[Checkins] SVN: z3c.securitytool/trunk/src/z3c/securitytool/ -
Updated permisisonDetails to show the same type of display as the
Daniel Blackburn
blackburnd at gmail.com
Thu Feb 21 10:01:13 EST 2008
Log message for revision 84114:
- Updated permisisonDetails to show the same type of display as the
principal details page
Changed:
U z3c.securitytool/trunk/src/z3c/securitytool/browser/permdetails.pt
U z3c.securitytool/trunk/src/z3c/securitytool/browser/views.py
U z3c.securitytool/trunk/src/z3c/securitytool/configure.zcml
U z3c.securitytool/trunk/src/z3c/securitytool/interfaces.py
U z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/browser/permdetails.pt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/browser/permdetails.pt 2008-02-21 13:57:02 UTC (rev 84113)
+++ z3c.securitytool/trunk/src/z3c/securitytool/browser/permdetails.pt 2008-02-21 15:01:12 UTC (rev 84114)
@@ -1,90 +1,143 @@
<html>
-<head>
- <link type="text/css" rel="stylesheet" media="all" href=""
- tal:attributes="href context/++resource++securitytool.css"/>
-</head>
-<body>
- <h1>Security Checking Tool</h1>
- <div class="top_nav">
- <a class="top_nav_val" href="./securityMatrix.html">Security Matrix</a> | 
- <span class="top_nav_val">Permission Settings </span>
- </div>
- <p class="description"> The permission settings for the
- intersection of the view and principal are displayed here. This
- view displays the permissions, roles, and groups applied to the
- view and principal previously selected on the securityMatrix.html
- page. These are the settings that directly determine what the
- security settings are for the intersection selected. You
- can go back to the matrix page by selecting the `Security
- Matrix` link above. </p>
+ <head>
+ <link type="text/css" rel="stylesheet" media="all" href=""
+ tal:attributes="href context/++resource++securitytool.css"/>
+ </head>
+ <body>
+ <h1>Security Checking Tool</h1>
+ <div class="top_nav">
+ <a class="top_nav_val" href="./securityMatrix.html">Security Matrix</a> | 
+ <span class="top_nav_val">Principal Settings </span>
+ </div>
+ <p class="description"> The permission settings for the
+ intersection of the view and principal are displayed here. This
+ view displays the permissions, roles, and groups applied to the
+ view and principal previously selected on the securityMatrix.html
+ page. These are the settings that directly determine what the
+ security settings are for the intersection selected. You
+ can go back to the matrix page by selecting the `Security
+ Matrix` link above. </p>
+ <div class="matrix_body">
+ <h1 class="just_border"> </h1>
+ <div class="sub_heading">Permission settings for the
+ <b tal:content="view/principal"></b> and the view
+ <b tal:content="view/view"></b></div>
+ <div class="legend" tal:condition="view/legend" tal:content="structure view/legend"/>
+ <metal:block define-macro="user-details"
+ tal:define="permissions view/principalPermissions/permissions;
+ roles view/principalPermissions/roles;
+ roleTree view/principalPermissions/roleTree;
+ permissionTree view/principalPermissions/permissionTree;
+ groups view/principalPermissions/groups">
- <div class="matrix_body">
- <h1 class="just_border"> </h1>
- <div class="sub_heading">
- <span tal:content="structure view/message">This permission details
- for the user </span>
- </div>
- <div class="legend"
- tal:condition="view/legend"
- tal:content="structure view/legend"/>
- <!--ul tal:condition="python: permissions or roles or groups"-->
- <metal:block define-macro="permission-details"
- tal:define="permissions view/permissionDetails/permissions;
- roles view/permissionDetails/roles;
- groups view/permissionDetails/groups">
-
- <h3 tal:condition="permissions">Permissions directly
- responsible for access</h3>
- <div class="contentList" tal:condition="permissions">
- <ul>
- <span tal:repeat="permission permissions">
- <li class="contentList">
- <span tal:content="view/read_perm"/>
- <span tal:attributes="class permission/setting"
- tal:content="permission/name"></span>
- </li>
- </span>
-
- </ul>
+ <div class="context">
+ <h3 tal:condition="permissions"
+ tal:define="junk python:permissions.sort()">
+ Permission for this view and principal
+ in effect at this context </h3>
+ <p class="sectionInfo" tal:condition="permissions"> This section lists
+ the permission setting applied to this user and <br>
+ view calculated from all contexts in the current
+ traversal path. This <br> is the actual permission
+ for this user and view at this context level.
+ </p>
+ <br>
- </div>
- <br tal:condition="permissions">
+ <div tal:repeat="permissionItem permissions" >
+ <div class="finalPermissions">
+ <div tal:attributes="class python: permissionItem['setting']"
+ tal:content="python:
+ permissionItem['permission']"/>
+ </div>
+ </div>
+ <br tal:condition="permissions">
+ <h3 tal:condition="roles">Permissions provided by roles</h3>
+ <p class="sectionInfo" tal:condition="roles"> This section lists all
+ the roles assigned to this user and the <br>
+ permissions they provide at all contexts in the current <br>
+ traversal path. These are the actual roles with their <br>
+ permissions this user has assigned.
+ </p>
+ <br>
+ <div tal:condition="roles">
+ <div tal:repeat="role python: sorted(roles)">
+ <div class="contextList"
+ tal:content="python: role">zope.ManageSite:</div>
+ <div tal:define="permissions python:roles[role]">
+ <div class="contextListIndent"
+ tal:define="junk python:permissions.sort()"
+ tal:repeat="permission permissions">
+ <div tal:attributes="class permission/setting"
+ tal:content="permission/permission"/>
+ </div>
+ </div>
+ <br>
+ </div>
+ </div>
+ </div>
- <h3 tal:condition="roles">Roles directly responsible for
- access</h3>
- <div class="contentList" tal:condition="roles">
- <div tal:repeat="role_context roles">
- <ul>
- <li class="contentList">
+ <div class="tree">
+ <h3 tal:condition="permissionTree">Permissions Defined in
+ Context(s) for this user</h3>
+ <p class="sectionInfo" tal:condition="permissionTree"> This section lists all
+ the permissions assigned to this <br>user and the
+ context level assigned. The same settings <br>
+ can be found in the @@grant.html view on each context.
+ </p>
+ <br>
- <span tal:content="role_context" />:
- <span tal:repeat="perm
- python:roles[role_context]">
- <span tal:attributes="class perm/setting"
- tal:content="perm/name"/>
- <span tal:condition="not:repeat/perm/end"
- tal:replace="string:,"/>
- </span>
- </li>
+ <tal:block tal:repeat="context permissionTree">
+ <span tal:define="curr python:context.values()[0]">
+ <div class="contextList"
+ tal:content="python: ' / '.join(curr['parentList'])"/>
+ <div class="contextListIndent" tal:repeat="permission python: curr['permissions']">
+ <div tal:attributes="class python:permission['setting']"
+ tal:content="python: permission['permission']"/>
+ </div>
+ </span>
+ <br>
+ </tal:block>
- </ul>
- </div>
+ <br tal:condition="permissionTree">
+
+ <h3 tal:condition="roleTree">Roles Defined in
+ Context(s) for this user</h3>
+ <p class="sectionInfo" tal:condition="permissionTree"> This section lists all
+ the roles assigned to this user and <br>the
+ context level assigned. The same settings
+ can be <br>found in the @@grant.html view on each context.
+ </p>
+ <br>
+
+ <tal:block tal:repeat="context roleTree">
+ <span tal:define="curr python:context.values()[0]">
+ <div class="contextList"
+ tal:content="python: ' / '.join(curr['parentList'])"/>
+ <div class="contextListIndent" tal:repeat="role python: curr['roles']">
+ <div tal:attributes="class python:role['setting']"
+ tal:content="python: role['role']"/>
+ </div>
+ </span>
+ <br>
+ </tal:block>
+ <br tal:condition="roleTree">
</div>
-
- <b3 tal:condition="groups">Groups directly responsible
- for access</b3>
<div class="contentList" tal:condition="groups">
- <div tal:repeat="group_id groups">
- <div tal:content="group_id">zope.Authenticated</div>
- <div tal:define="group python:groups[group_id];
- permissions group/permissions;
- roles group/roles;
- groups group/groups">
- <div metal:use-macro="macro:permission-details" />
+ <br>
+ <h3>Permissions provided by group(s)</h3>
+ <div class="contentList" tal:repeat="group_id groups">
+ <div tal:content="group_id">zope.Authenticated</div>
+ <div tal:define="group python:groups[group_id];
+ permissions group/permissions;
+ roles group/roles;
+ groups group/groups">
+ <div metal:use-macro="macro:user-details" />
+ </div>
</div>
- </div>
</div>
- </metal:block>
+
+
+ </metal:block>
</div>
</body>
</html>
Modified: z3c.securitytool/trunk/src/z3c/securitytool/browser/views.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/browser/views.py 2008-02-21 13:57:02 UTC (rev 84113)
+++ z3c.securitytool/trunk/src/z3c/securitytool/browser/views.py 2008-02-21 15:01:12 UTC (rev 84114)
@@ -12,7 +12,7 @@
from zope.app import zapi
from z3c.securitytool.securitytool import settingsForObject
-from z3c.securitytool.securitytool import PrincipalDetails, PermissionDetails
+from z3c.securitytool.securitytool import MatrixDetails, PrincipalDetails, PermissionDetails
from z3c.securitytool.interfaces import ISecurityChecker, IPrincipalDetails, IPermissionDetails
SESSION_KEY = 'securitytool'
@@ -193,6 +193,61 @@
return self.render()
class PermissionDetailsView(BrowserView):
+ """ view class for ud.html (User Details)"""
+ pageTemplateFile = "permdetails.pt"
+
+ def update(self):
+ self.principal = self.request.get('principal','no user specified')
+ self.view = self.request.get('view','no view specified')
+ self.skin = getSkin(self.request) or IBrowserRequest
+
+
+ permAdapter = zapi.getMultiAdapter((self.context,
+ ),IPermissionDetails)
+
+ self.principalPermissions = permAdapter(self.principal,
+ self.view,
+ self.skin)
+
+
+ self.legend = (u"<span class='Deny'>Red Bold = Denied Permission"
+ u"</span>,<span class='Allow'> Green Normal = "
+ u"Allowed Permission </span>")
+
+ self.preparePrincipalPermissions()
+
+ def preparePrincipalPermissions(self):
+ """
+ This method just organized the permission and role tree
+ lists to display properly.
