[Checkins] SVN: z3c.securitytool/trunk/ Updated the demoSetup.py
with some random values for permission settings and roles so
users can see the usefulness
Daniel Blackburn
blackburnd at gmail.com
Sat Feb 16 18:49:44 EST 2008
Log message for revision 83959:
Updated the demoSetup.py with some random values for permission settings and roles so users can see the usefulness
Changed:
U z3c.securitytool/trunk/TODO.txt
U z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt
U z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py
-=-
Modified: z3c.securitytool/trunk/TODO.txt
===================================================================
--- z3c.securitytool/trunk/TODO.txt 2008-02-16 23:23:00 UTC (rev 83958)
+++ z3c.securitytool/trunk/TODO.txt 2008-02-16 23:49:43 UTC (rev 83959)
@@ -18,6 +18,12 @@
from (Done)
+ PrincipalDetails
+ =================
+ * Strike through role - permissions which are denied
+ by specific permission deny settings
+
+
PermissionDetails
=================
Modified: z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt 2008-02-16 23:23:00 UTC (rev 83958)
+++ z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt 2008-02-16 23:49:43 UTC (rev 83959)
@@ -30,34 +30,28 @@
<div class="context">
<h3 tal:condition="permissions"> Directly provided
permissions in effect at this context</h3>
- <div class="contentList" tal:repeat="permissionItem permissions" >
- <ul>
- <li class="contentList">
- <span tal:attributes="class python: permissionItem['setting']"
- tal:content="python: permissionItem['permission']"/>
- </li>
- </ul>
-
+ <div tal:repeat="permissionItem permissions" >
+ <div class="contextListIndent">
+ <div tal:attributes="class python: permissionItem['setting']"
+ tal:content="python:
+ permissionItem['permission']"/>
+ </div>
</div>
<br tal:condition="permissions">
<h3 tal:condition="roles">Permissions provided by roles</h3>
- <div class="contentList" tal:condition="roles">
+ <div tal:condition="roles">
<div tal:repeat="role python: roles">
- <b tal:content="role">zope.ManageSite:</b>
- <tal:block tal:define="permissions python:roles[role]">
- <div class="contentList"
- tal:repeat="permission permissions">
- <ul>
- <li>
- <span tal:attributes="class permission/setting"
+ <div class="contextList" tal:content="role">zope.ManageSite:</div>
+ <div tal:define="permissions python:roles[role]">
+ <div class="contextListIndent"
+ tal:repeat="permission permissions">
+ <div tal:attributes="class permission/setting"
tal:content="permission/permission"/>
- </li>
- </ul>
</div>
- </tal:block>
+ </div>
<br>
@@ -66,7 +60,6 @@
</div>
<div class="tree">
-
<h3 tal:condition="permissionTree">Permissions Defined in
Context(s) for this user</h3>
<tal:block tal:repeat="context permissionTree">
Modified: z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py 2008-02-16 23:23:00 UTC (rev 83958)
+++ z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py 2008-02-16 23:49:43 UTC (rev 83959)
@@ -17,27 +17,65 @@
# Lets get the root folder so we can assign some permissions to
# specific contexts
root=zapi.getRoot(root_folder)
+ if 'Folder1' not in root:
+ root['Folder1'] = Folder()
+ if 'Folder2' not in root['Folder1']:
+ root['Folder1']['Folder2'] = Folder()
+
+ sysPrincipals = zapi.principals()
+ principals = [x.id for x in sysPrincipals.getPrincipals('')]
+
+
roleManager = IPrincipalRoleManager(root)
+ permManager = IPrincipalPermissionManager(root)
+
roleManager.assignRoleToPrincipal('zope.Editor', 'zope.daniel')
roleManager.assignRoleToPrincipal('zope.Writer', 'zope.daniel')
+ roleManager.assignRoleToPrincipal('zope.Writer', 'zope.stephan')
- permManager = IPrincipalPermissionManager(root)
+ for principal in principals:
+ permManager.grantPermissionToPrincipal('concord.ReadIssue',
+ principal)
+ permManager.denyPermissionToPrincipal('concord.DeleteArticle',
+ principal)
+ permManager.denyPermissionToPrincipal('concord.CreateArticle',
+ principal)
- permManager.denyPermissionToPrincipal('concord.ReadIssue',
+
+ roleManager = IPrincipalRoleManager(root['Folder1'])
+ permManager = IPrincipalPermissionManager(root['Folder1'])
+
+ roleManager.assignRoleToPrincipal('zope.Janitor', 'zope.markus')
+ roleManager.assignRoleToPrincipal('zope.Writer', 'zope.daniel')
+
+ for principal in principals:
+ permManager.denyPermissionToPrincipal('concord.ReadIssue',
+ principal)
+ permManager.grantPermissionToPrincipal('concord.DeleteIssue',
+ principal)
+ permManager.grantPermissionToPrincipal('concord.CreateArticle',
+ principal)
+
+
+
+ roleManager = IPrincipalRoleManager(root['Folder1']['Folder2'])
+ permManager = IPrincipalPermissionManager(root['Folder1']['Folder2'])
+
+ roleManager.assignRoleToPrincipal('zope.Janitor', 'zope.markus')
+ roleManager.assignRoleToPrincipal('zope.Writer', 'zope.daniel')
+
+
+ permManager.denyPermissionToPrincipal('concord.CreateArticle',
'zope.daniel')
-
permManager.denyPermissionToPrincipal('concord.CreateIssue',
'zope.daniel')
-
permManager.denyPermissionToPrincipal('concord.CreateIssue',
'zope.stephan')
-
permManager.denyPermissionToPrincipal('concord.CreateIssue',
'zope.markus')
-
permManager.denyPermissionToPrincipal('concord.CreateIssue',
'zope.anybody')
+
transaction.commit()
-
More information about the Checkins
mailing list