Commit c701ed94 authored by iv's avatar iv

ERP5Workflow: add updateRoleMappings method for updating roles on objects

parent 332281fb
...@@ -62,6 +62,8 @@ from tempfile import mktemp ...@@ -62,6 +62,8 @@ from tempfile import mktemp
from types import StringTypes from types import StringTypes
from zLOG import LOG, INFO, WARNING from zLOG import LOG, INFO, WARNING
ACTIVITY_GROUPING_COUNT = 100
class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject): class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
""" """
A ERP5 Workflow. A ERP5 Workflow.
...@@ -209,31 +211,70 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject): ...@@ -209,31 +211,70 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
security.declarePrivate('updateRoleMappingsFor') security.declarePrivate('updateRoleMappingsFor')
def updateRoleMappingsFor(self, document): def updateRoleMappingsFor(self, document):
"""Changes the object permissions according to the current state. """
Changes the object permissions according to the current state.
""" """
changed = 0 changed = 0
sdef = self._getWorkflowStateOf(document, id_only=0) state = self._getWorkflowStateOf(document, id_only=False)
if sdef is None: if state is not None:
return 0 for permission, role_list in state.state_permission_roles.items():
# zwj: get all matrix cell objects if modifyRolesForPermission(document, permission, role_list):
permission_role_matrix_cells = sdef.objectValues(portal_type = "PermissionRoles")
# zwj: build a permission roles dict
for perm_role in permission_role_matrix_cells:
permission, role = perm_role.getPermissionRole()
# zwj: double check the right role and permission are obtained
if permission != 'None':
if self.erp5_permission_roles.has_key(permission):
self.erp5_permission_roles[permission] += (role,)
else:
self.erp5_permission_roles.update({permission : (role,)})
# zwj: update role list to permission
for permission_roles in self.erp5_permission_roles.keys():
if modifyRolesForPermission(document, permission_roles, self.erp5_permission_roles[permission_roles]):
changed = 1 changed = 1
# zwj: clean Permission Role list for the next role mapping
del self.erp5_permission_roles[permission_roles]
return changed return changed
# This method allows to update all objects using one workflow, for example
# after the permissions per state for this workflow were modified
def updateRoleMappings(self, REQUEST=None):
"""
Changes permissions of all objects related to this workflow
"""
# XXX(WORKFLOW) add test for roles update:
# - edit permission/roles on a workflow
# - check permission on an existing object of a type using this workflow
workflow_tool = aq_parent(aq_inner(self))
chain_by_type = workflow_tool._chains_by_type
type_info_list = workflow_tool._listTypeInfo()
workflow_id = self.id
portal_type_id_list = []
# look into old chain_by_type (for compatibility)
for type_info in type_info_list:
type_info_id = type_info.getId()
if chain_by_type.has_key(type_info_id) and \
workflow_id in chain_by_type[type_info_id]:
portal_type_id_list.append(type_info_id)
elif workflow_id in workflow_tool._default_chain:
portal_type_id_list.append(type_info_id)
# check the workflow defined on the portal type objects
for portal_type in self.getPortalObject().portal_types.objectValues(portal_type='Base Type'):
if workflow_id in portal_type.getTypeWorkflowList():
portal_type_id_list.append(portal_type.getId())
if portal_type_id_list:
object_list = self.portal_catalog(portal_type=portal_type_id_list, limit=None)
portal_activities = self.portal_activities
object_path_list = [x.path for x in object_list]
for i in xrange(0, len(object_list), ACTIVITY_GROUPING_COUNT):
current_path_list = object_path_list[i:i+ACTIVITY_GROUPING_COUNT]
portal_activities.activate(activity='SQLQueue',
priority=3)\
.callMethodOnObjectList(current_path_list,
'updateRoleMappingsFor',
wf_id = self.getId())
else:
object_list = []
if REQUEST is not None:
message = 'No object updated.'
if object_list:
message = '%d object(s) updated: \n %s.' % (len(object_list),
', '.join([o.getTitleOrId() + ' (' + o.getPortalType() + ')'
for o in object_list]))
return message
else:
return len(object_list)
def getManagedRoleList(self): def getManagedRoleList(self):
return sorted(self.getPortalObject().getDefaultModule('acl_users').valid_roles()) return sorted(self.getPortalObject().getDefaultModule('acl_users').valid_roles())
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment