Merged changes by Klaus to support ERP5Security

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4169 20353a03-c40f-0410-a6d1-a30d3c3de9de

Merged changes by Klaus to support ERP5Security
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4169 20353a03-c40f-0410-a6d1-a30d3c3de9de
6bab1e3f · Jean-Paul Smets · ffc06cd9 · 6bab1e3f
Commit 6bab1e3f authored Oct 30, 2005 by Jean-Paul Smets
Hide whitespace changes
Inline Side-by-side

Showing with 43 additions and 15 deletions

product/ERP5Type/ERP5Type.py product/ERP5Type/ERP5Type.py +43 -15

No files found.
--- a/product/ERP5Type/ERP5Type.py
+++ b/product/ERP5Type/ERP5Type.py
@@ -34,6 +34,19 @@ from Products.CMFCore.Expression import createExprContext
 from Products.ERP5Type import _dtmldir
 from Products.ERP5Type import Permissions as ERP5Permissions
+# Security uses ERP5Security by default
+try:
+  from Products.ERP5Security import ERP5UserManager
+except ImportError:
+  ERP5UserManager = None
+# If ERP5Security is not installed try NuxUserGroups
+if ERP5UserManager is None:
+  try:
+    from Products import NuxUserGroups
+  except ImportError:
+    NuxUserGroups = None
 from RoleProviderBase import RoleProviderBase
 from RoleInformation import ori
@@ -70,6 +83,11 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
         'label':'Product factory method'},
        {'id':'init_script', 'type': 'string', 'mode':'w',
         'label':'Init Script'},
+        {'id':'acquire_local_roles'
+         , 'type': 'boolean'
+         , 'mode':'w'
+         , 'label':'Acquire Local Roles'
+         },
        {'id':'filter_content_types', 'type': 'boolean', 'mode':'w',
         'label':'Filter content types?'},
        {'id':'allowed_content_types'
@@ -95,9 +113,10 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
         , 'mode':'w'
         , 'label':'Base Categories'
         , 'select_variable':'getBaseCategoryList'
-         },
+         },   
        ))
+    acquire_local_roles = True
    property_sheet_list = ()
    base_category_list = ()
    init_script = ''
@@ -143,6 +162,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
        """
        ob = FactoryTypeInformation.constructInstance(
              self, container, id, *args, **kw)
        if bypass_init_script :
            return ob
@@ -198,15 +218,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
        """
        Assign Local Roles to Groups on object, based on Portal Type Role Definitions
        """
-        user_name = getSecurityManager().getUser().getUserName()
+        if ERP5UserManager is not None:
-        # First of all, check that NuxUserGroups is here. Otherwise, it's not possible to give Roles to Groups
+          user_name = getSecurityManager().getUser().getId() # We use id for roles in ERP5Security
-        try:
+        elif NuxUserGroups is not None:
-            import Products.NuxUserGroups
+          user_name = getSecurityManager().getUser().getUserName()
-        except ImportError:
+        else:          
-            raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\
+          raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\
                'Please install it to benefit from group-based security'
        # Retrieve applicable roles
        role_mapping = self.getFilteredRoleListFor(object = self) # kw provided in order to take any appropriate action
        role_category_list = {}
@@ -276,12 +295,21 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
                if not group_id_role_dict.has_key(group_id):
                    group_id_role_dict[group_id] = []
                group_id_role_dict[group_id].append(role)
-        #Clean old group roles
+        if ERP5UserManager is not None: # Default implementation
-        old_group_list = object.get_local_group_roles()
+          #Clean old group roles
-        object.manage_delLocalGroupRoles([x[0] for x in old_group_list])
+          old_group_list = object.get_local_roles()
-        #Assign new roles
+          object.manage_delLocalRoles([x[0] for x in old_group_list])
-        for group, role_list in group_id_role_dict.items():
+          #Assign new roles
-            object.manage_addLocalGroupRoles(group, role_list)
+          for group, role_list in group_id_role_dict.items():
+              object.manage_addLocalRoles(group, role_list)
+        else: # NuxUserGroups implementation
+          #Clean old group roles
+          old_group_list = object.get_local_group_roles()
+          object.manage_delLocalGroupRoles([x[0] for x in old_group_list])
+          #Assign new roles
+          for group, role_list in group_id_role_dict.items():
+              object.manage_addLocalGroupRoles(group, role_list)
    security.declarePublic('getFilteredRoleListFor')
    def getFilteredRoleListFor(self, object=None, **kw):