From c81129c96eafd3810182102da6afe5eef0fb53ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bartek=20G=C3=B3rny?= <bartek@gorny.edu.pl> Date: Wed, 22 Nov 2006 15:31:03 +0000 Subject: [PATCH] JP's corrections and changes to security settings git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@11441 20353a03-c40f-0410-a6d1-a30d3c3de9de --- .../PdfDocument.xml | 27 ++-- .../PortalTypeRolesTemplateItem/Text.xml | 124 ++++++------------ 2 files changed, 48 insertions(+), 103 deletions(-) diff --git a/bt5/erp5_dms/PortalTypeRolesTemplateItem/PdfDocument.xml b/bt5/erp5_dms/PortalTypeRolesTemplateItem/PdfDocument.xml index c6d291cfe2..589d41f3d9 100644 --- a/bt5/erp5_dms/PortalTypeRolesTemplateItem/PdfDocument.xml +++ b/bt5/erp5_dms/PortalTypeRolesTemplateItem/PdfDocument.xml @@ -1,10 +1,9 @@ <type_roles> <role id='Assignor'> <property id='title'>Team Reviewer</property> - <property id='description'>The head of the team who is in charge of reviewing documents published by his team. He is granted special rights on documents produced by his team. -(if the doc is collaborative or personal but for team)</property> - <property id='condition'>python: not object.getSourceProject() and (object.isMemberOf('classification/collaborative') or object.isMemberOf('personal/team'))</property> - <property id='priority'>10</property> + <property id='description'>The head of the team who is in charge of reviewing documents published by his team. He is granted special rights on documents produced by his team.</property> + <property id='condition'>python: not object.getSourceProject()</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <multi_property id='category'>function/publication/reviewer</multi_property> <multi_property id='base_category'>group</multi_property> @@ -14,26 +13,23 @@ <property id='title'>Project Assignees</property> <property id='description'>In a project collaborative document, all project members have a right to access and modify a document before release or publication.</property> <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/collaborative/project')</property> - <property id='priority'>10</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'></multi_property> <multi_property id='base_category'>source_project</multi_property> </role> <role id='Associate'> <property id='title'>Project Associates</property> <property id='description'>In a project document, all project members have a right to access the document before it is released or published.</property> - <property id='condition'>python:object.getSourceProject() and (object.isMemberOf('classification/collaborative/project') or object.isMemberOf('classification/personal/project'))</property> - <property id='priority'>10</property> + <property id='condition'>python:object.getSourceProject()</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'></multi_property> <multi_property id='base_category'>source_project</multi_property> </role> <role id='Assignor'> <property id='title'>Project Reviewer</property> - <property id='description'>The head of the project who is in charge of reviewing documents produced by the project before release or publication. -(if it is a project document, either collaborative or personal)</property> - <property id='condition'>python:object.getSourceProject() and (object.isMemberOf('classification/collaborative/project') or object.isMemberOf('classification/personal/project'))</property> - <property id='priority'>10</property> + <property id='description'>The head of the project who is in charge of reviewing documents produced by the project before release or publication.</property> + <property id='condition'>python:object.getSourceProject()</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <multi_property id='category'>function/project/director</multi_property> <multi_property id='base_category'>source_project</multi_property> @@ -42,9 +38,8 @@ <property id='title'>Team Associates</property> <property id='description'>All team members have a right to access non restricted documents before their release or publication.</property> <property id='condition'>python:not object.isMemberOf('classification/personnal/restricted')</property> - <property id='priority'>10</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'></multi_property> <multi_property id='base_category'>group</multi_property> <multi_property id='base_category'>function</multi_property> <multi_property id='base_category'>site</multi_property> @@ -52,7 +47,7 @@ <role id='Auditor'> <property id='title'>Management</property> <property id='description'>Management has to access anydocument in the system.</property> - <property id='priority'>10</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <multi_property id='category'>function/hq</multi_property> </role> diff --git a/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml b/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml index fcf82b6872..7c50fa5fec 100644 --- a/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml +++ b/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml @@ -1,104 +1,54 @@ <type_roles> - <role id='Associate'> - <property id='title'>Project Associates</property> - <property id='description'>Policy: */project -Rule: all project members have a right to access document once it has been shared or released</property> - <property id='condition'>python:object.Document_policyApplies('*/project')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'></multi_property> - <multi_property id='base_category'>source_project</multi_property> - </role> <role id='Assignor'> - <property id='title'>Project Director</property> - <property id='description'>Policy: */project -Rule: project director is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property> - <property id='condition'>python:object.Document_policyApplies('*/project')</property> - <property id='priority'>10</property> + <property id='title'>Team Reviewer</property> + <property id='description'>The head of the team who is in charge of reviewing documents published by his team. He is granted special rights on documents produced by his team.</property> + <property id='condition'>python: not object.getSourceProject()</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'>function/knowledge/manager</multi_property> - <multi_property id='base_category'>source_project</multi_property> - <multi_property id='base_category'>function</multi_property> - </role> - <role id='Assignee'> - <property id='title'>Owner</property> - <property id='description'>Policy: */* -Rule: the creator is Assignee - can edit the doc and submit it</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromUser</property> - <multi_property id='category'></multi_property> - <multi_property id='base_category'>reference</multi_property> - </role> - <role id='Auditor'> - <property id='title'>Organisation members</property> - <property id='description'>Policy: */* -Rule: all people working for the same organisation are Auditors (we identify the organisation by the first part of the "group" path) -This does not apply if it is a project document and does not have a project</property> - <property id='condition'>python: not object.Document_policyApplies('*/restricted') and (object.Document_policyApplies('*/project') or not object.Document_policyApplies('*/project',True) )</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property> - <multi_property id='category'></multi_property> + <multi_property id='category'>function/publication/reviewer</multi_property> <multi_property id='base_category'>group</multi_property> + <multi_property id='base_category'>site</multi_property> </role> <role id='Assignee'> - <property id='title'>Project Collaborators</property> - <property id='description'>Policy: collaborative/project -Rule: all members of project team can edit the document before it is submitted, and can submit it</property> - <property id='condition'>python:object.Document_policyApplies('collaborative/project')</property> - <property id='priority'>10</property> + <property id='title'>Project Assignees</property> + <property id='description'>In a project collaborative document, all project members have a right to access and modify a document before release or publication.</property> + <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/collaborative/project')</property> + <property id='priority'>10.0</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> + <multi_property id='base_category'>source_project</multi_property> + </role> + <role id='Associate'> + <property id='title'>Project Associates</property> + <property id='description'>In a project document, all project members have a right to access the document before it is released or published.</property> + <property id='condition'>python: object.getSourceProject()</property> + <property id='priority'>10.0</property> <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> - <multi_property id='category'></multi_property> <multi_property id='base_category'>source_project</multi_property> </role> <role id='Assignor'> - <property id='title'>Team Director</property> - <property id='description'>Policy: */team -Rule: team manager is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property> - <property id='condition'>python:object.Document_policyApplies('*/team')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> - <multi_property id='category'>function/knowledge/manager</multi_property> - <multi_property id='base_category'>group</multi_property> - <multi_property id='base_category'>function</multi_property> + <property id='title'>Project Reviewer</property> + <property id='description'>The head of the project who is in charge of reviewing documents produced by the project before release or publication.</property> + <property id='condition'>python: object.getSourceProject()</property> + <property id='priority'>10.0</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> + <multi_property id='category'>function/project/director</multi_property> + <multi_property id='base_category'>source_project</multi_property> </role> <role id='Associate'> <property id='title'>Team Associates</property> - <property id='description'>Policy: */team -Rule: all team members have a right to access document once it has been shared or released</property> - <property id='condition'>python:object.Document_policyApplies('*/team')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> - <multi_property id='category'></multi_property> - <multi_property id='base_category'>group</multi_property> - </role> - <role id='Assignee'> - <property id='title'>Team Collaborators</property> - <property id='description'>Policy: collaborative/team -Rule: all members of the team can edit the document before it is submitted, and can submit it</property> - <property id='condition'>python:object.Document_policyApplies('collaborative/team')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> - <multi_property id='category'></multi_property> - <multi_property id='base_category'>group</multi_property> - </role> - <role id='Assignee'> - <property id='title'>Public Collaborators</property> - <property id='description'>Policy: collaborative/public -Rule: everyone in the organisation (root group) can edit the doc before it is submitted, and can suggest its publication</property> - <property id='condition'>python:object.Document_policyApplies('collaborative/public')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property> - <multi_property id='category'></multi_property> + <property id='description'>All team members have a right to access non restricted documents before their release or publication.</property> + <property id='condition'>python:not object.isMemberOf('classification/personnal/restricted')</property> + <property id='priority'>10.0</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> <multi_property id='base_category'>group</multi_property> - </role> - <role id='Assignor'> - <property id='title'>Public Reviewer</property> - <property id='description'>Policy: collaborative/public -Rule: any person with knowledge/manager role can publish the document and manage access rights to it</property> - <property id='condition'>python:object.Document_policyApplies('collaborative/public')</property> - <property id='priority'>10</property> - <property id='base_category_script'>ERP5Type_getSecurityCategoryFromAssignment</property> - <multi_property id='category'>function/knowledge/manager</multi_property> <multi_property id='base_category'>function</multi_property> + <multi_property id='base_category'>site</multi_property> + </role> + <role id='Auditor'> + <property id='title'>Management</property> + <property id='description'>Management has to access anydocument in the system.</property> + <property id='priority'>10.0</property> + <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property> + <multi_property id='category'>function/hq</multi_property> </role> </type_roles> \ No newline at end of file -- 2.30.9