Commit 2025ad61 authored by Romain Courteaud's avatar Romain Courteaud

slapos_erp5: all members can allocation on all compute nodes

parent b296835e
...@@ -12,6 +12,13 @@ ...@@ -12,6 +12,13 @@
<multi_property id='category'>group/company</multi_property> <multi_property id='category'>group/company</multi_property>
<multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>group</multi_property>
</role> </role>
<role id='Auditor'>
<property id='title'>Member access</property>
<property id='condition'>python: here.getValidationState() == 'validated'</property>
<property id='base_category_script'>ComputeNode_getSecurityCategoryFromValidationState</property>
<multi_property id='categories'>local_role_group/shadow</multi_property>
<multi_property id='base_category'>aggregate</multi_property>
</role>
<role id='Assignee'> <role id='Assignee'>
<property id='title'>Organisation Member</property> <property id='title'>Organisation Member</property>
<property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationSection</property> <property id='base_category_script'>Item_getSecurityCategoryFromMovementDestinationSection</property>
......
# XXX For now, this script requires proxy manager
# base_category_list : list of category values we need to retrieve
# user_name : string obtained from getSecurityManager().getUser().getUserName() [NuxUserGroup]
# or from getSecurityManager().getUser().getId() [PluggableAuthService with ERP5GroupManager]
# object : object which we want to assign roles to.
# portal_type : portal type of object
# must always return a list of dicts
if obj is None:
return []
compute_node = obj
if compute_node.getValidationState() == 'validated':
return {"Auditor": ["R-SHADOW-PERSON"]}
return []
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ComputeNode_getSecurityCategoryFromValidationState</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -54,6 +54,8 @@ ...@@ -54,6 +54,8 @@
<string>_setSourceAdministration.*</string> <string>_setSourceAdministration.*</string>
<string>_setAllocationScope.*</string> <string>_setAllocationScope.*</string>
<string>_setDestinationSection.*</string> <string>_setDestinationSection.*</string>
<string>validate</string>
<string>invalidate</string>
</tuple> </tuple>
</value> </value>
</item> </item>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment