Commit 056125d1 authored by Romain Courteaud's avatar Romain Courteaud

slapos_erp5:

* slapos member user are not allowed anymore to create compute node
* no need to create a dedicated local_roles from compute node source_administration
  Only slapos manager will handle compute nodes
* duplicate test_default_scenario to happily break it
* drop friend/personal in new scenario test
* all members can allocation on all compute nodes
* give user security group based on function (to access some module) and project/function (to access documents)
* only a project computer manager can create compute nodes
* only project computer manager is assignor on compute node
* need a project assignment to create a compute node
* drop group security on Instance Tree
* drop group security from Software Instance
* project member only need Auditor role on it
* add customer project assignment
* remove source_administration interaction workflow on Compute Node and add follow_up instead
* Software Installation: move interaction workflow from destination_section to follow_up
* give role on Software Installation to Project Compute Node Manager
* shadow user do not need access to Compute Node anymore
* only project comp manager can create SOftware Installation
* project customer can create software instance
* project customer can create instance tree
* project people can only view the project module
* also check PAS plugins which are not supposed to be activated
* drop PAS shadow user plugins
* drop shadow access from compute node module
* drop shadow from compute node module
* drop shadow role from computer module
* drop shadow role from person* portal types
* drop shadow role on project module
* Revert "slapos_erp5: drop PAS shadow user plugins"
  Needed for accounting
* Revert "slapos_erp5: drop shadow role from person* portal types"
* drop Modification permissions if document uses an automated ledger
* source_administration is not used anymore on Compute Node
* drop transfer from another Project
* drop allocation_scope/open categories
* drop Item_getSecurityCategoryFromMovementDestinationSection
* drop Item_getSecurityCategoryFromMovementDestinationSection
* drop Item_getSecurityCategoryFromMovementDestinationProject
* drop Item_getSecurityCategoryFromMovementDestination
* drop SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject
* drop ERP5Type_getSecurityCategoryFromAssignmentDestinationClientOrganisation
* switch event/ticket roles to virtual master security
* drop Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection
* drop Event_getSecurityCategoryFromMovementFollowUpAggregateDestination
* delete Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject
* drop Item_getSecurityCategoryFromMovementAggregateDestinationProject
* drop Item_getSecurityCategoryFromMovementAggregateDestinationSection
* drop Item_getSecurityCategoryFromMovementAggregateDestination
* drop Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection
* drop SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination
* drop Item_getSecurityCategoryFromMovementLineAggregateDestinationProject
* drop Item_getSecurityCategoryFromMovementLineAggregateDestination
* drop Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection
* provide access to Compute Node Manager on Upgrade Decision
* delivery/movement must use source_project instead of follow_up
* delivery/movement must use source_project instead of follow_up
* drop query module security
* drop Compute Partition roles
  It must be visible by all project members
* instance of the project can access compute nodes
* do not make Credit Card readable
* drop data set security
* only accountant can create/update Account
* add function local_role_group
* use function local_role_group on Account
* use function local_role_group on account
* only accountant can read/write accounting transactions.
  Ledger is used as write condition
* accounting period are only readable/writable by accountant
* accounting period are only readable/writable by accountant
* provide access on compute node to project customer/production
* give read access to project production
* provide access to production on software installation
* switch admin to production manager in tests
* no need for group/role in assignment. Use parent function too
* provide access to function/production on Instance Tree
* provide access to instance for function/production users
* provide access to function/production* on support request
* provide access to function/production on event module
* provide access to regularisation request to function/production
* drop roles for DMS portal types
  It does not seem used.
* provide read/write access to function/production to Computer Network
* provide access to function/is to System Event
* provide access to function/is on Assignment
* provide access to person module
* provide read only access to project/customer on software product
* provide readonly access to project/customer on software release
* test set server allocation_scope to open
* provide readonly access for project/customer on accounting module
* provide readonly access for project/customer on compute node module
* use source/destination_project on event/ticket/delivery
* security for Subscription Request
* production agent/manager can not create Software Instance
*  drop slap_add_compute_node page
* drop slap_project_list page
* drop  drop slap_transfer_compute_node (and project_view)
* drop slap_compute_node_view page
parent 6b28c897
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
...@@ -9,9 +9,9 @@ ...@@ -9,9 +9,9 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal> <principal id='F-ACCOUNTING'>Author</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Assignor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -8,8 +8,8 @@ ...@@ -8,8 +8,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-CUSTOMER'>
<item>Auditor</item>
</role>
<role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -12,15 +15,8 @@ ...@@ -12,15 +15,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignor</principal> <principal id='R-SHADOW-PERSON'>Assignor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-ACCOUNTING'>
<item>Assignor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Assignee</item> <item>Assignee</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Assignor</principal> <principal id='F-ACCOUNTING'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Assignee</principal> <principal id='R-SHADOW-PERSON'>Assignee</principal>
......
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item>
<item>Author</item>
</role>
<role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
</local_roles> </local_roles>
...@@ -19,16 +15,5 @@ ...@@ -19,16 +15,5 @@
<local_role_group_id id='computer'> <local_role_group_id id='computer'>
<principal id='R-COMPUTER'>Auditor</principal> <principal id='R-COMPUTER'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'>
<item>Auditor</item>
</role>
<role id='R-COMPUTER'>
<item>Auditor</item>
</role>
<role id='R-MEMBER'>
<item>Auditor</item>
</role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='computer'>
<principal id='R-COMPUTER'>Auditor</principal>
</local_role_group_id>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
...@@ -13,16 +12,11 @@ ...@@ -13,16 +12,11 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='F-CUSTOMER'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item>
<local_roles>
<role id='G-COMPANY'>
<item>Auditor</item>
<item>Author</item>
</role>
</local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='F-CUSTOMER'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal> <principal id='F-CUSTOMER'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id> </local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-COMPUTER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-INSTANCE'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-MEMBER'> <role id='R-INSTANCE'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
...@@ -12,15 +11,8 @@ ...@@ -12,15 +11,8 @@
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal> <principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-COMPUTER'> <role id='F-PRODUCTION*'>
<item>Auditor</item>
</role>
<role id='R-MEMBER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Auditor</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='F-CUSTOMER'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-COMPUTER'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-MEMBER'>
<item>Auditor</item>
<item>Author</item>
</role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='computer'> <local_role_group_id id='computer'>
<principal id='R-COMPUTER'>Auditor</principal> <principal id='R-COMPUTER'>Auditor</principal>
</local_role_group_id> </local_role_group_id>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-COMPUTER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
<role id='R-INSTANCE'> <role id='R-COMPUTER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='R-INSTANCE'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role>
<role id='R-MEMBER'>
<item>Auditor</item>
<item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
</local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-CUSTOMER'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
<role id='R-MEMBER'> <role id='F-PRODUCTION*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item> <item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'> <local_role_group_id id='function'>
<principal id='G-COMPANY'>Auditor</principal> <principal id='F-CUSTOMER'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal> <principal id='F-CUSTOMER'>Author</principal>
</local_role_group_id>
<local_role_group_id id='user'>
<principal id='R-MEMBER'>Auditor</principal>
<principal id='R-MEMBER'>Author</principal>
</local_role_group_id> </local_role_group_id>
</local_role_group_ids> </local_role_group_ids>
</local_roles_item> </local_roles_item>
\ No newline at end of file
<local_roles_item> <local_roles_item>
<local_roles> <local_roles>
<role id='G-COMPANY'> <role id='F-IS*'>
<item>Auditor</item> <item>Auditor</item>
<item>Author</item>
</role> </role>
<role id='R-SHADOW-PERSON'> <role id='R-SHADOW-PERSON'>
<item>Author</item> <item>Author</item>
</role> </role>
</local_roles> </local_roles>
<local_role_group_ids> <local_role_group_ids>
<local_role_group_id id='group'>
<principal id='G-COMPANY'>Auditor</principal>
<principal id='G-COMPANY'>Author</principal>
</local_role_group_id>
<local_role_group_id id='shadow'> <local_role_group_id id='shadow'>
<principal id='R-SHADOW-PERSON'>Author</principal> <principal id='R-SHADOW-PERSON'>Author</principal>
</local_role_group_id> </local_role_group_id>
......
...@@ -2,65 +2,76 @@ ...@@ -2,65 +2,76 @@
<ZopeData> <ZopeData>
<record id="1" aka="AAAAAAAAAAE="> <record id="1" aka="AAAAAAAAAAE=">
<pickle> <pickle>
<global name="Interaction Workflow Interaction" module="erp5.portal_type"/> <global name="Category" module="erp5.portal_type"/>
</pickle> </pickle>
<pickle> <pickle>
<dictionary> <dictionary>
<item> <item>
<key> <string>categories</string> </key> <key> <string>_Add_portal_content_Permission</string> </key>
<value> <value>
<tuple> <tuple>
<string>before_commit_script/portal_workflow/local_permission_slapos_interaction_workflow/script_Base_updateAllLocalRoles</string> <string>Assignor</string>
<string>Manager</string>
</tuple> </tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>description</string> </key> <key> <string>_Add_portal_folders_Permission</string> </key>
<value> <value>
<none/> <tuple>
<string>Assignor</string>
<string>Manager</string>
</tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>_Copy_or_Move_Permission</string> </key>
<value> <string>interaction_ComputerModel_edit</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Interaction Workflow Interaction</string> </value>
</item>
<item>
<key> <string>portal_type_filter</string> </key>
<value> <value>
<tuple> <tuple>
<string>Computer Model</string> <string>Assignor</string>
<string>Manager</string>
</tuple> </tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>portal_type_group_filter</string> </key> <key> <string>_Delete_objects_Permission</string> </key>
<value> <value>
<tuple/> <tuple>
<string>Assignor</string>
<string>Manager</string>
</tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>temporary_document_disallowed</string> </key> <key> <string>_Modify_portal_content_Permission</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>trigger_method_id</string> </key>
<value> <value>
<tuple> <tuple>
<string>_setSourceAdministration.*</string> <string>Assignee</string>
<string>Assignor</string>
<string>Manager</string>
<string>Owner</string>
</tuple> </tuple>
</value> </value>
</item> </item>
<item> <item>
<key> <string>trigger_once_per_transaction</string> </key> <key> <string>description</string> </key>
<value> <int>1</int> </value> <value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>function</string> </value>
</item> </item>
<item> <item>
<key> <string>trigger_type</string> </key> <key> <string>portal_type</string> </key>
<value> <int>2</int> </value> <value> <string>Category</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<none/>
</value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
......
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Author; Auditor'>
<property id='title'>Group company</property> <property id='title'>Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>Any accountant or accountant manager may create accounts and access accounts</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
......
<type_roles> <type_roles>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>Only the accountant can validate new accounts.</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
......
<type_roles> <type_roles>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Company group</property> <property id='title'>Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Author; Auditor'>
<property id='title'>Group company</property> <property id='title'>Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
...@@ -17,4 +15,9 @@ ...@@ -17,4 +15,9 @@
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'>
<property id='title'>ReadOnly for Accountant</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Writable for Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor; Assignor'> <role id='Auditor'>
<property id='title'>Company group</property> <property id='title'>Information System</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX local role group</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/is*</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'>
<property id='title'>ReadOnly for Accountant</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Writable for Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -5,22 +5,14 @@ ...@@ -5,22 +5,14 @@
<multi_property id='category'>role/computer</multi_property> <multi_property id='category'>role/computer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Author; Auditor'> <role id='Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor; Author'>
<property id='title'>Person Shadow</property> <property id='title'>Production</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <multi_property id='category'>function/production*</multi_property>
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Allocation scope</property> <property id='title'>Project Customer</property>
<property id='condition'>python: here.getAllocationScope('').startswith('open')</property> <property id='description'>XXX add local role group</property>
<property id='base_category_script'>ComputeNode_getSecurityCategoryFromAllocationScope</property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='base_category'>aggregate</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Compute Node Agent</property> <property id='title'>Project Production Agent</property>
<property id='description'>Monovalued role</property> <property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getFollowUp("") != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_administration</multi_property> <multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Project Production Manager</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
</role> <multi_property id='category'>function/production/manager</multi_property>
<role id='Assignee'> <multi_property id='base_category'>follow_up</multi_property>
<property id='title'>Organisation Member</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationSection</property>
<multi_property id='categories'>local_role_group/organisation</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Project Member</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationProject</property>
<multi_property id='categories'>local_role_group/project</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Self Compute Node</property> <property id='title'>Self Compute Node</property>
...@@ -38,4 +30,11 @@ ...@@ -38,4 +30,11 @@
<multi_property id='categories'>local_role_group/computer</multi_property> <multi_property id='categories'>local_role_group/computer</multi_property>
<multi_property id='base_category'>destination_decision</multi_property> <multi_property id='base_category'>destination_decision</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Software Instance</property>
<property id='condition'>python: context.getFollowUp("") != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>role/instance</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles>
<role id='Auditor'>
<property id='title'>Customer of the partition</property>
<property id='condition'>python: here.getSlapState() == "busy"</property>
<property id='base_category_script'>ComputePartition_getSecurityCategoryFromUser</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Auditor'>
<property id='title'>Software Instance group related to Compute Partition</property>
<property id='condition'>python: here.getSlapState() == "busy"</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceInstanceTree</property>
<multi_property id='categories'>local_role_group/subscription</multi_property>
<multi_property id='base_category'>aggregate</multi_property>
</role>
</type_roles>
\ No newline at end of file
...@@ -17,10 +17,4 @@ ...@@ -17,10 +17,4 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor; Author'> <role id='Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
...@@ -17,4 +11,9 @@ ...@@ -17,4 +11,9 @@
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor; Author'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Organisation Member</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationSection</property>
<multi_property id='categories'>local_role_group/organisation</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Person Owner</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source_administration</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Project Customer</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getFollowUp("") != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Project Member</property> <property id='title'>Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role>
<role id='Assignor'>
<property id='title'>Project Production Manager</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getFollowUp("") != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Group company</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Production</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/production*</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Company group</property> <property id='title'>Project Compute Node Manager</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX project local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getSourceProject("", portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/computer/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -4,21 +4,19 @@ ...@@ -4,21 +4,19 @@
<multi_property id='category'>role/computer</multi_property> <multi_property id='category'>role/computer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Author; Auditor'>
<property id='title'>Group Company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Instance</property> <property id='title'>Instance</property>
<multi_property id='category'>role/instance</multi_property> <multi_property id='category'>role/instance</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Project Customer</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -5,23 +5,21 @@ ...@@ -5,23 +5,21 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>destination_section</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Group Company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Organisation Member</property> <property id='title'>Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Project Production Manager</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Related Software Instance Group</property> <property id='title'>Related Software Instance Group</property>
......
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Group company</property>
<property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
......
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') == ""</property> <property id='condition'>python: here.getDestinationSection('', portal_type='Person') == ""</property>
...@@ -12,6 +6,13 @@ ...@@ -12,6 +6,13 @@
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>ReadOnly for Accountant</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Shadow User</property> <property id='title'>Shadow User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property> <property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property>
...@@ -21,9 +22,16 @@ ...@@ -21,9 +22,16 @@
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>User</property> <property id='title'>User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property> <property id='condition'>python: (here.getDestinationSection('', portal_type='Person') != '') and (context.getLedger("") == "automated")</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>destination_section</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Writable for Accountant</property>
<property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Group company</property> <property id='title'>Information System</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX local role group</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/is*</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Shadow User</property> <property id='title'>Shadow User</property>
......
<type_roles> <type_roles>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
...@@ -17,4 +10,9 @@ ...@@ -17,4 +10,9 @@
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -4,22 +4,16 @@ ...@@ -4,22 +4,16 @@
<multi_property id='category'>role/computer</multi_property> <multi_property id='category'>role/computer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor; Author'> <role id='Auditor'>
<property id='title'>Customer</property> <property id='title'>Project Compute Node Manager</property>
<multi_property id='categories'>local_role_group/user</multi_property> <property id='description'>XXX TODO
<multi_property id='category'>role/member</multi_property> add local roles group</property>
<multi_property id='base_category'>role</multi_property> <multi_property id='category'>function/production*</multi_property>
</role> <multi_property id='base_category'>function</multi_property>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property> <property id='title'>Project Customer</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Person Owner</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_decision</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Person Shadow</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Project Member</property> <property id='title'>Project Member</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromSelf</property>
<multi_property id='categories'>local_role_group/project</multi_property> <multi_property id='categories'>local_role_group/project</multi_property>
......
<type_roles> <type_roles>
<role id='Auditor'>
<property id='title'>ReadOnly for Accountant</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Writable for Accountant</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles>
</type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>function</multi_property>
</role>
<role id='Auditor'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -6,11 +6,21 @@ ...@@ -6,11 +6,21 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_decision</multi_property> <multi_property id='base_category'>destination_decision</multi_property>
</role> </role>
<role id='Assignee'>
<property id='title'>Destination Project Production Agent</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Manager</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member can see template</property> <property id='title'>Member can see template</property>
...@@ -19,4 +29,20 @@ ...@@ -19,4 +29,20 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Assignee'>
<property id='title'>Source Project Production Agent</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role>
<role id='Assignor'>
<property id='title'>Source Project Production Manager</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/shadow</multi_property> <multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='category'>role/shadow/person</multi_property> <multi_property id='category'>role/shadow/person</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>ReadOnly for Accountant</property>
<property id='condition'>python: context.getLedger("") == "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>User</property> <property id='title'>User</property>
<property id='condition'>python: here.getDestinationSection('', portal_type='Person') != ''</property> <property id='condition'>python: (here.getDestinationSection('', portal_type='Person') != '') and (context.getLedger("") == "automated")</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>destination_section</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Writable for Accountant</property>
<property id='condition'>python: context.getLedger("") != "automated"</property>
<multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>function/accounting</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -11,12 +11,6 @@ ...@@ -11,12 +11,6 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>destination_section</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Instance related by Instance Tree</property> <property id='title'>Instance related by Instance Tree</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
...@@ -24,16 +18,20 @@ ...@@ -24,16 +18,20 @@
<multi_property id='base_category'>specialise</multi_property> <multi_property id='base_category'>specialise</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Organisation Member</property> <property id='title'>Project Production Agent</property>
<property id='base_category_script'>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Project Production Manager</property>
<property id='base_category_script'>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Software Instance which provides this Slave Instance</property> <property id='title'>Software Instance which provides this Slave Instance</property>
......
...@@ -5,16 +5,11 @@ ...@@ -5,16 +5,11 @@
<multi_property id='category'>role/computer</multi_property> <multi_property id='category'>role/computer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Project Production</property>
<multi_property id='categories'>local_role_group/user</multi_property> <property id='description'>XXX TODO
<multi_property id='category'>role/member</multi_property> add local roles group</property>
<multi_property id='base_category'>role</multi_property> <multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -5,28 +5,20 @@ ...@@ -5,28 +5,20 @@
<multi_property id='categories'>local_role_group/computer</multi_property> <multi_property id='categories'>local_role_group/computer</multi_property>
<multi_property id='base_category'>aggregate</multi_property> <multi_property id='base_category'>aggregate</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Organisation Member</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementAggregateDestinationSection</property>
<multi_property id='categories'>local_role_group/organisation</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Project Member</property> <property id='title'>Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementAggregateDestinationProject</property> <property id='description'>XXX project local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignor'>
<property id='title'>Provider of the Installation</property> <property id='title'>Project Production Manager</property>
<property id='description'>XXX project local role group</property>
<property id='condition'>python: context.getFollowUp("") != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>follow_up</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -4,21 +4,19 @@ ...@@ -4,21 +4,19 @@
<multi_property id='category'>role/computer</multi_property> <multi_property id='category'>role/computer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Instance</property> <property id='title'>Instance</property>
<multi_property id='category'>role/instance</multi_property> <multi_property id='category'>role/instance</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Production</property>
<multi_property id='category'>function/production*</multi_property>
<multi_property id='base_category'>function</multi_property>
</role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Project Customer</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -11,12 +11,6 @@ ...@@ -11,12 +11,6 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property> <multi_property id='base_category'>destination_section</multi_property>
</role> </role>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Instance related by Instance Tree</property> <property id='title'>Instance related by Instance Tree</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
...@@ -24,15 +18,19 @@ ...@@ -24,15 +18,19 @@
<multi_property id='base_category'>specialise</multi_property> <multi_property id='base_category'>specialise</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Organisation Member</property> <property id='title'>Project Production Agent</property>
<property id='base_category_script'>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Project Production Manager</property>
<property id='base_category_script'>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getFollowUp("") != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>follow_up</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Member</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>role</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor; Author'> <role id='Auditor'>
<property id='title'>Company group</property> <property id='title'>Production</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='category'>function/production*</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Assignee'>
<property id='title'>Destination Project Production Agent</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role>
<role id='Assignor'>
<property id='title'>Destination Project Production Manager</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role>
<role id='Assignee'>
<property id='title'>Source Project Production Agent</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Company group</property> <property id='title'>Source Project Production Manager</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Auditor; Author'>
<property id='title'>Group company</property> <property id='title'>Production</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='category'>function/production*</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='base_category'>function</multi_property>
<multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Project Customer</property>
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/function</multi_property>
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>function/customer</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -6,11 +6,21 @@ ...@@ -6,11 +6,21 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_decision</multi_property> <multi_property id='base_category'>destination_decision</multi_property>
</role> </role>
<role id='Assignee'>
<property id='title'>Destination Project Production Agent</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role>
<role id='Assignor'> <role id='Assignor'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Manager</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Member can see template</property> <property id='title'>Member can see template</property>
...@@ -19,22 +29,20 @@ ...@@ -19,22 +29,20 @@
<multi_property id='category'>role/member</multi_property> <multi_property id='category'>role/member</multi_property>
<multi_property id='base_category'>role</multi_property> <multi_property id='base_category'>role</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
</role> <multi_property id='category'>function/production/agent</multi_property>
<role id='Auditor'> <multi_property id='base_category'>source_project</multi_property>
<property id='title'>Organisation Member (HS)</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementAggregateDestination</property>
<multi_property id='categories'>local_role_group/organisation</multi_property>
<multi_property id='base_category'>destination</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Auditor'>
<property id='title'>Group company</property> <property id='title'>Information System</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX local role group</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/is*</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Author'> <role id='Author'>
<property id='title'>Person Shadow</property> <property id='title'>Person Shadow</property>
......
<type_roles> <type_roles>
<role id='Author; Auditor'> <role id='Author; Auditor'>
<property id='title'>Group company</property> <property id='title'>Compute Node Manager</property>
<property id='description'>XXX TODO
add local roles group</property>
<multi_property id='categories'>local_role_group/group</multi_property> <multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/computer/manager</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Auditor; Author'> <role id='Auditor; Author'>
<property id='title'>Member</property> <property id='title'>Member</property>
......
<type_roles> <type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignor'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementLineAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementLineAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role>
<role id='Assignor'>
<property id='title'>Source Project Production Manager</property>
<property id='description'>XXX add local role group</property>
<property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>User</property> <property id='title'>User</property>
......
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
...@@ -15,28 +15,36 @@ ...@@ -15,28 +15,36 @@
<multi_property id='categories'>local_role_group/user</multi_property> <multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>source</multi_property> <multi_property id='base_category'>source</multi_property>
</role> </role>
<role id='Assignor'> <role id='Assignee'>
<property id='title'>Group company</property> <property id='title'>Destination Project Production Agent</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX add local role group</property>
<multi_property id='category'>group/company</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>group</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Organisation Member (Compute Node)</property> <property id='title'>Destination Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getDestinationProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_section</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>destination_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignee'>
<property id='title'>Organisation Member (HS)</property> <property id='title'>Source Project Production Agent</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/organisation</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/agent</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
<role id='Auditor'> <role id='Assignor'>
<property id='title'>Project Member</property> <property id='title'>Source Project Production Manager</property>
<property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property> <property id='description'>XXX add local role group</property>
<multi_property id='categories'>local_role_group/project</multi_property> <property id='condition'>python: context.getSourceProject('', portal_type='Project') != ""</property>
<multi_property id='base_category'>destination_project</multi_property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
<multi_property id='category'>function/production/manager</multi_property>
<multi_property id='base_category'>source_project</multi_property>
</role> </role>
</type_roles> </type_roles>
\ No newline at end of file
<type_roles>
<role id='Author; Auditor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles>
<role id='Assignor'>
<property id='title'>Group company</property>
<multi_property id='categories'>local_role_group/group</multi_property>
<multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property>
</role>
</type_roles>
\ No newline at end of file
<type_roles> <type_roles>
<role id='Auditor'> <role id='Auditor'>
<property id='title'>Group company</property> <property id='title'>Information System</property>
<multi_property id='categories'>local_role_group/group</multi_property> <property id='description'>XXX local role group</property>
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>function/is*</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property>
</role> </role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Shadow User</property> <property id='title'>Shadow User</property>
......
...@@ -12,8 +12,6 @@ url_list = [ ...@@ -12,8 +12,6 @@ url_list = [
"gadget_slapos_login_page.css", "gadget_slapos_login_page.css",
"gadget_erp5_page_slap_accept_upgrade_decision.html", "gadget_erp5_page_slap_accept_upgrade_decision.html",
"gadget_erp5_page_slap_accept_upgrade_decision.js", "gadget_erp5_page_slap_accept_upgrade_decision.js",
"gadget_erp5_page_slap_add_compute_node.html",
"gadget_erp5_page_slap_add_compute_node.js",
"gadget_erp5_page_slap_add_instance_tree.html", "gadget_erp5_page_slap_add_instance_tree.html",
"gadget_erp5_page_slap_add_instance_tree.js", "gadget_erp5_page_slap_add_instance_tree.js",
"gadget_erp5_page_slap_add_network.html", "gadget_erp5_page_slap_add_network.html",
...@@ -56,8 +54,6 @@ url_list = [ ...@@ -56,8 +54,6 @@ url_list = [
"gadget_erp5_page_slap_compute_node_request_certificate.js", "gadget_erp5_page_slap_compute_node_request_certificate.js",
"gadget_erp5_page_slap_compute_node_revoke_certificate.html", "gadget_erp5_page_slap_compute_node_revoke_certificate.html",
"gadget_erp5_page_slap_compute_node_revoke_certificate.js", "gadget_erp5_page_slap_compute_node_revoke_certificate.js",
"gadget_erp5_page_slap_compute_node_view.html",
"gadget_erp5_page_slap_compute_node_view.js",
"gadget_erp5_page_slap_cloud_contract_view.js", "gadget_erp5_page_slap_cloud_contract_view.js",
"gadget_erp5_page_slap_cloud_contract_view.html", "gadget_erp5_page_slap_cloud_contract_view.html",
"gadget_erp5_page_slap_request_contract_activation.js", "gadget_erp5_page_slap_request_contract_activation.js",
...@@ -105,10 +101,6 @@ url_list = [ ...@@ -105,10 +101,6 @@ url_list = [
"gadget_erp5_page_slap_person_request_certificate.js", "gadget_erp5_page_slap_person_request_certificate.js",
"gadget_erp5_page_slap_person_view.html", "gadget_erp5_page_slap_person_view.html",
"gadget_erp5_page_slap_person_view.js", "gadget_erp5_page_slap_person_view.js",
"gadget_erp5_page_slap_project_list.html",
"gadget_erp5_page_slap_project_list.js",
"gadget_erp5_page_slap_project_view.html",
"gadget_erp5_page_slap_project_view.js",
"gadget_erp5_page_slap_regularisation_request_view.html", "gadget_erp5_page_slap_regularisation_request_view.html",
"gadget_erp5_page_slap_regularisation_request_view.js", "gadget_erp5_page_slap_regularisation_request_view.js",
"gadget_erp5_page_slap_rss_ticket.html", "gadget_erp5_page_slap_rss_ticket.html",
...@@ -138,8 +130,6 @@ url_list = [ ...@@ -138,8 +130,6 @@ url_list = [
"gadget_erp5_page_slap_ticket_list.html", "gadget_erp5_page_slap_ticket_list.html",
"gadget_erp5_page_slap_ticket_list.js", "gadget_erp5_page_slap_ticket_list.js",
"gadget_erp5_page_slap_ticket_view.js", "gadget_erp5_page_slap_ticket_view.js",
"gadget_erp5_page_slap_transfer_compute_node.html",
"gadget_erp5_page_slap_transfer_compute_node.js",
"gadget_erp5_page_slap_transfer_instance_tree.html", "gadget_erp5_page_slap_transfer_instance_tree.html",
"gadget_erp5_page_slap_transfer_instance_tree.js", "gadget_erp5_page_slap_transfer_instance_tree.js",
"gadget_erp5_page_slap_transfer_computer_network.html", "gadget_erp5_page_slap_transfer_computer_network.html",
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ComputeNode_getSecurityCategoryFromAllocationScope</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -13,12 +13,7 @@ if obj is None: ...@@ -13,12 +13,7 @@ if obj is None:
compute_node = obj compute_node = obj
category_list = [] if compute_node.getValidationState() == 'validated':
scope = compute_node.getAllocationScope()
if scope == 'open/public':
return {"Auditor": ["R-SHADOW-PERSON"]}
elif scope == 'open/subscription':
return {"Auditor": ["R-SHADOW-PERSON"]} return {"Auditor": ["R-SHADOW-PERSON"]}
return category_list return []
...@@ -6,18 +6,18 @@ ...@@ -6,18 +6,18 @@
</pickle> </pickle>
<pickle> <pickle>
<dictionary> <dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item> <item>
<key> <string>_bind_names</string> </key> <key> <string>_bind_names</string> </key>
<value> <value>
<object> <object>
<klass> <klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/> <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/> </klass>
<none/> <tuple/>
</tuple>
<state> <state>
<dictionary> <dictionary>
<item> <item>
...@@ -62,7 +62,7 @@ ...@@ -62,7 +62,7 @@
</item> </item>
<item> <item>
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>ComputePartition_getSecurityCategoryFromUser</string> </value> <value> <string>ComputeNode_getSecurityCategoryFromValidationState</string> </value>
</item> </item>
</dictionary> </dictionary>
</pickle> </pickle>
......
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
partition = obj
for instance in partition.getPortalObject().portal_catalog(
portal_type=["Software Instance", "Slave Instance"],
validation_state="validated",
default_aggregate_uid=partition.getUid()):
if instance is not None:
instance_tree = instance.getSpecialiseValue(portal_type="Instance Tree")
if instance_tree is not None:
person = instance_tree.getDestinationSectionValue(portal_type="Person")
if person is not None:
for base_category in base_category_list:
category_list.append({base_category: [person.getRelativeUrl()]})
return category_list
"""This scripts set ups role of aggregate related Software Instance
This is simple implementation, instead of generic related category with portal type,
which would not be configurable in Role Definition anyway."""
category_list = []
if obj is None:
return []
software_instance_list = obj.getPortalObject().portal_catalog(
portal_type='Software Instance',
default_aggregate_uid=obj.getUid(),
limit=2
)
if len(software_instance_list) == 1:
instance_tree = software_instance_list[0].getSpecialise(portal_type='Instance Tree')
for base_category in base_category_list:
category_list.append({base_category: instance_tree})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Auditor</string>
<string>Authenticated</string>
<string>Author</string>
<string>Manager</string>
<string>Member</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceInstanceTree</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_function</string> </key>
<value> <string>getSecurityCategoryFromAssignmentDestinationClientOrganisation</string> </value>
</item>
<item>
<key> <string>_module</string> </key>
<value> <string>SlapOSSecurity</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromAssignmentDestinationClientOrganisation</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value> <string></string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -8,16 +8,18 @@ deprecated ERP5Type_asSecurityGroupIdList ...@@ -8,16 +8,18 @@ deprecated ERP5Type_asSecurityGroupIdList
return ( return (
# Person security # Person security
('ERP5Type_getSecurityCategoryFromAssignment', ['group']), ('ERP5Type_getSecurityCategoryFromAssignment', ['function']),
('ERP5Type_getSecurityCategoryFromAssignment', ['role']), ('ERP5Type_getSecurityCategoryFromAssignmentParent', ['function']),
# XXX TODO check that only validated project are used
('ERP5Type_getSecurityCategoryFromAssignment', ['destination_project']), ('ERP5Type_getSecurityCategoryFromAssignment', ['destination_project']),
('ERP5Type_getSecurityCategoryFromAssignmentDestinationClientOrganisation', ['destination']), ('ERP5Type_getSecurityCategoryFromAssignment', ['destination_project', 'function']),
# Compute Node security # Compute Node security
('ERP5Type_getComputeNodeSecurityCategory', ['role']), ('ERP5Type_getComputeNodeSecurityCategory', ['role']),
# Instance security # Instance security
('ERP5Type_getSoftwareInstanceSecurityCategory', ['role']), ('ERP5Type_getSoftwareInstanceSecurityCategory', ['role']),
('ERP5Type_getSoftwareInstanceSecurityCategory', ['destination_project', 'role']),
('ERP5Type_getSoftwareInstanceSecurityCategory', ['aggregate']), ('ERP5Type_getSoftwareInstanceSecurityCategory', ['aggregate']),
) )
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object here is a event
ticket = obj.getFollowUpValue()
if ticket is None:
return []
aggregate_value = ticket.getAggregateValue()
if aggregate_value is None:
return []
# Only proceed if aggregate is a Compute Node
if aggregate_value.getPortalType() != "Compute Node":
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = aggregate_value.Item_getCurrentOwnerValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination_section': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object here is a event
ticket = obj.getFollowUpValue()
if ticket is None:
return []
aggregate_value = ticket.getAggregateValue()
if aggregate_value is None:
return []
# Limit the scope arround Instance tree otherwise we
# Leak security on the Compute Nodes placed on the same site.
if aggregate_value.getPortalType() != "Instance Tree":
return []
organisation = aggregate_value.Item_getCurrentSiteValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object here is a event
ticket = obj.getFollowUpValue()
if ticket is None:
return []
aggregate_value = ticket.getAggregateValue()
if aggregate_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
project = aggregate_value.Item_getCurrentProjectValue()
if project is not None:
category_list.append({'destination_project': [project.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = obj.getAggregateValue()
if aggregate_value is None:
return []
# Only proceed if aggregate is a Compute Node
if aggregate_value.getPortalType() != "Compute Node":
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = aggregate_value.Item_getCurrentOwnerValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination_section': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = obj.getAggregateValue()
if aggregate_value is None:
return []
# Limit the scope arround Instance tree otherwise we
# Leak security on the Compute Nodes placed on the same site.
if aggregate_value.getPortalType() != "Instance Tree":
return []
organisation = aggregate_value.Item_getCurrentSiteValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementAggregateDestination</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = obj.getAggregateValue()
if aggregate_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
project = aggregate_value.Item_getCurrentProjectValue()
if project is not None:
category_list.append({'destination_project': [project.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementAggregateDestinationProject</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = obj.getAggregateValue()
if aggregate_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = aggregate_value.Item_getCurrentOwnerValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination_section': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementAggregateDestinationSection</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = obj.Item_getCurrentSiteValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementDestination</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
project = obj.Item_getCurrentProjectValue()
if project is not None:
category_list.append({'destination_project': [project.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementDestinationProject</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = obj.Item_getCurrentOwnerValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination_section': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementDestinationSection</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = None
for line in obj.objectValues():
aggregate_value = line.getAggregateValue()
if aggregate_value is not None:
break
if aggregate_value is None:
return []
# Only proceed if aggregate is a Compute Node
if aggregate_value.getPortalType() != "Compute Node":
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = aggregate_value.Item_getCurrentOwnerValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination_section': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = None
for line in obj.objectValues():
aggregate_value = line.getAggregateValue()
if aggregate_value is not None:
break
if aggregate_value is None:
return []
# Limit the scope arround Instance tree otherwise we
# Leak security on the Compute Nodes placed on the same site.
if aggregate_value.getPortalType() != "Instance Tree":
return []
organisation = aggregate_value.Item_getCurrentSiteValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementLineAggregateDestination</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
aggregate_value = None
for line in obj.objectValues():
aggregate_value = line.getAggregateValue()
if aggregate_value is not None:
break
if aggregate_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
project = aggregate_value.Item_getCurrentProjectValue()
if project is not None:
category_list.append({'destination_project': [project.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Item_getSecurityCategoryFromMovementLineAggregateDestinationProject</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
specialise_value = obj.getSpecialiseValue()
if specialise_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
organisation = specialise_value.Item_getCurrentSiteValue()
if organisation is not None and \
organisation.getPortalType() == "Organisation":
category_list.append({'destination': [organisation.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
specialise_value = obj.getSpecialiseValue()
if specialise_value is None:
return []
# Object on this case can be Instance Tree, Compute Node, or Computer Network
project = specialise_value.Item_getCurrentProjectValue()
if project is not None:
category_list.append({'destination_project': [project.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -9,9 +9,12 @@ slapos_plugin_dict = { ...@@ -9,9 +9,12 @@ slapos_plugin_dict = {
'ERP5 Facebook Extraction Plugin' 'ERP5 Facebook Extraction Plugin'
], ],
'IGroupsPlugin': [ 'IGroupsPlugin': [
'ZODB Group Manager',
'SlapOS Shadow Authentication Plugin', 'SlapOS Shadow Authentication Plugin',
'ERP5 Group Manager'
], ],
'IUserEnumerationPlugin': [ 'IUserEnumerationPlugin': [
'ZODB User Manager',
'SlapOS Shadow Authentication Plugin', 'SlapOS Shadow Authentication Plugin',
'ERP5 Login User Manager' 'ERP5 Login User Manager'
] ]
...@@ -37,6 +40,18 @@ def mergePASDictDifference(portal, d, fixit): ...@@ -37,6 +40,18 @@ def mergePASDictDifference(portal, d, fixit):
error += ' Fixed.' error += ' Fixed.'
error_list.append(error) error_list.append(error)
for activated_plugin in meta_type_list:
if activated_plugin not in active_list:
error = 'Plugin %s must not be activated %s.' % (plugin, activated_plugin)
if fixit:
existing = [q for q in portal.acl_users.objectValues() if q.meta_type == activated_plugin]
if len(existing) == 0:
error_list.append('%s not found' % activated_plugin)
else:
plugins.deactivatePlugin(plugin_info['interface'], existing[0].getId())
error += ' Fixed.'
error_list.append(error)
return error_list return error_list
pas_difference = mergePASDictDifference(portal, slapos_plugin_dict, fixit) pas_difference = mergePASDictDifference(portal, slapos_plugin_dict, fixit)
......
...@@ -25,6 +25,228 @@ import re ...@@ -25,6 +25,228 @@ import re
class TestSlapOSDefaultScenario(DefaultScenarioMixin): class TestSlapOSDefaultScenario(DefaultScenarioMixin):
"""
def addSlapOSAdministratorAssignment(self, person):
person.newContent(
portal_type='Assignment',
# XXX should be project/function instead
group='company'
).open()
"""
def addProjectProductionManagerAssignment(self, person, project):
person.newContent(
portal_type='Assignment',
destination_project_value=project,
function='production/manager'
).open()
def addProjectCustomerAssignment(self, person, project):
person.newContent(
portal_type='Assignment',
destination_project_value=project,
function='customer'
).open()
def addProject(self):
project = self.portal.project_module.newContent(
portal_type='Project',
title='project-%s' % self.generateNewId()
)
project.validate()
return project
def test_new_default_scenario(self):
# create a default project
project = self.addProject()
# some preparation
self.logout()
self.web_site = self.portal.web_site_module.hostingjs
# lets join as slapos administrator, which will own few compute_nodes
owner_reference = 'owner-%s' % self.generateNewId()
self.joinSlapOS(self.web_site, owner_reference)
self.login()
owner_person = self.portal.portal_catalog.getResultValue(
portal_type="ERP5 Login",
reference=owner_reference).getParentValue()
# first slapos administrator assignment can only be created by
# the erp5 manager
self.addProjectProductionManagerAssignment(owner_person, project)
self.tic()
# hooray, now it is time to create compute_nodes
self.login(owner_person.getUserId())
public_server_title = 'Public Server for %s' % owner_reference
public_server_id = self.requestComputeNode(public_server_title, project.getReference())
public_server = self.portal.portal_catalog.getResultValue(
portal_type='Compute Node', reference=public_server_id)
self.setAccessToMemcached(public_server)
self.assertNotEqual(None, public_server)
self.setServerOpenPublic(public_server)
# and install some software on them
public_server_software = self.generateNewSoftwareReleaseUrl()
self.supplySoftware(public_server, public_server_software)
# format the compute_nodes
self.formatComputeNode(public_server)
# join as the another visitor and request software instance on public
# compute_node
self.logout()
public_reference = 'public-%s' % self.generateNewId()
self.joinSlapOS(self.web_site, public_reference)
self.login()
public_person = self.portal.portal_catalog.getResultValue(
portal_type="ERP5 Login",
reference=public_reference).getParentValue()
self.addProjectCustomerAssignment(public_person, project)
public_instance_title = 'Public title %s' % self.generateNewId()
public_instance_type = 'public type'
self.checkInstanceAllocation(public_person.getUserId(),
public_reference, public_instance_title,
public_server_software, public_instance_type,
public_server, project.getReference())
# turn public guy to a friend and check that he can allocate slave
# instance on instance provided by friend
self.login()
public_person = self.portal.portal_catalog.getResultValue(
portal_type='ERP5 Login', reference=public_reference).getParentValue()
self.login(owner_person.getUserId())
# and the instances
self.checkInstanceUnallocation(public_person.getUserId(),
public_reference, public_instance_title,
public_server_software, public_instance_type, public_server,
project.getReference())
# and uninstall some software on them
self.logout()
self.login(owner_person.getUserId())
self.supplySoftware(public_server, public_server_software,
state='destroyed')
self.logout()
# Uninstall from compute_node
self.login()
self.simulateSlapgridSR(public_server)
# check the Open Sale Order coverage
self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
self.tic()
self.logout()
self.login()
self.assertOpenSaleOrderCoverage(public_reference)
# generate simulation for open order
self.stepCallUpdateOpenOrderSimulationAlarm()
self.tic()
# build subscription packing list
self.stepCallSlaposTriggerBuildAlarm()
self.tic()
# stabilise build deliveries and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# build aggregated packing list
self.stepCallSlaposTriggerAggregatedDeliveryOrderBuilderAlarm()
self.tic()
# stabilise aggregated deliveries and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# start aggregated deliveries
self.stepCallSlaposStartConfirmedAggregatedSalePackingListAlarm(
accounting_date=DateTime('2222/01/01'))
self.tic()
# stabilise aggregated deliveries and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# deliver aggregated deliveries
self.stepCallSlaposDeliverStartedAggregatedSalePackingListAlarm()
self.tic()
# stabilise aggregated deliveries and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# build aggregated invoices
self.stepCallSlaposTriggerBuildAlarm()
self.tic()
# stabilise aggregated invoices and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# update invoices with their tax & discount
self.stepCallSlaposTriggerBuildAlarm()
self.tic()
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# update invoices with their tax & discount transaction lines
self.stepCallSlaposTriggerBuildAlarm()
self.tic()
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
# stop the invoices and solve them again
self.stepCallSlaposStopConfirmedAggregatedSaleInvoiceTransactionAlarm()
self.tic()
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
builder = self.portal.portal_orders.slapos_payment_transaction_builder
for _ in range(500):
# build the aggregated payment
self.stepCallSlaposTriggerPaymentTransactionOrderBuilderAlarm()
self.tic()
# If there is something unbuild recall alarm.
if len(builder.OrderBuilder_generateUnrelatedInvoiceList()):
break
# start the payzen payment
self.stepCallSlaposPayzenUpdateConfirmedPaymentAlarm()
self.tic()
# stabilise the payment deliveries and expand them
self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
self.tic()
"""
self.logout()
self.login('ERP5TypeTestCase')
# trigger the CRM interaction
self.stepCallSlaposCrmCreateRegularisationRequestAlarm()
self.tic()
self.logout()
self.login()
# check final document state
for person_reference in (owner_reference, ):
person = self.portal.portal_catalog.getResultValue(
portal_type='ERP5 Login', reference=person_reference).getParentValue()
self.assertPersonDocumentCoverage(person)
"""
def test_default_scenario(self): def test_default_scenario(self):
# some preparation # some preparation
self.logout() self.logout()
...@@ -43,7 +265,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin): ...@@ -43,7 +265,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin):
self.login(owner_person.getUserId()) self.login(owner_person.getUserId())
public_server_title = 'Public Server for %s' % owner_reference public_server_title = 'Public Server for %s' % owner_reference
public_server_id = self.requestComputeNode(public_server_title) public_server_id = self.requestComputeNode(public_server_title, 'XXX')
public_server = self.portal.portal_catalog.getResultValue( public_server = self.portal.portal_catalog.getResultValue(
portal_type='Compute Node', reference=public_server_id) portal_type='Compute Node', reference=public_server_id)
self.setAccessToMemcached(public_server) self.setAccessToMemcached(public_server)
...@@ -52,7 +274,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin): ...@@ -52,7 +274,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin):
public_server.generateCertificate() public_server.generateCertificate()
personal_server_title = 'Personal Server for %s' % owner_reference personal_server_title = 'Personal Server for %s' % owner_reference
personal_server_id = self.requestComputeNode(personal_server_title) personal_server_id = self.requestComputeNode(personal_server_title, 'XXX')
personal_server = self.portal.portal_catalog.getResultValue( personal_server = self.portal.portal_catalog.getResultValue(
portal_type='Compute Node', reference=personal_server_id) portal_type='Compute Node', reference=personal_server_id)
self.setAccessToMemcached(personal_server) self.setAccessToMemcached(personal_server)
...@@ -87,7 +309,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin): ...@@ -87,7 +309,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin):
self.checkInstanceAllocation(public_person.getUserId(), self.checkInstanceAllocation(public_person.getUserId(),
public_reference, public_instance_title, public_reference, public_instance_title,
public_server_software, public_instance_type, public_server_software, public_instance_type,
public_server) public_server, 'XXX')
# join as other person and request a software instance on compute_node # join as other person and request a software instance on compute_node
# configured by owner # configured by owner
...@@ -132,7 +354,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin): ...@@ -132,7 +354,7 @@ class TestSlapOSDefaultScenario(DefaultScenarioMixin):
# and the instances # and the instances
self.checkInstanceUnallocation(public_person.getUserId(), self.checkInstanceUnallocation(public_person.getUserId(),
public_reference, public_instance_title, public_reference, public_instance_title,
public_server_software, public_instance_type, public_server) public_server_software, public_instance_type, public_server, 'XXX')
self.checkInstanceUnallocation(other_person.getUserId(), self.checkInstanceUnallocation(other_person.getUserId(),
other_reference, other_instance_title, other_reference, other_instance_title,
...@@ -363,7 +585,7 @@ class TestSlapOSDefaultCRMEscalation(DefaultScenarioMixin): ...@@ -363,7 +585,7 @@ class TestSlapOSDefaultCRMEscalation(DefaultScenarioMixin):
public_instance_type = 'public type' public_instance_type = 'public type'
public_server_software = self.generateNewSoftwareReleaseUrl() public_server_software = self.generateNewSoftwareReleaseUrl()
self.requestInstance(person.getUserId(), public_instance_title, self.requestInstance(person.getUserId(), public_instance_title,
public_server_software, public_instance_type) public_server_software, public_instance_type, 'XXX')
# check the Open Sale Order coverage # check the Open Sale Order coverage
self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm() self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
......
...@@ -51,9 +51,11 @@ ...@@ -51,9 +51,11 @@
<value> <value>
<tuple> <tuple>
<string>_setUserId.*</string> <string>_setUserId.*</string>
<string>_setSourceAdministration.*</string> <string>_setFollowUp.*</string>
<string>_setAllocationScope.*</string> <string>_setAllocationScope.*</string>
<string>_setDestinationSection.*</string> <string>_setDestinationSection.*</string>
<string>validate</string>
<string>invalidate</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Interaction Workflow Interaction" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>before_commit_script/portal_workflow/local_permission_slapos_interaction_workflow/script_Base_updateAllLocalRoles</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>interaction_ComputerNetwork_edit</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Interaction Workflow Interaction</string> </value>
</item>
<item>
<key> <string>portal_type_filter</string> </key>
<value>
<tuple>
<string>Computer Network</string>
</tuple>
</value>
</item>
<item>
<key> <string>portal_type_group_filter</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>temporary_document_disallowed</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>trigger_method_id</string> </key>
<value>
<tuple>
<string>_setSourceAdministration.*</string>
</tuple>
</value>
</item>
<item>
<key> <string>trigger_once_per_transaction</string> </key>
<value> <int>1</int> </value>
</item>
<item>
<key> <string>trigger_type</string> </key>
<value> <int>2</int> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Interaction Workflow Interaction" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>categories</string> </key>
<value>
<tuple>
<string>before_commit_script/portal_workflow/local_permission_slapos_interaction_workflow/script_InternalPackingListLine_updateAggregateLocalRoles</string>
</tuple>
</value>
</item>
<item>
<key> <string>description</string> </key>
<value>
<none/>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>interaction_InternalPackingListLine_setAggregate</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Interaction Workflow Interaction</string> </value>
</item>
<item>
<key> <string>portal_type_filter</string> </key>
<value>
<tuple>
<string>Internal Packing List Line</string>
</tuple>
</value>
</item>
<item>
<key> <string>portal_type_group_filter</string> </key>
<value>
<tuple/>
</value>
</item>
<item>
<key> <string>temporary_document_disallowed</string> </key>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>trigger_method_id</string> </key>
<value>
<tuple>
<string>_setAggregate.*</string>
</tuple>
</value>
</item>
<item>
<key> <string>trigger_once_per_transaction</string> </key>
<value> <int>0</int> </value>
</item>
<item>
<key> <string>trigger_type</string> </key>
<value> <int>2</int> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -51,7 +51,7 @@ ...@@ -51,7 +51,7 @@
<value> <value>
<tuple> <tuple>
<string>_setAggregate.*</string> <string>_setAggregate.*</string>
<string>_setDestinationSection.*</string> <string>_setFollowUp.*</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
from Products.ZSQLCatalog.SQLCatalog import SimpleQuery, ComplexQuery
portal_type_list = ['Compute Node', 'Computer Network', 'Instance Tree']
portal = context.getPortalObject()
internal_packing_list_line = state_change['object']
after_tag = (internal_packing_list_line.getPath(), ('immediateReindexObject', 'recursiveImmediateReindexObject'))
internal_packing_list_line.getParentValue().reindexObject()
for object_ in internal_packing_list_line.getAggregateValueList(portal_type=portal_type_list):
object_.activate(after_path_and_method_id=after_tag).updateLocalRolesOnSecurityGroups()
if object_.getPortalType() == "Compute Node":
portal.portal_catalog.searchAndActivate(
portal_type=["Software Installation", "Support Request","Upgrade Decision Line"],
aggregate__uid=object_.getUid(),
method_id="Base_updateSlapOSLocalRolesOnSecurityGroups",
method_kw=dict(activate_kw={"after_path_and_method_id": after_tag}),
activate_kw={"after_path_and_method_id": after_tag}
)
elif object_.getPortalType() == "Instance Tree":
query = ComplexQuery(
ComplexQuery(
SimpleQuery(portal_type=["Software instance", "Slave Instance"]),
SimpleQuery(default_specialise_uid=object_.getUid()),
logical_operator="AND"),
ComplexQuery(
SimpleQuery(portal_type=["Support Request", "Upgrade Decision Line"]),
SimpleQuery(aggregate__uid=object_.getUid()),
logical_operator="AND"),
logical_operator="OR"
)
portal.portal_catalog.searchAndActivate(
query=query,
method_id="Base_updateSlapOSLocalRolesOnSecurityGroups",
method_kw=dict(activate_kw={"after_path_and_method_id": after_tag}),
activate_kw={"after_path_and_method_id": after_tag}
)
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="Workflow Script" module="erp5.portal_type"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="_reconstructor" module="copy_reg"/>
</klass>
<tuple>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
<global name="object" module="__builtin__"/>
<none/>
</tuple>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>state_change</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>script_InternalPackingListLine_updateAggregateLocalRoles</string> </value>
</item>
<item>
<key> <string>portal_type</string> </key>
<value> <string>Workflow Script</string> </value>
</item>
<item>
<key> <string>title</string> </key>
<value>
<none/>
</value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -34,14 +34,6 @@ credential_update_module ...@@ -34,14 +34,6 @@ credential_update_module
currency_module currency_module
currency_module/CNY currency_module/CNY
currency_module/EUR currency_module/EUR
data_array_module
data_ingestion_module
data_mapping_module
data_operation_module
data_set_module
data_stream_module
data_supply_module
data_transformation_module
document_ingestion_module document_ingestion_module
document_module document_module
event_module event_module
......
...@@ -18,7 +18,6 @@ Cloud Contract ...@@ -18,7 +18,6 @@ Cloud Contract
Cloud Contract Module Cloud Contract Module
Compute Node Compute Node
Compute Node Module Compute Node Module
Compute Partition
Computer Consumption TioXML File Computer Consumption TioXML File
Computer Model Computer Model
Computer Model Module Computer Model Module
...@@ -31,22 +30,6 @@ Credential Update Module ...@@ -31,22 +30,6 @@ Credential Update Module
Credit Card Credit Card
Currency Currency
Currency Module Currency Module
Data Array
Data Array Module
Data Ingestion
Data Ingestion Module
Data Mapping
Data Mapping Module
Data Operation
Data Operation Module
Data Set
Data Set Module
Data Stream
Data Stream Module
Data Supply
Data Supply Module
Data Transformation
Data Transformation Module
Document Ingestion Module Document Ingestion Module
Document Module Document Module
ERP5 Login ERP5 Login
...@@ -82,7 +65,6 @@ Product Module ...@@ -82,7 +65,6 @@ Product Module
Project Project
Project Module Project Module
Purchase Invoice Transaction Purchase Invoice Transaction
Query
Regularisation Request Regularisation Request
Regularisation Request Module Regularisation Request Module
Restricted Access Token Restricted Access Token
...@@ -117,7 +99,4 @@ User Consumption HTML File ...@@ -117,7 +99,4 @@ User Consumption HTML File
Visit Visit
Web Illustration Web Illustration
Web Message Web Message
Web Page
Web Page Module
Web Table
Wechat Event Wechat Event
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment