Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
S
slapos.core
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Titouan Soulard
slapos.core
Commits
f2b9f45b
Commit
f2b9f45b
authored
5 years ago
by
Rafael Monnerat
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
slapos_erp5: Introduce security per project
parent
44e1fb21
Changes
7
Show whitespace changes
Inline
Side-by-side
Showing
7 changed files
with
214 additions
and
1 deletion
+214
-1
master/bt5/slapos_erp5/PathTemplateItem/portal_categories/local_role_group/project.xml
...mplateItem/portal_categories/local_role_group/project.xml
+85
-0
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Network.xml
...s_erp5/PortalTypeRolesTemplateItem/Computer%20Network.xml
+6
-0
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer.xml
.../bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer.xml
+6
-0
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription.xml
...p5/PortalTypeRolesTemplateItem/Hosting%20Subscription.xml
+6
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py
..._skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py
+3
-1
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Item_getSecurityCategoryFromMovementSourceProject.py
...core/Item_getSecurityCategoryFromMovementSourceProject.py
+38
-0
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Item_getSecurityCategoryFromMovementSourceProject.xml
...ore/Item_getSecurityCategoryFromMovementSourceProject.xml
+70
-0
No files found.
master/bt5/slapos_erp5/PathTemplateItem/portal_categories/local_role_group/project.xml
0 → 100644
View file @
f2b9f45b
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"Category"
module=
"erp5.portal_type"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
_Add_portal_content_Permission
</string>
</key>
<value>
<tuple>
<string>
Assignor
</string>
<string>
Manager
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
_Add_portal_folders_Permission
</string>
</key>
<value>
<tuple>
<string>
Assignor
</string>
<string>
Manager
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
_Copy_or_Move_Permission
</string>
</key>
<value>
<tuple>
<string>
Assignor
</string>
<string>
Manager
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
_Delete_objects_Permission
</string>
</key>
<value>
<tuple>
<string>
Assignor
</string>
<string>
Manager
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
_Modify_portal_content_Permission
</string>
</key>
<value>
<tuple>
<string>
Assignee
</string>
<string>
Assignor
</string>
<string>
Manager
</string>
<string>
Owner
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
categories
</string>
</key>
<value>
<tuple>
<string>
local_role_group/user
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
description
</string>
</key>
<value>
<none/>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
project
</string>
</value>
</item>
<item>
<key>
<string>
portal_type
</string>
</key>
<value>
<string>
Category
</string>
</value>
</item>
<item>
<key>
<string>
title
</string>
</key>
<value>
<string>
project
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Network.xml
View file @
f2b9f45b
...
...
@@ -25,4 +25,10 @@
<multi_property
id=
'category'
>
role/shadow/person
</multi_property>
<multi_property
id=
'base_category'
>
role
</multi_property>
</role>
<role
id=
'Assignee'
>
<property
id=
'title'
>
Project Member
</property>
<property
id=
'base_category_script'
>
Item_getSecurityCategoryFromMovementSourceProject
</property>
<multi_property
id=
'categories'
>
local_role_group/project
</multi_property>
<multi_property
id=
'base_category'
>
destination_project
</multi_property>
</role>
</type_roles>
\ No newline at end of file
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer.xml
View file @
f2b9f45b
...
...
@@ -19,6 +19,12 @@
<multi_property
id=
'category'
>
group/company
</multi_property>
<multi_property
id=
'base_category'
>
group
</multi_property>
</role>
<role
id=
'Assignee'
>
<property
id=
'title'
>
Project Member
</property>
<property
id=
'base_category_script'
>
Item_getSecurityCategoryFromMovementSourceProject
</property>
<multi_property
id=
'categories'
>
local_role_group/project
</multi_property>
<multi_property
id=
'base_category'
>
destination_project
</multi_property>
</role>
<role
id=
'Assignor'
>
<property
id=
'title'
>
Self Computer
</property>
<property
id=
'condition'
>
python: context.getUserId("") != ""
</property>
...
...
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription.xml
View file @
f2b9f45b
...
...
@@ -11,6 +11,12 @@
<multi_property
id=
'category'
>
group/company
</multi_property>
<multi_property
id=
'base_category'
>
group
</multi_property>
</role>
<role
id=
'Assignee'
>
<property
id=
'title'
>
Project Member
</property>
<property
id=
'base_category_script'
>
Item_getSecurityCategoryFromMovementSourceProject
</property>
<multi_property
id=
'categories'
>
local_role_group/project
</multi_property>
<multi_property
id=
'base_category'
>
destination_project
</multi_property>
</role>
<role
id=
'Assignee'
>
<property
id=
'title'
>
Related Software Instance Group
</property>
<property
id=
'base_category_script'
>
ERP5Type_getSecurityCategoryFromSelf
</property>
...
...
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py
View file @
f2b9f45b
...
...
@@ -10,6 +10,8 @@ return (
# Person security
(
'ERP5Type_getSecurityCategoryFromAssignment'
,
[
'group'
]),
(
'ERP5Type_getSecurityCategoryFromAssignment'
,
[
'role'
]),
(
'ERP5Type_getSecurityCategoryFromAssignment'
,
[
'destination_project'
]),
(
'ERP5Type_getSecurityCategoryFromAssignment'
,
[
'destination'
]),
# Computer security
(
'ERP5Type_getComputerSecurityCategory'
,
[
'role'
]),
...
...
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Item_getSecurityCategoryFromMovementSourceProject.py
0 → 100644
View file @
f2b9f45b
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list
=
[]
if
obj
is
None
:
return
[]
# Object on this case can be Hosting Subscription, Computer, or Computer Network
project
=
obj
.
Item_getCurrentProjectValue
()
if
project
is
not
None
:
category_list
.
append
({
'destination_project'
:
[
project
.
getRelativeUrl
()]})
return
category_list
This diff is collapsed.
Click to expand it.
master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Item_getSecurityCategoryFromMovementSourceProject.xml
0 → 100644
View file @
f2b9f45b
<?xml version="1.0"?>
<ZopeData>
<record
id=
"1"
aka=
"AAAAAAAAAAE="
>
<pickle>
<global
name=
"PythonScript"
module=
"Products.PythonScripts.PythonScript"
/>
</pickle>
<pickle>
<dictionary>
<item>
<key>
<string>
Script_magic
</string>
</key>
<value>
<int>
3
</int>
</value>
</item>
<item>
<key>
<string>
_bind_names
</string>
</key>
<value>
<object>
<klass>
<global
name=
"NameAssignments"
module=
"Shared.DC.Scripts.Bindings"
/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key>
<string>
_asgns
</string>
</key>
<value>
<dictionary>
<item>
<key>
<string>
name_container
</string>
</key>
<value>
<string>
container
</string>
</value>
</item>
<item>
<key>
<string>
name_context
</string>
</key>
<value>
<string>
context
</string>
</value>
</item>
<item>
<key>
<string>
name_m_self
</string>
</key>
<value>
<string>
script
</string>
</value>
</item>
<item>
<key>
<string>
name_subpath
</string>
</key>
<value>
<string>
traverse_subpath
</string>
</value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key>
<string>
_params
</string>
</key>
<value>
<string>
base_category_list, user_name, obj, portal_type
</string>
</value>
</item>
<item>
<key>
<string>
_proxy_roles
</string>
</key>
<value>
<tuple>
<string>
Manager
</string>
</tuple>
</value>
</item>
<item>
<key>
<string>
id
</string>
</key>
<value>
<string>
Item_getSecurityCategoryFromMovementSourceProject
</string>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment