[CMF-checkins] CVS: CMF/DCWorkflow - DCWorkflow.py:1.28
States.py:1.11 WorkflowUIMixin.py:1.5
Shane Hathaway
shane at zope.com
Wed Jan 14 17:39:53 EST 2004
Update of /cvs-repository/CMF/DCWorkflow
In directory cvs.zope.org:/tmp/cvs-serv3094
Modified Files:
DCWorkflow.py States.py WorkflowUIMixin.py
Log Message:
Added a UI for managing group->role mappings using workflow.
This is in addition to DCWorkflow's ability to manage permission->role
mappings. Only the UI is finished so far.
=== CMF/DCWorkflow/DCWorkflow.py 1.27 => 1.28 ===
--- CMF/DCWorkflow/DCWorkflow.py:1.27 Thu Jan 8 07:29:33 2004
+++ CMF/DCWorkflow/DCWorkflow.py Wed Jan 14 17:39:22 2004
@@ -24,9 +24,9 @@
from Globals import InitializeClass
from OFS.Folder import Folder
from OFS.ObjectManager import bad_id
+from AccessControl import Unauthorized
# CMFCore
-from Products.CMFCore.CMFCoreExceptions import AccessControl_Unauthorized
from Products.CMFCore.CMFCorePermissions import ManagePortal
from Products.CMFCore.interfaces.portal_workflow \
import WorkflowDefinition as IWorkflowDefinition
@@ -74,6 +74,9 @@
scripts = None
permissions = ()
+ groups = () # The group IDs managed by this workflow.
+ roles = None # The role names managed by this workflow.
+ # If roles is None, listRoles() provides a default.
manage_options = (
{'label': 'Properties', 'action': 'manage_properties'},
@@ -83,7 +86,8 @@
{'label': 'Worklists', 'action': 'worklists/manage_main'},
{'label': 'Scripts', 'action': 'scripts/manage_main'},
{'label': 'Permissions', 'action': 'manage_permissions'},
- ) + UndoSupport.manage_options
+ {'label': 'Groups', 'action': 'manage_groups'},
+ )
security = ClassSecurityInfo()
security.declareObjectProtected(ManagePortal)
@@ -266,13 +270,13 @@
if sdef is None:
raise WorkflowException, 'Object is in an undefined state'
if action not in sdef.transitions:
- raise AccessControl_Unauthorized
+ raise Unauthorized(action)
tdef = self.transitions.get(action, None)
if tdef is None or tdef.trigger_type != TRIGGER_USER_ACTION:
raise WorkflowException, (
'Transition %s is not triggered by a user action' % action)
if not self._checkTransitionGuard(tdef, ob):
- raise AccessControl_Unauthorized
+ raise Unauthorized(action)
self._changeStateOf(ob, tdef, kw)
security.declarePrivate('isWorkflowMethodSupported')
@@ -302,14 +306,14 @@
if sdef is None:
raise WorkflowException, 'Object is in an undefined state'
if method_id not in sdef.transitions:
- raise AccessControl_Unauthorized
+ raise Unauthorized(method_id)
tdef = self.transitions.get(method_id, None)
if tdef is None or tdef.trigger_type != TRIGGER_WORKFLOW_METHOD:
raise WorkflowException, (
'Transition %s is not triggered by a workflow method'
% method_id)
if not self._checkTransitionGuard(tdef, ob):
- raise AccessControl_Unauthorized
+ raise Unauthorized(method_id)
res = apply(func, args, kw)
try:
self._changeStateOf(ob, tdef)
=== CMF/DCWorkflow/States.py 1.10 => 1.11 ===
--- CMF/DCWorkflow/States.py:1.10 Fri Dec 26 08:05:22 2003
+++ CMF/DCWorkflow/States.py Wed Jan 14 17:39:22 2004
@@ -24,6 +24,7 @@
from AccessControl import ClassSecurityInfo
from Products.CMFCore.CMFCorePermissions import ManagePortal
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from ContainerTab import ContainerTab
from utils import _dtmldir
@@ -40,13 +41,15 @@
manage_options = (
{'label': 'Properties', 'action': 'manage_properties'},
{'label': 'Permissions', 'action': 'manage_permissions'},
+ {'label': 'Groups', 'action': 'manage_groups'},
{'label': 'Variables', 'action': 'manage_variables'},
)
title = ''
description = ''
transitions = () # The ids of possible transitions.
- permission_roles = None
+ permission_roles = None # { permission: [role] or (role,) }
+ group_roles = None # { gid : (role,) }
var_values = None # PersistentMapping if set. Overrides transition exprs.
security = ClassSecurityInfo()
@@ -81,9 +84,11 @@
return list(self.getWorkflow().permissions)
def getAvailableRoles(self):
- return list(self.valid_roles())
+ return self.getWorkflow().getAvailableRoles()
def getPermissionInfo(self, p):
+ """Returns the list of roles to be assigned to a permission.
+ """
roles = None
if self.permission_roles:
roles = self.permission_roles.get(p, None)
@@ -96,6 +101,13 @@
acq = 1
return {'acquired':acq, 'roles':list(roles)}
+ def getGroupInfo(self, gid):
+ """Returns the list of roles to be assigned to a group.
+ """
+ if self.group_roles:
+ return self.group_roles.get(gid, ())
+ return ()
+
_properties_form = DTMLFile('state_properties', _dtmldir)
def manage_properties(self, REQUEST, manage_tabs_message=None):
@@ -215,6 +227,31 @@
else:
roles = tuple(roles)
pr[permission] = roles
+
+ manage_groups = PageTemplateFile('state_groups.pt', _dtmldir)
+
+ def setGroups(self, REQUEST, RESPONSE=None):
+ """Set the group to role mappings in REQUEST for this State.
+ """
+ map = self.group_roles
+ if map is None:
+ self.group_roles = map = PersistentMapping()
+ all_roles = self.getWorkflow().getRoles()
+ for group in self.getWorkflow().getGroups():
+ gid = group.getId()
+ roles = []
+ for r in all_roles:
+ if REQUEST.get('%s|%s' % (gid, r), 0):
+ roles.append(r)
+ roles.sort()
+ roles = tuple(roles)
+ map[gid] = roles
+ if RESPONSE is not None:
+ RESPONSE.redirect(
+ "%s/manage_groups?manage_tabs_message=Groups+changed."
+ % self.absolute_url())
+
+
Globals.InitializeClass(StateDefinition)
=== CMF/DCWorkflow/WorkflowUIMixin.py 1.4 => 1.5 ===
--- CMF/DCWorkflow/WorkflowUIMixin.py:1.4 Thu Aug 1 15:05:14 2002
+++ CMF/DCWorkflow/WorkflowUIMixin.py Wed Jan 14 17:39:22 2004
@@ -18,11 +18,19 @@
from Globals import DTMLFile
import Globals
from AccessControl import ClassSecurityInfo
-
+from Acquisition import aq_get
from Products.CMFCore.CMFCorePermissions import ManagePortal
+from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from utils import _dtmldir
+try:
+ # If base_cms exists, include the roles it defines.
+ from Products.base_cms.permissions import getDefaultRolePermissionMap
+except ImportError:
+ def getDefaultRolePermissionMap():
+ return {}
+
class WorkflowUIMixin:
'''
@@ -32,6 +40,7 @@
security.declareProtected(ManagePortal, 'manage_properties')
manage_properties = DTMLFile('workflow_properties', _dtmldir)
+ manage_groups = PageTemplateFile('workflow_groups.pt', _dtmldir)
security.declareProtected(ManagePortal, 'setProperties')
def setProperties(self, title, REQUEST=None):
@@ -86,5 +95,96 @@
# possible_permissions is in AccessControl.Role.RoleManager.
return list(self.possible_permissions())
+
+ def _getGroupFolder(self):
+ try:
+ return aq_get(self, "acl_groups", None, 1)
+ except AttributeError:
+ pass
+ return None
+
+ security.declareProtected(ManagePortal, 'getGroups')
+ def getGroups(self):
+ """Returns the groups managed by this workflow.
+ """
+ gf = self._getGroupFolder()
+ if gf is None:
+ return ()
+ return [gf.getGroupById(gid) for gid in self.groups]
+
+ security.declareProtected(ManagePortal, 'getAvailableGroups')
+ def getAvailableGroups(self):
+ """Returns a list of group objects.
+ """
+ gf = self._getGroupFolder()
+ if gf is None:
+ return ()
+ r = []
+ r.extend(gf.getDynamicGroups())
+ r.extend(gf.getStaticGroups())
+ return r
+
+ security.declareProtected(ManagePortal, 'addGroup')
+ def addGroup(self, gid, RESPONSE=None):
+ """Adds a group by id.
+ """
+ gf = self._getGroupFolder()
+ group = gf.getGroupById(gid)
+ if group is None:
+ raise ValueError(gid)
+ self.groups = self.groups + (gid,)
+ if RESPONSE is not None:
+ RESPONSE.redirect(
+ "%s/manage_groups?manage_tabs_message=Added+group."
+ % self.absolute_url())
+
+ security.declareProtected(ManagePortal, 'delGroups')
+ def delGroups(self, gids, RESPONSE=None):
+ """Removes groups by id.
+ """
+ self.groups = tuple([gid for gid in self.groups if gid not in gids])
+ if RESPONSE is not None:
+ RESPONSE.redirect(
+ "%s/manage_groups?manage_tabs_message=Groups+removed."
+ % self.absolute_url())
+
+ security.declareProtected(ManagePortal, 'getAvailableRoles')
+ def getAvailableRoles(self):
+ """Returns the acquired roles mixed with base_cms roles.
+ """
+ roles = list(self.valid_roles())
+ for role in getDefaultRolePermissionMap().keys():
+ if role not in roles:
+ roles.append(role)
+ roles.sort()
+ return roles
+
+ security.declareProtected(ManagePortal, 'getRoles')
+ def getRoles(self):
+ """Returns the list of roles managed by this workflow.
+ """
+ roles = self.roles
+ if roles is not None:
+ return roles
+ roles = getDefaultRolePermissionMap().keys()
+ if roles:
+ # Map the base_cms roles by default.
+ roles.sort()
+ return roles
+ return self.valid_roles()
+
+ security.declareProtected(ManagePortal, 'setRoles')
+ def setRoles(self, roles, RESPONSE=None):
+ """Changes the list of roles mapped to groups by this workflow.
+ """
+ avail = self.getAvailableRoles()
+ for role in roles:
+ if role not in avail:
+ raise ValueError(role)
+ self.roles = tuple(roles)
+ if RESPONSE is not None:
+ RESPONSE.redirect(
+ "%s/manage_groups?manage_tabs_message=Roles+changed."
+ % self.absolute_url())
Globals.InitializeClass(WorkflowUIMixin)
More information about the CMF-checkins
mailing list