From b9c72ab1500ed49aa2dbed7bb66d861e73b25935 Mon Sep 17 00:00:00 2001 From: Jean-Paul Smets <jp@nexedi.com> Date: Mon, 12 Mar 2007 11:11:56 +0000 Subject: [PATCH] Updated Query and Query workflow to support better security and notification git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@13345 20353a03-c40f-0410-a6d1-a30d3c3de9de --- .../portal_skins/erp5_base/Base_postQuery.xml | 8 + .../erp5_base/Base_viewPostQueryDialog.xml | 10 +- .../ERP5Type_acquireSecurityFromCategory.xml | 6 +- .../portal_skins/erp5_base/Query_view.xml | 10 +- .../portal_skins/erp5_base/file_icon.gif.xml | 73 ++++++ .../portal_skins/erp5_base/image_icon.gif.xml | 73 ++++++ .../erp5_base/person_icon.gif.xml | 73 ++++++ .../query_workflow/scripts/notifyOwner.xml | 224 ++++++++++++++++++ .../query_workflow/transitions/answer.xml | 2 +- .../query_workflow/worklists/posted.xml | 2 +- 10 files changed, 466 insertions(+), 15 deletions(-) create mode 100644 bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/file_icon.gif.xml create mode 100644 bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/image_icon.gif.xml create mode 100644 bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/person_icon.gif.xml create mode 100644 bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/scripts/notifyOwner.xml diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_postQuery.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_postQuery.xml index a6f3a0c692..9f0f3776bb 100644 --- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_postQuery.xml +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_postQuery.xml @@ -108,6 +108,14 @@ return description\n <key> <string>_params</string> </key> <value> <string>dialog_id=None,form_id=None,description=None,cancel_url=\'\'</string> </value> </item> + <item> + <key> <string>_proxy_roles</string> </key> + <value> + <tuple> + <string>Assignor</string> + </tuple> + </value> + </item> <item> <key> <string>errors</string> </key> <value> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_viewPostQueryDialog.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_viewPostQueryDialog.xml index 8ea6768bbf..53ad25d4a8 100644 --- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_viewPostQueryDialog.xml +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Base_viewPostQueryDialog.xml @@ -74,25 +74,25 @@ <value> <dictionary> <item> - <key> <string>bottom</string> </key> + <key> <string>bottom</string> </key> <value> <list/> </value> </item> <item> - <key> <string>center</string> </key> + <key> <string>center</string> </key> <value> <list/> </value> </item> <item> - <key> <string>hidden</string> </key> + <key> <string>hidden</string> </key> <value> <list/> </value> </item> <item> - <key> <string>left</string> </key> + <key> <string>left</string> </key> <value> <list> <string>your_description</string> @@ -100,7 +100,7 @@ </value> </item> <item> - <key> <string>right</string> </key> + <key> <string>right</string> </key> <value> <list/> </value> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/ERP5Type_acquireSecurityFromCategory.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/ERP5Type_acquireSecurityFromCategory.xml index efcb4710d0..95487c374d 100644 --- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/ERP5Type_acquireSecurityFromCategory.xml +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/ERP5Type_acquireSecurityFromCategory.xml @@ -87,10 +87,10 @@ for base_category in base_category_list:\n for role in role_list:\n category_dict.setdefault(role, []).append(user)\n \n -# By returning a dict, we \n +# By returning a dict, we force force ERP5Type\n +# to interprete the result as a mapping from\n +# roles to existing security groups \n return category_dict\n -\n -[[]]\n </string> </value> </item> <item> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Query_view.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Query_view.xml index 99a679ad78..59b388aedf 100644 --- a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Query_view.xml +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/Query_view.xml @@ -74,13 +74,13 @@ <value> <dictionary> <item> - <key> <string>bottom</string> </key> + <key> <string>bottom</string> </key> <value> <list/> </value> </item> <item> - <key> <string>center</string> </key> + <key> <string>center</string> </key> <value> <list> <string>my_description</string> @@ -89,13 +89,13 @@ </value> </item> <item> - <key> <string>hidden</string> </key> + <key> <string>hidden</string> </key> <value> <list/> </value> </item> <item> - <key> <string>left</string> </key> + <key> <string>left</string> </key> <value> <list> <string>my_title</string> @@ -104,7 +104,7 @@ </value> </item> <item> - <key> <string>right</string> </key> + <key> <string>right</string> </key> <value> <list> <string>my_owner</string> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/file_icon.gif.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/file_icon.gif.xml new file mode 100644 index 0000000000..c5c61273da --- /dev/null +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/file_icon.gif.xml @@ -0,0 +1,73 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <tuple> + <tuple> + <string>OFS.Image</string> + <string>Image</string> + </tuple> + <none/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>_Cacheable__manager_id</string> </key> + <value> <string>style_cache</string> </value> + </item> + <item> + <key> <string>__ac_local_roles__</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>__name__</string> </key> + <value> <string>file_icon.gif</string> </value> + </item> + <item> + <key> <string>_owner</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>content_type</string> </key> + <value> <string>image/jpeg</string> </value> + </item> + <item> + <key> <string>data</string> </key> + <value> <string encoding="base64">/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIf +IiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCAAQABADASIA +AhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAABgIE/8QAJxAAAgIABQEJAQAAAAAAAAAAAQIDBAAF +BhEhIhITFBUxMkFCUZH/xAAVAQEBAAAAAAAAAAAAAAAAAAABBP/EABoRAQEAAgMAAAAAAAAAAAAA +AAEDAAIEE2H/2gAMAwEAAhEDEQA/AI1JpbVYt2LeY57AqV4BKzmzKyxp1ce3f6t/cb9D+Z5NTu2f +FR3JUcNIGklRo0CklWSRAeRyDx6cE8jD69brVM9lNmSFQ1aPZZXC9rqk/cGqE8EWm7E1yQLm11Ha +33txJnJAZUUMvG222wA+f3fF1+fW0+vYA8AwAM//2Q==</string> </value> + </item> + <item> + <key> <string>height</string> </key> + <value> <int>16</int> </value> + </item> + <item> + <key> <string>precondition</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>size</string> </key> + <value> <int>430</int> </value> + </item> + <item> + <key> <string>title</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>width</string> </key> + <value> <int>16</int> </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/image_icon.gif.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/image_icon.gif.xml new file mode 100644 index 0000000000..1962d29da0 --- /dev/null +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/image_icon.gif.xml @@ -0,0 +1,73 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <tuple> + <tuple> + <string>OFS.Image</string> + <string>Image</string> + </tuple> + <none/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>_Cacheable__manager_id</string> </key> + <value> <string>style_cache</string> </value> + </item> + <item> + <key> <string>__ac_local_roles__</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>__name__</string> </key> + <value> <string>image_icon.gif</string> </value> + </item> + <item> + <key> <string>_owner</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>content_type</string> </key> + <value> <string>image/jpeg</string> </value> + </item> + <item> + <key> <string>data</string> </key> + <value> <string encoding="base64">/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIf +IiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCAAQABADASIA +AhEBAxEB/8QAFwAAAwEAAAAAAAAAAAAAAAAABAUGB//EACQQAAICAgEDBAMAAAAAAAAAAAECAwQF +ESEAEjEGEzJBUXGB/8QAFQEBAQAAAAAAAAAAAAAAAAAAAAP/xAAbEQACAwADAAAAAAAAAAAAAAAB +AgADETGBkf/aAAwDAQACEQMRAD8A1JTUERkt2njaSeRF3adNkOwAA7h+PrpG01wBZnW3XZLtVAWs +S6IaVQ6aZiGAB13eDvgcdBZKSdJbkTY3IWWeWZeKcjoELsdAhdEHz/f1qexw9Qx5upWhxOQjozXY +Gn9ynIFAWVW7ySOGGuW+x8tkAgrObcIODyRFnKle5//Z</string> </value> + </item> + <item> + <key> <string>height</string> </key> + <value> <int>16</int> </value> + </item> + <item> + <key> <string>precondition</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>size</string> </key> + <value> <int>432</int> </value> + </item> + <item> + <key> <string>title</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>width</string> </key> + <value> <int>16</int> </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/person_icon.gif.xml