+ """
+ permTree = self.principalPermissions['permissionTree']
+ for idx, item in enumerate(permTree):
+ for uid,value in item.items():
+ if value.has_key('permissions'):
+ self.principalPermissions['permissionTree']\
+ [idx][uid]['permissions'].sort()
+ self.principalPermissions['permissionTree']\
+ [idx][uid]['parentList'].reverse()
+
+ permTree = self.principalPermissions['roleTree']
+ for idx, item in enumerate(permTree):
+ for uid,value in item.items():
+
+ if value.has_key('roles'):
+ self.principalPermissions['roleTree']\
+ [idx][uid]['roles'].sort()
+ self.principalPermissions['roleTree']\
+ [idx][uid]['parentList'].reverse()
+
+ def render(self):
+ return ViewPageTemplateFile(self.pageTemplateFile)(self)
+
+ def __call__(self):
+ self.update()
+ return self.render()
+
+class ORIGPermissionDetailsView(BrowserView):
""" view class for pd.html (Permission Details)"""
pageTemplateFile = "permdetails.pt"
Modified: z3c.securitytool/trunk/src/z3c/securitytool/configure.zcml
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/configure.zcml 2008-02-21 13:57:02 UTC (rev 84113)
+++ z3c.securitytool/trunk/src/z3c/securitytool/configure.zcml 2008-02-21 15:01:12 UTC (rev 84114)
@@ -15,7 +15,6 @@
<adapter
factory=".securitytool.PrincipalDetails"
for="*"
-
/>
<include package=".browser" />
Modified: z3c.securitytool/trunk/src/z3c/securitytool/interfaces.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/interfaces.py 2008-02-21 13:57:02 UTC (rev 84113)
+++ z3c.securitytool/trunk/src/z3c/securitytool/interfaces.py 2008-02-21 15:01:12 UTC (rev 84114)
@@ -19,12 +19,22 @@
def populatePermissionMatrix(self,read_perm,principalPermissions):
""" populates the permission matrix """
+class IPrincipalDetails(Interface):
+ def updateMatrixPermissions( item):
+ """ method to update the permissions """
+ def updateMatrixRoles( name, item):
+ """ method to up date the matrix roles """
+
+
class IPermissionDetails(Interface):
- def permissionDetails(principal,read_perm,settings, rolePermissions):
- """ workhorse of the PermissionDetails class """
+ def updateMatrixPermissions( item):
+ """ method to update the permissions """
-class IPrincipalDetails(Interface):
+ def updateMatrixRoles( name, item):
+ """ method to up date the matrix roles """
+
+class IMatrixDetails(Interface):
def principalPermissions(principal_id, skin):
""" main workhorse of the class """
def orderRoleTree(self):
@@ -33,18 +43,12 @@
def updatePrincipalMatrix( settings):
""" this is called to update the roles and permissions"""
- def updatePrincipalMatrixRoles( name, item):
- """ method to up date the matrix roles """
-
+ def updateRoles(item,role,curRole):
+ """ method to update the roles """
+
def updateRoleTree(item,parentList,curRole):
""" method to update the matrix roletree """
-
- def updateRoles(item,role,curRole):
- """ method to update the roles """
- def updatePrincipalMatrixPermissions( item):
- """ method to update the permissions """
-
def updatePermissionTree(item,prinPerms):
""" method to update the permission tree """
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-21 13:57:02 UTC (rev 84113)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-21 15:01:12 UTC (rev 84114)
@@ -178,94 +178,218 @@
matrix[principal].update({self.name: setting})
-class PermissionDetails(object):
+class MatrixDetails(object):
+ """
+ This class creates the complex permissionDetails object
+ """
+
+ def __init__(self,context):
+ self.context = context
+
+ def orderRoleTree(self):
+ # This is silly I know but I want global settings at the end
+ try:
+ roleTree = self.principalMatrix['roleTree']
+
+ globalSettings = roleTree.pop(0)
+ roleTree.append(globalSettings)
+ except IndexError:
+ # Attempting to pop empty list
+ pass
+
+ def updatePrincipalMatrix(self, settings):
+ """ this method recursively populates the principal permissions
+ dict and is only used by principalPermissions """
+
+ for setting in settings:
+ for name, item in setting.items():
+ self.updateMatrixRoles(name,item)
+ self.updateMatrixPermissions(item)
+ for group_id in self.principal.groups:
+ group = self.principals.getPrincipal(group_id)
+ self.principalMatrix['groups'][group_id] = \
+ self.policyPermissions(group, settings)
+
+ def updateRoleTree(self,item,parentList,curRole):
+ """
+ This method is responsible for poplating the roletree.
+ """
+ roleTree = self.principalMatrix['roleTree']
+
+ key = item.get('uid')
+ keys = [x.keys()[0] for x in roleTree]
+
+ # Each key is unique so we just get the list index to edit
+ if key in keys:
+ listIdx = keys.index(key)
+ else:
+ roleTree.append({key:{}})
+ listIdx = -1
+
+ roleTree[listIdx][key]['parentList'] = parentList
+ roleTree[listIdx][key]['name'] = item.get('name')
+ roleTree[listIdx][key].setdefault('roles',[])
+
+ # We make sure we only add the roles we do not yet have.
+ if curRole not in roleTree[listIdx][key]['roles']:
+ roleTree[listIdx][key]['roles'].append(curRole)
+
+ def updateRoles(self,item,role,curRole):
+ if curRole['setting'] == Allow:
+ # We only want to append the role if it is Allowed
+ roles = self.principalMatrix['roles']
+ rolePerms = self.roleSettings['rolePermissions']
+
+ if not roles.has_key(role):
+ roles[role] = []
+
+ # Here we get the permissions provided by each role
+ for rolePerm in rolePerms:
+ if rolePerm['role'] == role:
+ mapping = {'permission': rolePerm['permission'],
+ 'setting' : rolePerm['setting'].getName()
+ }
+
+ if mapping not in roles[role]:
+ roles[role].append(mapping)
+
+ def updatePermissionTree(self,item,prinPerms):
+ """ method responsible for creating permission tree """
+
+ permissionTree = self.principalMatrix['permissionTree']
+
+ key = item.get('uid')
+ keys = [x.keys()[0] for x in permissionTree]
+
+ # Each key is unique so we just get the list index to edit
+ if key in keys:
+ listIdx = keys.index(key)
+ else:
+ permissionTree.append({key:{}})
+ listIdx = -1
+
+ permissionTree[listIdx][key]['parentList'] = item.get('parentList')
+ permissionTree[listIdx][key]['name'] = item.get('name')
+ permissionTree[listIdx][key].setdefault('permissions',[])
+
+ if prinPerms not in permissionTree[listIdx][key]['permissions']:
+ permissionTree[listIdx][key]['permissions'].append(prinPerms)
+
+
+class PermissionDetails(MatrixDetails):
"""Get permission details for a given principal and view.
Includes the permissions set by the groups the principal belongs to.
"""
implements(interfaces.IPermissionDetails)
+ adapts(Interface)
- def __init__(self,context):
- self.context = context
+ def __call__(self,principal_id,view_name, skin=IBrowserRequest):
+ self.principal_id = principal_id
+ self.skin = skin
+ self.read_perm = 'zope.Public'
- def __call__(self,principal_id,view_name,skin):
- settings = None
- rolePermissions = []
- read_perm = 'zope.Public'
- prinPermSettings = {'read_perm':'',
- 'permissions': [],
- 'roles': [],
- 'groups': {}}
+ request = TestRequest()
+ applySkin(request, skin)
+ self.principalMatrix = {'permissions': [],
+ 'permissionTree': [],
+ 'roles': {},
+ 'roleTree': [],
+ 'groups': {}}
- principals = zapi.principals()
- principal = principals.getPrincipal(principal_id)
+ self.principals = zapi.principals()
+ self.principal = self.principals.getPrincipal(principal_id)
+ ifaces = tuple(providedBy(self.context))
ifaces = tuple(providedBy(self.context))
for iface in ifaces:
- for view_reg in getViews(iface, skin):
- if view_reg.name == view_name:
+ for view_reg in getViews(iface, self.skin):
+ if view_reg.name == view_name:
+
view = getView(self.context, view_reg, skin)
- settings = settingsForObject(view)
- read_perm = getViewInfoDictionary(view_reg)['read_perm']\
+ if not view:
+ continue
+ all_settings = [{name:val} for name,val in
+ settingsForObject(view) ]
+
+ self.read_perm = \
+ getViewInfoDictionary(view_reg)['read_perm']\
or 'zope.Public'
+
+ self.roleSettings, junk = getSettingsForMatrix(view)
+
+ self.rolePermMap = self.roleSettings.get(
+ 'rolePermissions', ())
+ self.updatePrincipalMatrix(all_settings)
break
- if settings:
- for name,setting in settings:
- if setting.get('rolePermissions',''):
- rolePermissions.extend(setting['rolePermissions'])
+
+ self.orderRoleTree()
+ return self.principalMatrix
- prinPermSettings = self.permissionDetails(principal, read_perm,
- settings, rolePermissions)
+ def updateMatrixRoles(self, name, item):
+ for curRole in item.get('principalRoles', ()):
+ if curRole['principal'] != self.principal.id:
+ continue
- prinPermSettings['read_perm'] = read_perm
+ role = curRole['role']
- return prinPermSettings
+ #import pdb;pdb.set_trace()
+ perm = roleProvidesPermission(self.rolePermMap,
+ role,
+ self.read_perm )
- def permissionDetails(self,principal,read_perm,settings, rolePermissions):
- """Recursively get the permission details for a given principal and
- permission from a security mapping.
+ if perm != 'Allow' and perm != 'Deny':
+ continue
+
+ parentList = item.get('parentList',None)
+
+ if parentList:
+ # If we have a parent list we want to populate the tree
+ self.updateRoleTree(item,parentList,curRole)
+
+ if curRole['setting'] == Deny:
+ try:
+ # Here we see if we have added a security setting with
+ # this role before, if it is now denied we remove it.
+ del self.principalMatrix['roles'][role]
+ except:
+ #Cannot delete something that is not there
+ pass
+ continue
+ else:
+ self.updateRoles(item,role,curRole)
+
+ def updateMatrixPermissions(self, item):
+ """ Here we get all the permissions for the given principal
+ on the item passed.
"""
- principalSettings = {'permissions': [],
- 'roles': {},
- 'groups': {}}
- principals = zapi.principals()
+ for prinPerms in item.get('principalPermissions', ()):
+ if self.principal.id != prinPerms['principal']:
+ continue
- for name, setting in settings:
- prinPermMap = setting.get('principalPermissions', ())
- prinRoleMap = setting.get('principalRoles', ())
- rolePermMap = rolePermissions
- permSetting = principalDirectlyProvidesPermission(prinPermMap,
- principal.id, read_perm)
- if permSetting:
- principalSettings['permissions'].append(
- {'name': renderedName(name), 'setting': permSetting})
+ if prinPerms['permission'] != self.read_perm:
+ continue
- role_id, permSetting = principalRoleProvidesPermission(
- prinRoleMap, rolePermMap, principal.id,read_perm )
- if permSetting:
- nameList = principalSettings['roles'].setdefault(role_id, [])
- nameList.append({'name': renderedName(name),
- 'setting': permSetting})
+ if item.get('parentList',None):
+ self.updatePermissionTree(item,prinPerms)
- for group_id in principal.groups:
- group = principals.getPrincipal(group_id)
- group_settings = self.permissionDetails(group,
- read_perm, settings, rolePermMap)
+ mapping = {'permission': prinPerms['permission'],
+ 'setting' : prinPerms['setting'],}
- if hasPermissionSetting(group_settings):
- principalSettings['groups'][group_id] = group_settings
+ dup = [perm for perm in self.principalMatrix['permissions'] \
+ if perm['permission'] == mapping['permission']]
- return principalSettings
+ if dup:
+ # This means we already have a record with this permission
+ # and the next record would be less specific so we continue
+ continue
-class PrincipalDetails(object):
+ self.principalMatrix['permissions'].append(mapping)
+
+class PrincipalDetails(MatrixDetails):
implements(interfaces.IPrincipalDetails)
adapts(Interface)
-
- def __init__(self,context):
- self.context = context
- #self.secChecker = SecurityChecker(self.context)
-
def __call__(self,principal_id, skin=IBrowserRequest):
"""Return all security settings (permissions, groups, roles)
for all interfaces provided by this context for a
@@ -298,31 +422,7 @@
self.orderRoleTree()
return self.principalMatrix
- def orderRoleTree(self):
- # This is silly I know but I want global settings at the end
- try:
- roleTree = self.principalMatrix['roleTree']
- globalSettings = roleTree.pop(0)
- roleTree.append(globalSettings)
- except IndexError:
- # Attempting to pop empty list
- pass
-
- def updatePrincipalMatrix(self, settings):
- """ this method recursively populates the principal permissions
- dict and is only used by principalPermissions """
-
- for setting in settings:
- for name, item in setting.items():
- self.updatePrincipalMatrixRoles(name,item)
- self.updatePrincipalMatrixPermissions(item)
- for group_id in self.principal.groups:
- group = self.principals.getPrincipal(group_id)
- self.principalMatrix['groups'][group_id] = \
- self.policyPermissions(group, settings)
-
-
- def updatePrincipalMatrixRoles(self, name, item):
+ def updateMatrixRoles(self, name, item):
for curRole in item.get('principalRoles', ()):
if curRole['principal'] != self.principal.id:
continue
@@ -346,50 +446,7 @@
else:
self.updateRoles(item,role,curRole)
- def updateRoleTree(self,item,parentList,curRole):
- """
- This method is responsible for poplating the roletree.
- """
- roleTree = self.principalMatrix['roleTree']
-
- key = item.get('uid')
- keys = [x.keys()[0] for x in roleTree]
-
- # Each key is unique so we just get the list index to edit
- if key in keys:
- listIdx = keys.index(key)
- else:
- roleTree.append({key:{}})
- listIdx = -1
-
- roleTree[listIdx][key]['parentList'] = parentList
- roleTree[listIdx][key]['name'] = item.get('name')
- roleTree[listIdx][key].setdefault('roles',[])
-
- # We make sure we only add the roles we do not yet have.
- if curRole not in roleTree[listIdx][key]['roles']:
- roleTree[listIdx][key]['roles'].append(curRole)
-
- def updateRoles(self,item,role,curRole):
- if curRole['setting'] == Allow:
- # We only want to append the role if it is Allowed
- roles = self.principalMatrix['roles']
- rolePerms = self.roleSettings['rolePermissions']
-
- if not roles.has_key(role):
- roles[role] = []
-
- # Here we get the permissions provided by each role
- for rolePerm in rolePerms:
- if rolePerm['role'] == role:
- mapping = {'permission': rolePerm['permission'],
- 'setting' : rolePerm['setting'].getName()
- }
-
- if mapping not in roles[role]:
- roles[role].append(mapping)
-
- def updatePrincipalMatrixPermissions(self, item):
+ def updateMatrixPermissions(self, item):
""" Here we get all the permissions for the given principal
on the item passed.
"""
@@ -415,30 +472,6 @@
self.principalMatrix['permissions'].append(mapping)
-
- def updatePermissionTree(self,item,prinPerms):
- """ method responsible for creating permission tree """
-
- permissionTree = self.principalMatrix['permissionTree']
-
- key = item.get('uid')
- keys = [x.keys()[0] for x in permissionTree]
-
- # Each key is unique so we just get the list index to edit
- if key in keys:
- listIdx = keys.index(key)
- else:
- permissionTree.append({key:{}})
- listIdx = -1
-
- permissionTree[listIdx][key]['parentList'] = item.get('parentList')
- permissionTree[listIdx][key]['name'] = item.get('name')
- permissionTree[listIdx][key].setdefault('permissions',[])
-
- if prinPerms not in permissionTree[listIdx][key]['permissions']:
- permissionTree[listIdx][key]['permissions'].append(prinPerms)
-
-
def getViews(iface, reqType=IRequest):
"""Get all view registrations for a particular interface."""
gsm = getGlobalSiteManager()
@@ -632,3 +665,5 @@
return view_inst
except TypeError:
pass
+
+
More information about the Checkins
mailing list