Commit cc5f6a48 authored by Yusei Tahara's avatar Yusei Tahara

By default, all formats are permitted to convert for everyone.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@18471 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 6ba190da
......@@ -66,34 +66,42 @@
<item>
<key> <string>_body</string> </key>
<value> <string>"""\n
A very simple implementation which makes sure\n
that pure auditors can only view in non editable formats\n
(pdf, html, txt, png, etc.)\n
This script provides a facility to permit conversion by format.\n
"""\n
from AccessControl import getSecurityManager\n
user = getSecurityManager().getUser()\n
role_list = user.getRolesInContext(context)\n
#\n
# By default, all formats are permitted.\n
#\n
return 1\n
\n
# Users involved in the document may view it in editable mode\n
if "Associate" in role_list or "Assignee" in role_list or\\\n
"Assignor" in role_list or "Manager" in role_list or "Owner" in role_list:\n
return 1\n
\n
# Reject original format\n
if format is None:\n
return 0\n
\n
# All users with view permission may view the document \n
# in read only mode\n
if format in (\'html\', \'stripped-html\', \'text\', \'txt\', \'pdf\', \'png\', \'jpg\', \'gif\'):\n
return 1\n
if format.endswith(\'pdf\'):\n
return 1\n
if format.endswith(\'html\'):\n
return 1\n
\n
# All other formats are prohibitted\n
return 0\n
###\n
### Below is an example which pure auditors can only view in non editable\n
### formats (pdf, html, txt, png, etc.)\n
###\n
## from AccessControl import getSecurityManager\n
## user = getSecurityManager().getUser()\n
## role_list = user.getRolesInContext(context)\n
## \n
## # Users involved in the document may view it in editable mode\n
## if "Associate" in role_list or "Assignee" in role_list or\\\n
## "Assignor" in role_list or "Manager" in role_list or "Owner" in role_list:\n
## return 1\n
##\n
## # Reject original format\n
## if format is None:\n
## return 0\n
##\n
## # All users with view permission may view the document \n
## # in read only mode\n
## if format in (\'html\', \'stripped-html\', \'text\', \'txt\', \'pdf\', \'png\', \'jpg\', \'gif\'):\n
## return 1\n
## if format.endswith(\'pdf\'):\n
## return 1\n
## if format.endswith(\'html\'):\n
## return 1\n
##\n
## # All other formats are prohibitted\n
## return 0\n
</string> </value>
</item>
<item>
......@@ -143,13 +151,6 @@ return 0\n
<value>
<tuple>
<string>format</string>
<string>AccessControl</string>
<string>getSecurityManager</string>
<string>_getattr_</string>
<string>user</string>
<string>context</string>
<string>role_list</string>
<string>None</string>
</tuple>
</value>
</item>
......
786
\ No newline at end of file
787
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment