Skip to content

erp5
erp5
Commit 6bab1e3f authored by Jean-Paul Smets's avatar Jean-Paul Smets
Browse files
Options

Merged changes by Klaus to support ERP5Security 


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4169 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent ffc06cd9
Show whitespace changes
Inline Side-by-side
Showing with 43 additions and 15 deletions
product/ERP5Type/ERP5Type.py
View file @ 6bab1e3f
...@@ -34,6 +34,19 @@ from Products.CMFCore.Expression import createExprContext ...@@ -34,6 +34,19 @@ from Products.CMFCore.Expression import createExprContext
from Products.ERP5Type import _dtmldir from Products.ERP5Type import _dtmldir
from Products.ERP5Type import Permissions as ERP5Permissions from Products.ERP5Type import Permissions as ERP5Permissions
# Security uses ERP5Security by default
try:
from Products.ERP5Security import ERP5UserManager
except ImportError:
ERP5UserManager = None
# If ERP5Security is not installed try NuxUserGroups
if ERP5UserManager is None:
try:
from Products import NuxUserGroups
except ImportError:
NuxUserGroups = None
from RoleProviderBase import RoleProviderBase from RoleProviderBase import RoleProviderBase
from RoleInformation import ori from RoleInformation import ori
...@@ -70,6 +83,11 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -70,6 +83,11 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
'label':'Product factory method'}, 'label':'Product factory method'},
{'id':'init_script', 'type': 'string', 'mode':'w', {'id':'init_script', 'type': 'string', 'mode':'w',
'label':'Init Script'}, 'label':'Init Script'},
{'id':'acquire_local_roles'
, 'type': 'boolean'
, 'mode':'w'
, 'label':'Acquire Local Roles'
},
{'id':'filter_content_types', 'type': 'boolean', 'mode':'w', {'id':'filter_content_types', 'type': 'boolean', 'mode':'w',
'label':'Filter content types?'}, 'label':'Filter content types?'},
{'id':'allowed_content_types' {'id':'allowed_content_types'
...@@ -98,6 +116,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -98,6 +116,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
}, },
)) ))
acquire_local_roles = True
property_sheet_list = () property_sheet_list = ()
base_category_list = () base_category_list = ()
init_script = '' init_script = ''
...@@ -143,6 +162,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -143,6 +162,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
""" """
ob = FactoryTypeInformation.constructInstance( ob = FactoryTypeInformation.constructInstance(
self, container, id, *args, **kw) self, container, id, *args, **kw)
if bypass_init_script : if bypass_init_script :
return ob return ob
...@@ -198,15 +218,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -198,15 +218,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
""" """
Assign Local Roles to Groups on object, based on Portal Type Role Definitions Assign Local Roles to Groups on object, based on Portal Type Role Definitions
""" """
if ERP5UserManager is not None:
user_name = getSecurityManager().getUser().getId() # We use id for roles in ERP5Security
elif NuxUserGroups is not None:
user_name = getSecurityManager().getUser().getUserName() user_name = getSecurityManager().getUser().getUserName()
# First of all, check that NuxUserGroups is here. Otherwise, it's not possible to give Roles to Groups else:
try:
import Products.NuxUserGroups
except ImportError:
raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\ raise RuntimeError, 'Product "NuxUserGroups" was not found on your setup. '\
'Please install it to benefit from group-based security' 'Please install it to benefit from group-based security'
# Retrieve applicable roles # Retrieve applicable roles
role_mapping = self.getFilteredRoleListFor(object = self) # kw provided in order to take any appropriate action role_mapping = self.getFilteredRoleListFor(object = self) # kw provided in order to take any appropriate action
role_category_list = {} role_category_list = {}
...@@ -276,6 +295,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -276,6 +295,14 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
if not group_id_role_dict.has_key(group_id): if not group_id_role_dict.has_key(group_id):
group_id_role_dict[group_id] = [] group_id_role_dict[group_id] = []
group_id_role_dict[group_id].append(role) group_id_role_dict[group_id].append(role)
if ERP5UserManager is not None: # Default implementation
#Clean old group roles
old_group_list = object.get_local_roles()
object.manage_delLocalRoles([x[0] for x in old_group_list])
#Assign new roles
for group, role_list in group_id_role_dict.items():
object.manage_addLocalRoles(group, role_list)
else: # NuxUserGroups implementation
#Clean old group roles #Clean old group roles
old_group_list = object.get_local_group_roles() old_group_list = object.get_local_group_roles()
object.manage_delLocalGroupRoles([x[0] for x in old_group_list]) object.manage_delLocalGroupRoles([x[0] for x in old_group_list])
...@@ -283,6 +310,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ): ...@@ -283,6 +310,7 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
for group, role_list in group_id_role_dict.items(): for group, role_list in group_id_role_dict.items():
object.manage_addLocalGroupRoles(group, role_list) object.manage_addLocalGroupRoles(group, role_list)
security.declarePublic('getFilteredRoleListFor') security.declarePublic('getFilteredRoleListFor')
def getFilteredRoleListFor(self, object=None, **kw): def getFilteredRoleListFor(self, object=None, **kw):
""" """
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7