b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/person_icon.gif.xml new file mode 100644 index 0000000000..2ec72a6e68 --- /dev/null +++ b/bt5/erp5_base/SkinTemplateItem/portal_skins/erp5_base/person_icon.gif.xml @@ -0,0 +1,73 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <tuple> + <tuple> + <string>OFS.Image</string> + <string>Image</string> + </tuple> + <none/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>_Cacheable__manager_id</string> </key> + <value> <string>style_cache</string> </value> + </item> + <item> + <key> <string>__ac_local_roles__</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>__name__</string> </key> + <value> <string>person_icon.gif</string> </value> + </item> + <item> + <key> <string>_owner</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>content_type</string> </key> + <value> <string>image/jpeg</string> </value> + </item> + <item> + <key> <string>data</string> </key> + <value> <string encoding="base64">/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAoHBwgHBgoICAgLCgoLDhgQDg0NDh0VFhEYIx8lJCIf +IiEmKzcvJik0KSEiMEExNDk7Pj4+JS5ESUM8SDc9Pjv/2wBDAQoLCw4NDhwQEBw7KCIoOzs7Ozs7 +Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozv/wAARCAAPAA8DASIA +AhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAAAwQH/8QAJRAAAgIBBAIABwAAAAAAAAAAAQIDBBEF +BhIhEyIUFSQxMkFR/8QAFQEBAQAAAAAAAAAAAAAAAAAAAQL/xAAXEQADAQAAAAAAAAAAAAAAAAAA +ERIB/9oADAMBAAIRAxEAPwDQ9yWavzOlVuwS3qRjkaxUiqvYwxx4nkVVPp6yAA/diCAeOVTaluOe +G7DF5IYYbB+HqzRNHJBDxAHqwBCFlkK/oDCjHEqsNuDW9P3JcsVtNs3alotJ9PNEo5GOBAGDuvY8 +L/3ph32QC23puttuy1qupU5alYRyJCk8yO2HEHShGYAAwuT2PyGM5OGcVMmtaR//2Q==</string> </value> + </item> + <item> + <key> <string>height</string> </key> + <value> <int>15</int> </value> + </item> + <item> + <key> <string>precondition</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>size</string> </key> + <value> <int>448</int> </value> + </item> + <item> + <key> <string>title</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>width</string> </key> + <value> <int>15</int> </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/scripts/notifyOwner.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/scripts/notifyOwner.xml new file mode 100644 index 0000000000..1c79e00e87 --- /dev/null +++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/scripts/notifyOwner.xml @@ -0,0 +1,224 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <tuple> + <tuple> + <string>Products.PythonScripts.PythonScript</string> + <string>PythonScript</string> + </tuple> + <none/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>Python_magic</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>Script_magic</string> </key> + <value> <int>3</int> </value> + </item> + <item> + <key> <string>__ac_local_roles__</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>_bind_names</string> </key> + <value> + <object> + <klass> + <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/> + </klass> + <tuple/> + <state> + <dictionary> + <item> + <key> <string>_asgns</string> </key> + <value> + <dictionary> + <item> + <key> <string>name_container</string> </key> + <value> <string>container</string> </value> + </item> + <item> + <key> <string>name_context</string> </key> + <value> <string>context</string> </value> + </item> + <item> + <key> <string>name_m_self</string> </key> + <value> <string>script</string> </value> + </item> + <item> + <key> <string>name_subpath</string> </key> + <value> <string>traverse_subpath</string> </value> + </item> + </dictionary> + </value> + </item> + </dictionary> + </state> + </object> + </value> + </item> + <item> + <key> <string>_body</string> </key> + <value> <string>"""\n +This script tries to send a message to the appropriate recipient\n +from the appropriate sender. It uses portal_notifications\n +and the getObject API of ERP5Catalog.\n +"""\n +from Products.ERP5Type.Log import log\n +\n +object = sci[\'object\']\n +translateString = context.Base_translateString\n +portal_catalog = object.portal_catalog\n +\n +# Get the owner\n +owner = object.getViewPermissionOwner()\n +owner_value = portal_catalog.getResultValue(portal_type=\'Person\', reference=owner)\n +\n +# Get the authenticated user\n +user = context.portal_membership.getAuthenticatedMember().getUserName()\n +user_value = portal_catalog.getResultValue(portal_type=\'Person\', reference=user)\n +\n +# If users are not defined, we need to log and return\n +if not owner or owner_value is None:\n + # We keep a trace because this is the best we\n + # can do (preventing answers is even worse)\n + log("ERP5 Query Workflow", "No owner defined")\n + return\n +if not user or user_value is None:\n + # We keep a trace because this is the best we\n + # can do (preventing answers is even worse)\n + log("ERP5 Query Workflow", "Current user is not defined")\n + return\n +\n +# Build the message and translate it\n +subject = translateString("Query was answered")\n +msg = """The Query ID ${id} which you posted has been answered by ${user}\n +\n +Question:\n +\n +${question}\n +\n +Answer:\n +\n +${answer}\n +""" \n +msg = translateString(msg, \n + mapping=dict(id=object.getId(),\n + subject=subject,\n + user=user_value.getTitle(),\n + question=object.getDescription(),\n + answer=object.getTextContent())\n + )\n +\n +# We can now notify the owner through the notification tool\n +context.portal_notifications.sendMessage(sender=user, recipient=owner, subject=subject, message=msg)\n +</string> </value> + </item> + <item> + <key> <string>_code</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>_filepath</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>_owner</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>_params</string> </key> + <value> <string>sci</string> </value> + </item> + <item> + <key> <string>_proxy_roles</string> </key> + <value> + <tuple> + <string>Manager</string> + </tuple> + </value> + </item> + <item> + <key> <string>errors</string> </key> + <value> + <tuple/> + </value> + </item> + <item> + <key> <string>func_code</string> </key> + <value> + <object> + <klass> + <global name="FuncCode" module="Shared.DC.Scripts.Signature"/> + </klass> + <tuple/> + <state> + <dictionary> + <item> + <key> <string>co_argcount</string> </key> + <value> <int>1</int> </value> + </item> + <item> + <key> <string>co_varnames</string> </key> + <value> + <tuple> + <string>sci</string> + <string>Products.ERP5Type.Log</string> + <string>log</string> + <string>_getitem_</string> + <string>object</string> + <string>_getattr_</string> + <string>context</string> + <string>translateString</string> + <string>portal_catalog</string> + <string>owner</string> + <string>owner_value</string> + <string>user</string> + <string>user_value</string> + <string>None</string> + <string>subject</string> + <string>msg</string> + <string>dict</string> + </tuple> + </value> + </item> + </dictionary> + </state> + </object> + </value> + </item> + <item> + <key> <string>func_defaults</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>id</string> </key> + <value> <string>notifyOwner</string> </value> + </item> + <item> + <key> <string>warnings</string> </key> + <value> + <tuple/> + </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/transitions/answer.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/transitions/answer.xml index d7648ae0f7..619c7981cd 100644 --- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/transitions/answer.xml +++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/transitions/answer.xml @@ -54,7 +54,7 @@ </item> <item> <key> <string>script_name</string> </key> - <value> <string></string> </value> + <value> <string>notifyOwner</string> </value> </item> <item> <key> <string>title</string> </key> diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/worklists/posted.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/worklists/posted.xml index 76d857092e..7d0086c679 100644 --- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/worklists/posted.xml +++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/query_workflow/worklists/posted.xml @@ -30,7 +30,7 @@ <key> <string>actbox_url</string> </key> <value> <string encoding="cdata"><![CDATA[ -query_module?simulation_state=posted&local_roles=%(local_roles)s&reset=1 +query_module?validation_state=posted&local_roles=%(local_roles)s&reset=1 ]]></string> </value> </item> -- 2.30.9