Commit 6fdd390a authored by Romain Courteaud's avatar Romain Courteaud

slapos_erp5: drop Compute Partition roles

It must be visible by all project members
parent 15927233
<type_roles>
<role id='Auditor'>
<property id='title'>Customer of the partition</property>
<property id='condition'>python: here.getSlapState() == "busy"</property>
<property id='base_category_script'>ComputePartition_getSecurityCategoryFromUser</property>
<multi_property id='categories'>local_role_group/user</multi_property>
<multi_property id='base_category'>destination_section</multi_property>
</role>
<role id='Auditor'>
<property id='title'>Software Instance group related to Compute Partition</property>
<property id='condition'>python: here.getSlapState() == "busy"</property>
<property id='base_category_script'>ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceInstanceTree</property>
<multi_property id='categories'>local_role_group/subscription</multi_property>
<multi_property id='base_category'>aggregate</multi_property>
</role>
</type_roles>
\ No newline at end of file
"""
This script returns a list of dictionaries which represent
the security groups which a person is member of. It extracts
the categories from the current content. It is useful in the
following cases:
- calculate a security group based on a given
category of the current object (ex. group). This
is used for example in ERP5 DMS to calculate
document security.
- assign local roles to a document based on
the person which the object related to through
a given base category (ex. destination). This
is used for example in ERP5 Project to calculate
Task / Task Report security.
The parameters are
base_category_list -- list of category values we need to retrieve
user_name -- string obtained from getSecurityManager().getUser().getId()
object -- object which we want to assign roles to
portal_type -- portal type of object
NOTE: for now, this script requires proxy manager
"""
category_list = []
if obj is None:
return []
partition = obj
for instance in partition.getPortalObject().portal_catalog(
portal_type=["Software Instance", "Slave Instance"],
validation_state="validated",
default_aggregate_uid=partition.getUid()):
if instance is not None:
instance_tree = instance.getSpecialiseValue(portal_type="Instance Tree")
if instance_tree is not None:
person = instance_tree.getDestinationSectionValue(portal_type="Person")
if person is not None:
for base_category in base_category_list:
category_list.append({base_category: [person.getRelativeUrl()]})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ComputePartition_getSecurityCategoryFromUser</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
"""This scripts set ups role of aggregate related Software Instance
This is simple implementation, instead of generic related category with portal type,
which would not be configurable in Role Definition anyway."""
category_list = []
if obj is None:
return []
software_instance_list = obj.getPortalObject().portal_catalog(
portal_type='Software Instance',
default_aggregate_uid=obj.getUid(),
limit=2
)
if len(software_instance_list) == 1:
instance_tree = software_instance_list[0].getSpecialise(portal_type='Instance Tree')
for base_category in base_category_list:
category_list.append({base_category: instance_tree})
return category_list
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>base_category_list, user_name, obj, portal_type</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Assignee</string>
<string>Assignor</string>
<string>Associate</string>
<string>Auditor</string>
<string>Authenticated</string>
<string>Author</string>
<string>Manager</string>
<string>Member</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceInstanceTree</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -18,7 +18,6 @@ Cloud Contract ...@@ -18,7 +18,6 @@ Cloud Contract
Cloud Contract Module Cloud Contract Module
Compute Node Compute Node
Compute Node Module Compute Node Module
Compute Partition
Computer Consumption TioXML File Computer Consumption TioXML File
Computer Model Computer Model
Computer Model Module Computer Model Module
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment