Commit e2bc6401 authored by Andreas Jung's avatar Andreas Jung

cleanup, added entry to interfaces

parent 90bcfc29
......@@ -20,6 +20,7 @@ from Globals import DTMLFile, MessageDialog, Dictionary
from Acquisition import Implicit, Acquired, aq_get
from Globals import InitializeClass
from AccessControl import ClassSecurityInfo
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.Permissions import change_permissions
import ExtensionClass, PermissionMapping, Products
from App.Common import aq_base
......@@ -160,10 +161,16 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
if REQUEST is not None: return self.manage_access(REQUEST)
def manage_getUserRolesAndPermissions(self, user):
""" collect user related security settings """
def manage_getUserRolesAndPermissions(self, user_id):
""" Used for permission/role reporting for a given user_id.
Returns a dict mapping
from AccessControl.SecurityManagement import newSecurityManager
'user_defined_in' -> path where the user account is defined
'roles' -> global roles,
'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user,
'disallowed_permissions' -> all other permissions
"""
d = {}
......@@ -172,15 +179,16 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
try:
uf = current.acl_users
except AttributeError:
raise ValueError('User %s could not be found' % user)
raise ValueError('User %s could not be found' % user_id)
userObj = uf.getUser(user)
userObj = uf.getUser(user_id)
if userObj:
break
else:
current = current.aq_parent
newSecurityManager(None, userObj) # necessary?
userObj = userObj.__of__(uf)
d = {'user_defined_in' : '/' + uf.absolute_url(1)}
......
......@@ -24,7 +24,7 @@ a permission in addition to selecting to acquire permissions.
<div>
<form action="manage_reportUserPermissions" method="GET">
Username:
<input type="text" name="user" size="20" />
<input type="text" name="user_id" size="20" />
<input type="submit" value="Show me the user permissions and roles in the context of the current object" />
</form>
</div>
......
......@@ -3,9 +3,9 @@
<dtml-if manage_tabs><dtml-var manage_tabs></dtml-if>
</dtml-with>
<h1>Permissions and roles for user &dtml-user;</h1>
<h1>Permissions and roles for user &dtml-user_id;</h1>
<dtml-let result="manage_getUserRolesAndPermissions(user)">
<dtml-let result="manage_getUserRolesAndPermissions(user_id)">
<div>
<b>Roles</b>: <dtml-var "', '.join(result['roles'])">
......
......@@ -265,6 +265,16 @@ class IRoleManager(IPermissionMappingSupport):
"""
"""
def manage_getUserRolesAndPermissions(user_id):
""" Used for permission/role reporting for a given user_id.
Returns a dict mapping
'user_defined_in' -> path where the user account is defined
'roles' -> global roles,
'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user,
'disallowed_permissions' -> all other permissions
"""
class IStandardUserFolder(Interface):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment