Commit 8121aef8 authored by Hanno Schlichting's avatar Hanno Schlichting

Some PEP8 cleanup

parent 85c9193b
...@@ -20,110 +20,135 @@ import string ...@@ -20,110 +20,135 @@ import string
from Acquisition import aq_base from Acquisition import aq_base
name_trans=filter(lambda c, an=string.letters+string.digits+'_': c not in an, name_trans=filter(lambda c, an=string.letters+string.digits+'_': c not in an,
map(chr,range(256))) map(chr, range(256)))
name_trans=string.maketrans(''.join(name_trans), '_'*len(name_trans)) name_trans=string.maketrans(''.join(name_trans), '_'*len(name_trans))
def pname(name, translate=string.translate, name_trans=name_trans): def pname(name, translate=string.translate, name_trans=name_trans):
return '_'+translate(name,name_trans)+"_Permission" return '_'+translate(name, name_trans) + "_Permission"
_marker=[] _marker=[]
class Permission: class Permission:
# A Permission maps a named logical permission to a set # A Permission maps a named logical permission to a set
# of attribute names. Attribute names which appear in a # of attribute names. Attribute names which appear in a
# permission may not appear in any other permission defined # permission may not appear in any other permission defined
# by the object. # by the object.
def __init__(self,name,data,obj,default=None): def __init__(self, name, data, obj, default=None):
self.name=name self.name = name
self._p='_'+string.translate(name,name_trans)+"_Permission" self._p = '_' + string.translate(name, name_trans) + "_Permission"
self.data=data self.data = data
self.obj=aq_base(obj) self.obj = aq_base(obj)
self.default=default self.default = default
def getRoles(self, default=_marker): def getRoles(self, default=_marker):
# Return the list of role names which have been given # Return the list of role names which have been given
# this permission for the object in question. To do # this permission for the object in question. To do
# this, we try to get __roles__ from all of the object # this, we try to get __roles__ from all of the object
# attributes that this permission represents. # attributes that this permission represents.
obj=self.obj obj = self.obj
name=self._p name = self._p
if hasattr(obj, name): return getattr(obj, name) if hasattr(obj, name):
roles=default return getattr(obj, name)
roles = default
for name in self.data: for name in self.data:
if name: if name:
if hasattr(obj, name): if hasattr(obj, name):
attr=getattr(obj, name) attr = getattr(obj, name)
if hasattr(attr,'im_self'): if hasattr(attr, 'im_self'):
attr=attr.im_self attr = attr.im_self
if hasattr(attr, '__dict__'): if hasattr(attr, '__dict__'):
attr=attr.__dict__ attr = attr.__dict__
name=name+'__roles__' name = name + '__roles__'
if attr.has_key(name): if name in attr:
roles=attr[name] roles = attr[name]
break break
elif hasattr(obj, '__dict__'): elif hasattr(obj, '__dict__'):
attr=obj.__dict__ attr = obj.__dict__
if attr.has_key('__roles__'): if '__roles__' in attr:
roles=attr['__roles__'] roles = attr['__roles__']
break break
if roles: if roles:
try: try:
if 'Shared' not in roles: return tuple(roles) if 'Shared' not in roles:
roles=list(roles) return tuple(roles)
roles = list(roles)
roles.remove('Shared') roles.remove('Shared')
return roles return roles
except: return [] except:
return []
if roles is None: return ['Manager','Anonymous'] if roles is None:
if roles is _marker: return ['Manager'] return ['Manager', 'Anonymous']
if roles is _marker:
return ['Manager']
return roles return roles
def setRoles(self, roles): def setRoles(self, roles):
obj=self.obj obj = self.obj
if isinstance(roles, list) and not roles: if isinstance(roles, list) and not roles:
if hasattr(obj, self._p): delattr(obj, self._p) if hasattr(obj, self._p):
delattr(obj, self._p)
else: else:
setattr(obj, self._p, roles) setattr(obj, self._p, roles)
for name in self.data: for name in self.data:
if name=='': attr=obj if name=='':
else: attr=getattr(obj, name) attr = obj
try: del attr.__roles__ else:
except: pass attr = getattr(obj, name)
try: delattr(obj,name+'__roles__') try:
except: pass del attr.__roles__
except:
pass
try:
delattr(obj, name + '__roles__')
except:
pass
def setRole(self, role, present): def setRole(self, role, present):
roles=self.getRoles() roles = self.getRoles()
if role in roles: if role in roles:
if present: return if present:
if isinstance(roles, list): roles.remove(role) return
if isinstance(roles, list):
roles.remove(role)
else: else:
roles=list(roles) roles = list(roles)
roles.remove(role) roles.remove(role)
roles=tuple(roles) roles = tuple(roles)
elif not present: return elif not present:
return
else: else:
if isinstance(roles, list): roles.append(role) if isinstance(roles, list):
else: roles=roles+(role,) roles.append(role)
else:
roles=roles + (role, )
self.setRoles(roles) self.setRoles(roles)
def __len__(self): return 1 def __len__(self):
def __str__(self): return self.name return 1
def __str__(self):
return self.name
_registeredPermissions={} _registeredPermissions={}
_registerdPermission=_registeredPermissions.has_key _registerdPermission=_registeredPermissions.has_key
def registerPermissions(permissions, defaultDefault=('Manager',)):
def registerPermissions(permissions, defaultDefault=('Manager', )):
"""Register an __ac_permissions__ sequence. """Register an __ac_permissions__ sequence.
""" """
import Products import Products
for setting in permissions: for setting in permissions:
if _registerdPermission(setting[0]): continue if _registerdPermission(setting[0]):
continue
if len(setting)==2: if len(setting)==2:
perm, methods = setting perm, methods = setting
default = defaultDefault default = defaultDefault
...@@ -132,12 +157,13 @@ def registerPermissions(permissions, defaultDefault=('Manager',)): ...@@ -132,12 +157,13 @@ def registerPermissions(permissions, defaultDefault=('Manager',)):
_registeredPermissions[perm]=1 _registeredPermissions[perm]=1
Products_permissions = getattr(Products, '__ac_permissions__', ()) Products_permissions = getattr(Products, '__ac_permissions__', ())
Products.__ac_permissions__=( Products.__ac_permissions__=(
Products_permissions + ((perm, (), default),)) Products_permissions + ((perm, (), default), ))
mangled=pname(perm) # get mangled permission name mangled=pname(perm) # get mangled permission name
if not hasattr(ApplicationDefaultPermissions, mangled): if not hasattr(ApplicationDefaultPermissions, mangled):
setattr(ApplicationDefaultPermissions, setattr(ApplicationDefaultPermissions,
mangled, default) mangled, default)
class ApplicationDefaultPermissions: class ApplicationDefaultPermissions:
_View_Permission = ('Manager', 'Anonymous') _View_Permission = ('Manager', 'Anonymous')
_Access_contents_information_Permission = ('Manager', 'Anonymous') _Access_contents_information_Permission = ('Manager', 'Anonymous')
...@@ -19,25 +19,27 @@ from cgi import escape ...@@ -19,25 +19,27 @@ from cgi import escape
from Acquisition import Acquired from Acquisition import Acquired
from Acquisition import aq_base from Acquisition import aq_base
from Acquisition import aq_get from Acquisition import aq_get
from AccessControl import ClassSecurityInfo
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.Permissions import change_permissions
from App.Dialogs import MessageDialog from App.Dialogs import MessageDialog
from App.special_dtml import DTMLFile from App.special_dtml import DTMLFile
from ExtensionClass import Base from ExtensionClass import Base
from PermissionMapping import RoleManager from PermissionMapping import RoleManager
from zope.interface import implements from zope.interface import implements
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass from AccessControl.class_init import InitializeClass
from AccessControl.interfaces import IRoleManager from AccessControl.interfaces import IRoleManager
from AccessControl.Permission import Permission from AccessControl.Permission import Permission
from AccessControl.Permissions import change_permissions
from AccessControl.requestmethod import requestmethod from AccessControl.requestmethod import requestmethod
from AccessControl.SecurityManagement import newSecurityManager
DEFAULTMAXLISTUSERS = 250
DEFAULTMAXLISTUSERS=250
def _isBeingUsedAsAMethod(self): def _isBeingUsedAsAMethod(self):
return aq_get(self, '_isBeingUsedAsAMethod_', 0) return aq_get(self, '_isBeingUsedAsAMethod_', 0)
def _isNotBeingUsedAsAMethod(self): def _isNotBeingUsedAsAMethod(self):
return not aq_get(self, '_isBeingUsedAsAMethod_', 0) return not aq_get(self, '_isBeingUsedAsAMethod_', 0)
...@@ -51,8 +53,8 @@ class RoleManager(Base, RoleManager): ...@@ -51,8 +53,8 @@ class RoleManager(Base, RoleManager):
security = ClassSecurityInfo() security = ClassSecurityInfo()
manage_options=( manage_options=(
{'label':'Security', 'action':'manage_access', {'label': 'Security', 'action': 'manage_access',
'help':('OFSP','Security.stx'), 'help': ('OFSP', 'Security.stx'),
}, },
) )
...@@ -67,20 +69,21 @@ class RoleManager(Base, RoleManager): ...@@ -67,20 +69,21 @@ class RoleManager(Base, RoleManager):
# Get all permissions not defined in ourself that are inherited # Get all permissions not defined in ourself that are inherited
# This will be a sequence of tuples with a name as the first item and # This will be a sequence of tuples with a name as the first item and
# an empty tuple as the second. # an empty tuple as the second.
d={} d = {}
perms=self.__ac_permissions__ perms = self.__ac_permissions__
for p in perms: d[p[0]]=None for p in perms:
d[p[0]] = None
r=gather_permissions(self.__class__, [], d) r = gather_permissions(self.__class__, [], d)
if all: if all:
if hasattr(self, '_subobject_permissions'): if hasattr(self, '_subobject_permissions'):
for p in self._subobject_permissions(): for p in self._subobject_permissions():
pname=p[0] pname=p[0]
if not d.has_key(pname): if not pname in d:
d[pname]=1 d[pname] = 1
r.append(p) r.append(p)
r=list(perms)+r r = list(perms) + r
r.sort() r.sort()
return tuple(r) return tuple(r)
...@@ -104,19 +107,19 @@ class RoleManager(Base, RoleManager): ...@@ -104,19 +107,19 @@ class RoleManager(Base, RoleManager):
for p in permissions: for p in permissions:
name, value = p[:2] name, value = p[:2]
p=Permission(name,value,self) p=Permission(name, value, self)
roles=p.getRoles(default=[]) roles = p.getRoles(default=[])
d={'name': name, d={'name': name,
'acquire': isinstance(roles, list) and 'CHECKED' or '', 'acquire': isinstance(roles, list) and 'CHECKED' or '',
'roles': map( 'roles': map(
lambda ir, roles=roles, valid=valid, ip=ip: lambda ir, roles=roles, valid=valid, ip=ip:
{ {
'name': "p%dr%d" % (ip,ir), 'name': "p%dr%d" % (ip, ir),
'checked': (valid[ir] in roles) and 'CHECKED' or '', 'checked': (valid[ir] in roles) and 'CHECKED' or '',
}, },
indexes) indexes)
} }
ip=ip+1 ip = ip + 1
result.append(d) result.append(d)
return result return result
...@@ -133,10 +136,11 @@ class RoleManager(Base, RoleManager): ...@@ -133,10 +136,11 @@ class RoleManager(Base, RoleManager):
""" """
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
p=Permission(name,value,self) p=Permission(name, value, self)
p.setRole(role_to_manage, name in permissions) p.setRole(role_to_manage, name in permissions)
if REQUEST is not None: return self.manage_access(REQUEST) if REQUEST is not None:
return self.manage_access(REQUEST)
security.declareProtected(change_permissions, 'manage_acquiredForm') security.declareProtected(change_permissions, 'manage_acquiredForm')
manage_acquiredForm=DTMLFile('dtml/acquiredEdit', globals(), manage_acquiredForm=DTMLFile('dtml/acquiredEdit', globals(),
...@@ -151,13 +155,17 @@ class RoleManager(Base, RoleManager): ...@@ -151,13 +155,17 @@ class RoleManager(Base, RoleManager):
""" """
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
p=Permission(name,value,self) p = Permission(name, value, self)
roles=p.getRoles() roles = p.getRoles()
if roles is None: continue if roles is None:
if name in permissions: p.setRoles(list(roles)) continue
else: p.setRoles(tuple(roles)) if name in permissions:
p.setRoles(list(roles))
else:
p.setRoles(tuple(roles))
if REQUEST is not None: return self.manage_access(REQUEST) if REQUEST is not None:
return self.manage_access(REQUEST)
def manage_getUserRolesAndPermissions(self, user_id): def manage_getUserRolesAndPermissions(self, user_id):
""" Used for permission/role reporting for a given user_id. """ Used for permission/role reporting for a given user_id.
...@@ -167,9 +175,9 @@ class RoleManager(Base, RoleManager): ...@@ -167,9 +175,9 @@ class RoleManager(Base, RoleManager):
'roles' -> global roles, 'roles' -> global roles,
'roles_in_context' -> roles in context of the current object, 'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user, 'allowed_permissions' -> permissions allowed for the user,
'disallowed_permissions' -> all other permissions 'disallowed_permissions' -> all other permissions
""" """
d = {} d = {}
current = self current = self
...@@ -189,7 +197,7 @@ class RoleManager(Base, RoleManager): ...@@ -189,7 +197,7 @@ class RoleManager(Base, RoleManager):
newSecurityManager(None, userObj) # necessary? newSecurityManager(None, userObj) # necessary?
userObj = userObj.__of__(uf) userObj = userObj.__of__(uf)
d = {'user_defined_in' : '/' + uf.absolute_url(1)} d = {'user_defined_in': '/' + uf.absolute_url(1)}
# roles # roles
roles = list(userObj.getRoles()) roles = list(userObj.getRoles())
...@@ -237,26 +245,30 @@ class RoleManager(Base, RoleManager): ...@@ -237,26 +245,30 @@ class RoleManager(Base, RoleManager):
""" """
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
if name==permission_to_manage: if name == permission_to_manage:
p=Permission(name,value,self) p = Permission(name, value, self)
if acquire: roles=list(roles) if acquire:
else: roles=tuple(roles) roles=list(roles)
else:
roles=tuple(roles)
p.setRoles(roles) p.setRoles(roles)
if REQUEST is not None: return self.manage_access(REQUEST) if REQUEST is not None:
return self.manage_access(REQUEST)
return return
raise ValueError, ( raise ValueError(
"The permission <em>%s</em> is invalid." % "The permission <em>%s</em> is invalid." %
escape(permission_to_manage)) escape(permission_to_manage))
_normal_manage_access=DTMLFile('dtml/access', globals()) _normal_manage_access=DTMLFile('dtml/access', globals())
manage_reportUserPermissions=DTMLFile('dtml/reportUserPermissions', globals()) manage_reportUserPermissions=DTMLFile(
'dtml/reportUserPermissions', globals())
security.declareProtected(change_permissions, 'manage_access') security.declareProtected(change_permissions, 'manage_access')
def manage_access(self, REQUEST, **kw): def manage_access(self, REQUEST, **kw):
"""Return an interface for making permissions settings. """Return an interface for making permissions settings.
""" """
return apply(self._normal_manage_access,(), kw) return apply(self._normal_manage_access, (), kw)
security.declareProtected(change_permissions, 'manage_changePermissions') security.declareProtected(change_permissions, 'manage_changePermissions')
@requestmethod('POST') @requestmethod('POST')
...@@ -269,13 +281,15 @@ class RoleManager(Base, RoleManager): ...@@ -269,13 +281,15 @@ class RoleManager(Base, RoleManager):
permissions=self.ac_inherited_permissions(1) permissions=self.ac_inherited_permissions(1)
fails = [] fails = []
for ip in range(len(permissions)): for ip in range(len(permissions)):
roles=[] roles = []
for ir in indexes: for ir in indexes:
if have("p%dr%d" % (ip,ir)): roles.append(valid_roles[ir]) if have("p%dr%d" % (ip, ir)):
roles.append(valid_roles[ir])
name, value = permissions[ip][:2] name, value = permissions[ip][:2]
try: try:
p=Permission(name,value,self) p = Permission(name, value, self)
if not have('a%d' % ip): roles=tuple(roles) if not have('a%d' % ip):
roles=tuple(roles)
p.setRoles(roles) p.setRoles(roles)
except: except:
fails.append(name) fails.append(name)
...@@ -286,19 +300,19 @@ class RoleManager(Base, RoleManager): ...@@ -286,19 +300,19 @@ class RoleManager(Base, RoleManager):
+ escape(', '.join(fails)), + escape(', '.join(fails)),
action='manage_access') action='manage_access')
return MessageDialog( return MessageDialog(
title ='Success!', title = 'Success!',
message='Your changes have been saved', message = 'Your changes have been saved',
action ='manage_access') action = 'manage_access')
security.declareProtected(change_permissions, 'permissionsOfRole') security.declareProtected(change_permissions, 'permissionsOfRole')
def permissionsOfRole(self, role): def permissionsOfRole(self, role):
"""Used by management screen. """Used by management screen.
""" """
r=[] r = []
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
p=Permission(name,value,self) p = Permission(name, value, self)
roles=p.getRoles() roles = p.getRoles()
r.append({'name': name, r.append({'name': name,
'selected': role in roles and 'SELECTED' or '', 'selected': role in roles and 'SELECTED' or '',
}) })
...@@ -308,12 +322,12 @@ class RoleManager(Base, RoleManager): ...@@ -308,12 +322,12 @@ class RoleManager(Base, RoleManager):
def rolesOfPermission(self, permission): def rolesOfPermission(self, permission):
"""Used by management screen. """Used by management screen.
""" """
valid_roles=self.valid_roles() valid_roles = self.valid_roles()
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
if name==permission: if name==permission:
p=Permission(name,value,self) p = Permission(name, value, self)
roles=p.getRoles() roles = p.getRoles()
return map( return map(
lambda role, roles=roles: lambda role, roles=roles:
{'name': role, {'name': role,
...@@ -321,7 +335,7 @@ class RoleManager(Base, RoleManager): ...@@ -321,7 +335,7 @@ class RoleManager(Base, RoleManager):
}, },
valid_roles) valid_roles)
raise ValueError, ( raise ValueError(
"The permission <em>%s</em> is invalid." % escape(permission)) "The permission <em>%s</em> is invalid." % escape(permission))
security.declareProtected(change_permissions, 'acquiredRolesAreUsedBy') security.declareProtected(change_permissions, 'acquiredRolesAreUsedBy')
...@@ -331,14 +345,13 @@ class RoleManager(Base, RoleManager): ...@@ -331,14 +345,13 @@ class RoleManager(Base, RoleManager):
for p in self.ac_inherited_permissions(1): for p in self.ac_inherited_permissions(1):
name, value = p[:2] name, value = p[:2]
if name==permission: if name==permission:
p=Permission(name,value,self) p=Permission(name, value, self)
roles=p.getRoles() roles = p.getRoles()
return isinstance(roles, list) and 'CHECKED' or '' return isinstance(roles, list) and 'CHECKED' or ''
raise ValueError, ( raise ValueError(
"The permission <em>%s</em> is invalid." % escape(permission)) "The permission <em>%s</em> is invalid." % escape(permission))
# Local roles support # Local roles support
# ------------------- # -------------------
# #
...@@ -390,8 +403,10 @@ class RoleManager(Base, RoleManager): ...@@ -390,8 +403,10 @@ class RoleManager(Base, RoleManager):
aclu = getattr(aq_base(item), '__allow_groups__', _notfound) aclu = getattr(aq_base(item), '__allow_groups__', _notfound)
if aclu is not _notfound: if aclu is not _notfound:
mlu = getattr(aclu, 'maxlistusers', _notfound) mlu = getattr(aclu, 'maxlistusers', _notfound)
if not isinstance(mlu, int): mlu = DEFAULTMAXLISTUSERS if not isinstance(mlu, int):
if mlu < 0: raise OverflowError mlu = DEFAULTMAXLISTUSERS
if mlu < 0:
raise OverflowError
un = getattr(aclu, 'user_names', _notfound) un = getattr(aclu, 'user_names', _notfound)
if un is not _notfound: if un is not _notfound:
un = aclu.__of__(item).user_names # rewrap un = aclu.__of__(item).user_names # rewrap
...@@ -417,8 +432,8 @@ class RoleManager(Base, RoleManager): ...@@ -417,8 +432,8 @@ class RoleManager(Base, RoleManager):
def manage_addLocalRoles(self, userid, roles, REQUEST=None): def manage_addLocalRoles(self, userid, roles, REQUEST=None):
"""Set local roles for a user.""" """Set local roles for a user."""
if not roles: if not roles:
raise ValueError, 'One or more roles must be given!' raise ValueError('One or more roles must be given!')
dict=self.__ac_local_roles__ dict = self.__ac_local_roles__
if dict is None: if dict is None:
self.__ac_local_roles__ = dict = {} self.__ac_local_roles__ = dict = {}
local_roles = list(dict.get(userid, [])) local_roles = list(dict.get(userid, []))
...@@ -436,12 +451,12 @@ class RoleManager(Base, RoleManager): ...@@ -436,12 +451,12 @@ class RoleManager(Base, RoleManager):
def manage_setLocalRoles(self, userid, roles, REQUEST=None): def manage_setLocalRoles(self, userid, roles, REQUEST=None):
"""Set local roles for a user.""" """Set local roles for a user."""
if not roles: if not roles:
raise ValueError, 'One or more roles must be given!' raise ValueError('One or more roles must be given!')
dict=self.__ac_local_roles__ dict = self.__ac_local_roles__
if dict is None: if dict is None:
self.__ac_local_roles__ = dict = {} self.__ac_local_roles__ = dict = {}
dict[userid]=roles dict[userid]=roles
self._p_changed=True self._p_changed = True
if REQUEST is not None: if REQUEST is not None:
stat='Your changes have been saved.' stat='Your changes have been saved.'
return self.manage_listLocalRoles(self, REQUEST, stat=stat) return self.manage_listLocalRoles(self, REQUEST, stat=stat)
...@@ -450,11 +465,11 @@ class RoleManager(Base, RoleManager): ...@@ -450,11 +465,11 @@ class RoleManager(Base, RoleManager):
@requestmethod('POST') @requestmethod('POST')
def manage_delLocalRoles(self, userids, REQUEST=None): def manage_delLocalRoles(self, userids, REQUEST=None):
"""Remove all local roles for a user.""" """Remove all local roles for a user."""
dict=self.__ac_local_roles__ dict = self.__ac_local_roles__
if dict is None: if dict is None:
self.__ac_local_roles__ = dict = {} self.__ac_local_roles__ = dict = {}
for userid in userids: for userid in userids:
if dict.has_key(userid): if userid in dict:
del dict[userid] del dict[userid]
self._p_changed=True self._p_changed=True
if REQUEST is not None: if REQUEST is not None:
...@@ -479,7 +494,7 @@ class RoleManager(Base, RoleManager): ...@@ -479,7 +494,7 @@ class RoleManager(Base, RoleManager):
'class': 0}) 'class': 0})
for key, value in clas.items(): for key, value in clas.items():
if key.find('__roles__') >= 0: if key.find('__roles__') >= 0:
_add({'name': key, 'value': value, 'class' : 1}) _add({'name': key, 'value': value, 'class': 1})
if hasattr(value, '__roles__'): if hasattr(value, '__roles__'):
_add({'name': '%s.__roles__' % key, 'value': value.__roles__, _add({'name': '%s.__roles__' % key, 'value': value.__roles__,
'class': 1}) 'class': 1})
...@@ -519,10 +534,12 @@ class RoleManager(Base, RoleManager): ...@@ -519,10 +534,12 @@ class RoleManager(Base, RoleManager):
def userdefined_roles(self): def userdefined_roles(self):
"""Return list of user-defined roles. """Return list of user-defined roles.
""" """
roles=list(self.__ac_roles__) roles = list(self.__ac_roles__)
for role in classattr(self.__class__,'__ac_roles__'): for role in classattr(self.__class__, '__ac_roles__'):
try: roles.remove(role) try:
except: pass roles.remove(role)
except:
pass
return tuple(roles) return tuple(roles)
security.declareProtected(change_permissions, 'manage_defined_roles') security.declareProtected(change_permissions, 'manage_defined_roles')
...@@ -544,15 +561,15 @@ class RoleManager(Base, RoleManager): ...@@ -544,15 +561,15 @@ class RoleManager(Base, RoleManager):
def _addRole(self, role, REQUEST=None): def _addRole(self, role, REQUEST=None):
if not role: if not role:
return MessageDialog( return MessageDialog(
title ='Incomplete', title='Incomplete',
message='You must specify a role name', message='You must specify a role name',
action ='manage_access') action='manage_access')
if role in self.__ac_roles__: if role in self.__ac_roles__:
return MessageDialog( return MessageDialog(
title ='Role Exists', title='Role Exists',
message='The given role is already defined', message='The given role is already defined',
action ='manage_access') action='manage_access')
data=list(self.__ac_roles__) data = list(self.__ac_roles__)
data.append(role) data.append(role)
self.__ac_roles__=tuple(data) self.__ac_roles__=tuple(data)
if REQUEST is not None: if REQUEST is not None:
...@@ -562,14 +579,16 @@ class RoleManager(Base, RoleManager): ...@@ -562,14 +579,16 @@ class RoleManager(Base, RoleManager):
def _delRoles(self, roles, REQUEST=None): def _delRoles(self, roles, REQUEST=None):
if not roles: if not roles:
return MessageDialog( return MessageDialog(
title ='Incomplete', title='Incomplete',
message='You must specify a role name', message='You must specify a role name',
action ='manage_access') action='manage_access')
data=list(self.__ac_roles__) data = list(self.__ac_roles__)
for role in roles: for role in roles:
try: data.remove(role) try:
except: pass data.remove(role)
self.__ac_roles__=tuple(data) except:
pass
self.__ac_roles__ = tuple(data)
if REQUEST is not None: if REQUEST is not None:
return self.manage_access(REQUEST) return self.manage_access(REQUEST)
...@@ -606,30 +625,43 @@ InitializeClass(RoleManager) ...@@ -606,30 +625,43 @@ InitializeClass(RoleManager)
def reqattr(request, attr): def reqattr(request, attr):
try: return request[attr] try:
except: return None return request[attr]
except:
return None
def classattr(cls, attr): def classattr(cls, attr):
if hasattr(cls, attr): if hasattr(cls, attr):
return getattr(cls, attr) return getattr(cls, attr)
try: bases=cls.__bases__ try:
except: bases=() bases = cls.__bases__
except:
bases = ()
for base in bases: for base in bases:
if classattr(base, attr): if classattr(base, attr):
return attr return attr
return None return None
def instance_dict(inst): def instance_dict(inst):
try: return inst.__dict__ try:
except: return {} return inst.__dict__
except:
return {}
def class_dict(_class): def class_dict(_class):
try: return _class.__dict__ try:
except: return {} return _class.__dict__
except:
return {}
def instance_attrs(inst): def instance_attrs(inst):
return instance_dict(inst) return instance_dict(inst)
def class_attrs(inst, _class=None, data=None): def class_attrs(inst, _class=None, data=None):
if _class is None: if _class is None:
_class=inst.__class__ _class=inst.__class__
...@@ -645,13 +677,15 @@ def class_attrs(inst, _class=None, data=None): ...@@ -645,13 +677,15 @@ def class_attrs(inst, _class=None, data=None):
data=class_attrs(inst, base, data) data=class_attrs(inst, base, data)
return data return data
def gather_permissions(klass, result, seen): def gather_permissions(klass, result, seen):
for base in klass.__bases__: for base in klass.__bases__:
if base.__dict__.has_key('__ac_permissions__'): if '__ac_permissions__' in base.__dict__:
for p in base.__ac_permissions__: for p in base.__ac_permissions__:
name=p[0] name=p[0]
if seen.has_key(name): continue if name in seen:
continue
result.append((name, ())) result.append((name, ()))
seen[name]=None seen[name] = None
gather_permissions(base, result, seen) gather_permissions(base, result, seen)
return result return result
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment