print \'-->\', group_id_list_generator(category_order=base_category_list,\n
**category_dict)\n
return printed\n
]]></string> </value>
</item>
<item>
<key> <string>_code</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>login</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
<string>Member</string>
</tuple>
</value>
</item>
<item>
<key> <string>errors</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>func_code</string> </key>
<value>
<object>
<klass>
<global name="FuncCode" module="Shared.DC.Scripts.Signature"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>co_argcount</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>co_varnames</string> </key>
<value>
<tuple>
<string>login</string>
<string>_print_</string>
<string>_print</string>
<string>getattr</string>
<string>context</string>
<string>group_id_list_generator</string>
<string>security_category_dict</string>
<string>_getiter_</string>
<string>_getattr_</string>
<string>method_id</string>
<string>base_category_list</string>
<string>tuple</string>
<string>category_value_list</string>
<string>category_dict</string>
<string>_apply_</string>
</tuple>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>func_defaults</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Base_viewSecurityMappingAsUser</string> </value>
</item>
<item>
<key> <string>warnings</string> </key>
<value>
<tuple/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
2010-04-06 yusuke
* Updated Base_viewSecurity to see what a user has any local roles on an object in context.
2010-03-31 yusei 2010-03-31 yusei
* Add Security.py extension to this business template. It was moved from erp5_forge before, but this business template did not recognize the change. * Add Security.py extension to this business template. It was moved from erp5_forge before, but this business template did not recognize the change.
......
95 97
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment