[CMF-checkins] CVS: CMF/CMFCore - CMFCoreExceptions.py:1.2 CMFCorePermissions.py:1.17 MemberDataTool.py:1.31 MembershipTool.py:1.39 PortalFolder.py:1.49 __init__.py:1.24

Yvo Schubbe schubbe at web.de
Wed Sep 24 06:02:45 EDT 2003


Update of /cvs-repository/CMF/CMFCore
In directory cvs.zope.org:/tmp/cvs-serv1184/CMFCore

Modified Files:
	CMFCorePermissions.py MemberDataTool.py MembershipTool.py 
	PortalFolder.py __init__.py 
Added Files:
	CMFCoreExceptions.py 
Log Message:
Merged yuppie-deleteMembers-branch:
- Added deleteMemberData, deleteMemberArea and deleteLocalRoles.
- Added 'recursive' argument to deleteLocalRoles.
- Renamed createMemberarea to createMemberArea.
- Moved getMembersFolder to CMFCore.
- Added CMFCoreExceptions.py.
- Added 'Change local roles' Permission.


=== CMF/CMFCore/CMFCoreExceptions.py 1.1 => 1.2 ===
--- /dev/null	Wed Sep 24 06:02:45 2003
+++ CMF/CMFCore/CMFCoreExceptions.py	Wed Sep 24 06:02:14 2003
@@ -0,0 +1,40 @@
+##############################################################################
+#
+# Copyright (c) 2003 Zope Corporation and Contributors. All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+""" Declare Exceptions used throughout the CMF.
+
+$Id$
+"""
+
+from AccessControl import allow_class
+from AccessControl import Unauthorized
+
+
+class CMFError(Exception):
+    """ The root of all CMF evil.
+    """
+
+allow_class(CMFError)
+
+
+class CMFNotImplementedError(NotImplementedError, CMFError):
+    """ NotImplementedError in CMF.
+    """
+
+allow_class(CMFNotImplementedError)
+
+
+class CMFUnauthorizedError(Unauthorized, CMFError):
+    """ Unauthorized error in CMF.
+    """
+
+allow_class(CMFUnauthorizedError)


=== CMF/CMFCore/CMFCorePermissions.py 1.16 => 1.17 ===
--- CMF/CMFCore/CMFCorePermissions.py:1.16	Wed Sep  3 05:21:21 2003
+++ CMF/CMFCore/CMFCorePermissions.py	Wed Sep 24 06:02:14 2003
@@ -92,6 +92,9 @@
 SetOwnProperties = 'Set own properties'
 setDefaultRoles(SetOwnProperties, ('Manager',))  # + Member
 
+ChangeLocalRoles = 'Change local roles'
+setDefaultRoles(ChangeLocalRoles, ('Owner', 'Manager'))
+
 MailForgottenPassword = 'Mail forgotten password'
 setDefaultRoles(MailForgottenPassword, ('Anonymous', 'Manager',))
 


=== CMF/CMFCore/MemberDataTool.py 1.30 => 1.31 ===
--- CMF/CMFCore/MemberDataTool.py:1.30	Fri May  9 13:46:10 2003
+++ CMF/CMFCore/MemberDataTool.py	Wed Sep 24 06:02:14 2003
@@ -169,11 +169,8 @@
 
     security.declarePrivate('pruneMemberDataContents')
     def pruneMemberDataContents(self):
-        '''
-        Compare the user IDs stored in the member data
-        tool with the list in the actual underlying acl_users
-        and delete anything not in acl_users
-        '''
+        """ Delete data contents of all members not listet in acl_users.
+        """
         membertool= getToolByName(self, 'portal_membership')
         members   = self._members
         user_list = membertool.listMemberIds()
@@ -216,13 +213,20 @@
 
     security.declarePrivate('registerMemberData')
     def registerMemberData(self, m, id):
-        '''
-        Adds the given member data to the _members dict.
-        This is done as late as possible to avoid side effect
-        transactions and to reduce the necessary number of
-        entries.
-        '''
+        """ Add the given member data to the _members btree.
+        """
         self._members[id] = m
+
+    security.declarePrivate('deleteMemberData')
+    def deleteMemberData(self, member_id):
+        """ Delete member data of specified member.
+        """
+        members = self._members
+        if members.has_key(member_id):
+            del members[member_id]
+            return 1
+        else:
+            return 0
 
 InitializeClass(MemberDataTool)
 


=== CMF/CMFCore/MembershipTool.py 1.38 => 1.39 ===
--- CMF/CMFCore/MembershipTool.py:1.38	Wed Sep  3 05:21:21 2003
+++ CMF/CMFCore/MembershipTool.py	Wed Sep 24 06:02:14 2003
@@ -15,20 +15,29 @@
 $Id$
 """
 
+from types import StringType
 from utils import UniqueObject, _getAuthenticatedUser, _checkPermission
 from utils import getToolByName, _dtmldir
 from OFS.Folder import Folder
-from Globals import InitializeClass, DTMLFile, MessageDialog, \
-     PersistentMapping
 from Acquisition import aq_base
+from Acquisition import aq_inner
+from Acquisition import aq_parent
 from AccessControl.User import nobody
 from AccessControl import ClassSecurityInfo
+from Globals import DTMLFile
+from Globals import InitializeClass
+from Globals import MessageDialog
+from Globals import PersistentMapping
+
+from ActionProviderBase import ActionProviderBase
+from CMFCoreExceptions import CMFNotImplementedError
+from CMFCoreExceptions import CMFUnauthorizedError
 from CMFCorePermissions import AccessContentsInformation
+from CMFCorePermissions import ChangeLocalRoles
 from CMFCorePermissions import ManagePortal
 from CMFCorePermissions import ManageUsers
 from CMFCorePermissions import SetOwnPassword
 from CMFCorePermissions import View
-from ActionProviderBase import ActionProviderBase
 
 from interfaces.portal_membership \
         import portal_membership as IMembershipTool
@@ -189,6 +198,14 @@
         else:
             return ''
 
+    security.declarePublic('getMembersFolder')
+    def getMembersFolder(self):
+        """ Get the members folder object.
+        """
+        parent = aq_parent( aq_inner(self) )
+        members = getattr(parent, 'Members', None)
+        return members
+
     security.declareProtected(ManagePortal, 'getMemberareaCreationFlag')
     def getMemberareaCreationFlag(self):
         """
@@ -220,14 +237,13 @@
                message='Member area creation flag has been updated',
                action ='manage_mapRoles')
 
-    security.declarePublic('createMemberarea')
-    def createMemberarea(self, member_id=''):
+    security.declarePublic('createMemberArea')
+    def createMemberArea(self, member_id=''):
         """ Create a member area for 'member_id' or authenticated user.
         """
         if not self.getMemberareaCreationFlag():
             return None
-        parent = self.aq_inner.aq_parent
-        members =  getattr(parent, 'Members', None)
+        members = self.getMembersFolder()
         if not members:
             return None
         if self.isAnonymousUser():
@@ -266,6 +282,22 @@
             f.manage_setLocalRoles(member_id, ['Owner'])
         return f
 
+    security.declarePublic('createMemberarea')
+    createMemberarea = createMemberArea
+
+    security.declareProtected(ManageUsers, 'deleteMemberArea')
+    def deleteMemberArea(self, member_id):
+        """ Delete member area of member specified by member_id.
+        """
+        members = self.getMembersFolder()
+        if not members:
+            return 0
+        if hasattr( aq_base(members), member_id ):
+            members.manage_delObjects(member_id)
+            return 1
+        else:
+            return 0
+
     security.declarePublic('isAnonymousUser')
     def isAnonymousUser(self):
         '''
@@ -360,7 +392,7 @@
         """ What local roles can I assign? """
         member = self.getAuthenticatedMember()
 
-        if 'Manager' in member.getRoles():
+        if _checkPermission(ManageUsers, obj):
             return self.getPortalRoles()
         else:
             member_roles = list( member.getRolesInContext( obj ) )
@@ -369,12 +401,11 @@
         return tuple( member_roles )
 
     security.declareProtected(View, 'setLocalRoles')
-    def setLocalRoles( self, obj, member_ids, member_role, reindex=1 ):
-        """ Set local roles on an item """
-        member = self.getAuthenticatedMember()
-        my_roles = member.getRolesInContext( obj )
-
-        if 'Manager' in my_roles or member_role in my_roles:
+    def setLocalRoles(self, obj, member_ids, member_role, reindex=1):
+        """ Add local roles on an item.
+        """
+        if ( _checkPermission(ChangeLocalRoles, obj)
+             and member_role in self.getCandidateLocalRoles(obj) ):
             for member_id in member_ids:
                 roles = list(obj.get_local_roles_for_userid( userid=member_id ))
 
@@ -389,15 +420,21 @@
             obj.reindexObjectSecurity()
 
     security.declareProtected(View, 'deleteLocalRoles')
-    def deleteLocalRoles( self, obj, member_ids, reindex=1 ):
-        """ Delete local roles for members member_ids """
-        member = self.getAuthenticatedMember()
-        my_roles = member.getRolesInContext( obj )
-
-        if 'Manager' in my_roles or 'Owner' in my_roles:
-            obj.manage_delLocalRoles( userids=member_ids )
+    def deleteLocalRoles(self, obj, member_ids, reindex=1, recursive=0):
+        """ Delete local roles of specified members.
+        """
+        if _checkPermission(ChangeLocalRoles, obj):
+            for member_id in member_ids:
+                if obj.get_local_roles_for_userid(userid=member_id):
+                    obj.manage_delLocalRoles(userids=member_ids)
+                    break
+
+        if recursive and hasattr( aq_base(obj), 'contentValues' ):
+            for subobj in obj.contentValues():
+                self.deleteLocalRoles(subobj, member_ids, 0, 1)
 
         if reindex:
+            # reindexObjectSecurity is always recursive
             obj.reindexObjectSecurity()
 
     security.declarePrivate('addMember')
@@ -420,6 +457,49 @@
             member = self.getMemberById(id)
             member.setMemberProperties(properties)
 
+    security.declareProtected(ManageUsers, 'deleteMembers')
+    def deleteMembers(self, member_ids, delete_memberareas=1,
+                      delete_localroles=1):
+        """ Delete members specified by member_ids.
+        """
+
+        # Delete members in acl_users.
+        acl_users = self.acl_users
+        if _checkPermission(ManageUsers, acl_users):
+            if type(member_ids) is StringType:
+                member_ids = (member_ids,)
+            member_ids = list(member_ids)
+            for member_id in member_ids[:]:
+                if not acl_users.getUserById(member_id, None):
+                    member_ids.remove(member_id)
+            try:
+                acl_users.userFolderDelUsers(member_ids)
+            except (NotImplementedError, 'NotImplemented'):
+                raise CMFNotImplementedError('The underlying User Folder '
+                                         'doesn\'t support deleting members.')
+        else:
+            raise CMFUnauthorizedError('You need the \'Manage users\' '
+                                 'permission for the underlying User Folder.')
+
+        # Delete member data in portal_memberdata.
+        mdtool = getToolByName(self, 'portal_memberdata', None)
+        if mdtool:
+            for member_id in member_ids:
+                mdtool.deleteMemberData(member_id)
+
+        # Delete members' home folders including all content items.
+        if delete_memberareas:
+            for member_id in member_ids:
+                 self.deleteMemberArea(member_id)
+
+        # Delete members' local roles.
+        if delete_localroles:
+            utool = getToolByName(self, 'portal_url', None)
+            self.deleteLocalRoles( utool.getPortalObject(), member_ids,
+                                   reindex=1, recursive=1 )
+
+        return tuple(member_ids)
+
     security.declarePublic('getHomeFolder')
     def getHomeFolder(self, id=None, verifyPermission=0):
         """Returns a member's home folder object or None.
@@ -435,6 +515,5 @@
         doesn't have the View permission on the folder.
         """
         return None
-
 
 InitializeClass(MembershipTool)


=== CMF/CMFCore/PortalFolder.py 1.48 => 1.49 ===
--- CMF/CMFCore/PortalFolder.py:1.48	Mon Sep  1 10:44:11 2003
+++ CMF/CMFCore/PortalFolder.py	Wed Sep 24 06:02:14 2003
@@ -26,6 +26,7 @@
 
 from CMFCorePermissions import AddPortalContent
 from CMFCorePermissions import AddPortalFolders
+from CMFCorePermissions import ChangeLocalRoles
 from CMFCorePermissions import ListFolderContents
 from CMFCorePermissions import ManagePortal
 from CMFCorePermissions import ManageProperties
@@ -62,7 +63,7 @@
                          , 'name'          : 'Local Roles'
                          , 'action':
                                   'string:${object_url}/folder_localrole_form'
-                         , 'permissions'   : (ManageProperties,)
+                         , 'permissions'   : (ChangeLocalRoles,)
                          , 'category'      : 'folder'
                          }
                        )


=== CMF/CMFCore/__init__.py 1.23 => 1.24 ===
--- CMF/CMFCore/__init__.py:1.23	Thu Feb 13 03:31:01 2003
+++ CMF/CMFCore/__init__.py	Wed Sep 24 06:02:14 2003
@@ -15,6 +15,8 @@
 $Id$
 """
 
+from AccessControl import allow_module
+
 import PortalObject, PortalContent, PortalFolder
 import MembershipTool, WorkflowTool, CatalogTool, DiscussionTool
 import ActionsTool, UndoTool, RegistrationTool, SkinsTool
@@ -29,6 +31,9 @@
 import utils
 
 from CMFCorePermissions import AddPortalFolders
+
+
+allow_module('Products.CMFCore.CMFCoreExceptions')
 
 try:
     import FSPageTemplate




More information about the CMF-checkins mailing list