|
1 # |
|
2 # Copyright (c) 2008-2015 Thierry Florac <tflorac AT ulthar.net> |
|
3 # All Rights Reserved. |
|
4 # |
|
5 # This software is subject to the provisions of the Zope Public License, |
|
6 # Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. |
|
7 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED |
|
8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
|
10 # FOR A PARTICULAR PURPOSE. |
|
11 # |
|
12 from pyams_utils.schema import TextLineListField |
|
13 |
|
14 __docformat__ = 'restructuredtext' |
|
15 |
|
16 |
|
17 # import standard library |
|
18 |
|
19 # import interfaces |
|
20 from pyams_content.interfaces import IBaseContent, MANAGE_CONTENT_PERMISSION |
|
21 from pyams_content.root.interfaces import ISiteRoot |
|
22 from pyams_workflow.interfaces import IWorkflowManagedContent |
|
23 from zope.container.interfaces import IContainer |
|
24 |
|
25 # import packages |
|
26 from pyams_i18n.schema import I18nTextField |
|
27 from pyams_security.schema import Principal, PrincipalsSet |
|
28 from zope.container.constraints import containers, contains |
|
29 from zope.interface import Interface, Attribute |
|
30 from zope.schema import Choice, Bool, Text, Datetime |
|
31 |
|
32 from pyams_content import _ |
|
33 |
|
34 |
|
35 class ISharedToolContainer(IBaseContent, IContainer): |
|
36 """Shared tools container""" |
|
37 |
|
38 containers(ISiteRoot) |
|
39 contains('.ISharedTool') |
|
40 |
|
41 |
|
42 class ISharedTool(IBaseContent, IContainer): |
|
43 """Shared tool interface""" |
|
44 |
|
45 containers(ISharedToolContainer) |
|
46 contains('.ISharedData') |
|
47 |
|
48 shared_content_type = Attribute("Shared data content type") |
|
49 shared_content_factory = Attribute("Shared data factory") |
|
50 |
|
51 shared_content_workflow = Choice(title=_("Workflow name"), |
|
52 description=_("Name of workflow utility used to manage tool contents"), |
|
53 vocabulary="PyAMS workflows", |
|
54 default="PyAMS default workflow") |
|
55 |
|
56 |
|
57 class ISharedToolRoles(Interface): |
|
58 """Shared tool roles interface""" |
|
59 |
|
60 webmasters = PrincipalsSet(title=_("Webmasters"), |
|
61 description=_("Webmasters can handle all contents, including published ones"), |
|
62 role_id='pyams.Webmaster', |
|
63 required=False) |
|
64 |
|
65 pilots = PrincipalsSet(title=_("Pilots"), |
|
66 description=_("Pilots can handle tool configuration, manage access rules, grant users " |
|
67 "roles and manage managers restrictions"), |
|
68 role_id='pyams.Pilot', |
|
69 required=False) |
|
70 |
|
71 managers = PrincipalsSet(title=_("Managers"), |
|
72 description=_("Managers can handle main operations in tool's workflow, like publish " |
|
73 "or retire contents"), |
|
74 role_id='pyams.Manager', |
|
75 required=False) |
|
76 |
|
77 contributors = PrincipalsSet(title=_("Contributors"), |
|
78 description=_("Contributors are users which are allowed to create new contents"), |
|
79 role_id='pyams.Contributor', |
|
80 required=False) |
|
81 |
|
82 |
|
83 class IWfSharedContent(IBaseContent): |
|
84 """Shared content interface""" |
|
85 |
|
86 content_type = Attribute("Content data type") |
|
87 content_name = Attribute("Content name") |
|
88 |
|
89 creator = Principal(title=_("Version creator"), |
|
90 description=_("Name of content's version creator. " |
|
91 "The creator of the first version is also it's owner."), |
|
92 required=True) |
|
93 |
|
94 first_owner = Principal(title=_("First owner"), |
|
95 description=_("Name of content's first version owner"), |
|
96 required=True, |
|
97 readonly=True) |
|
98 |
|
99 modifiers = PrincipalsSet(title=_("Version modifiers"), |
|
100 description=_("List of principals who modified this content"), |
|
101 required=False) |
|
102 |
|
103 description = I18nTextField(title=_("Description"), |
|
104 description=_("The content's description is 'hidden' into HTML's page headers; but it " |
|
105 "can be seen, for example, in some search engines results as content's " |
|
106 "description"), |
|
107 required=False) |
|
108 |
|
109 keywords = TextLineListField(title=_("Keywords"), |
|
110 description=_("They will be included into HTML pages metadata"), |
|
111 required=False) |
|
112 |
|
113 notepad = Text(title=_("Notepad"), |
|
114 description=_("Internal information to be known about this content"), |
|
115 required=False) |
|
116 |
|
117 |
|
118 class IWfSharedContentRoles(Interface): |
|
119 """Shared content roles""" |
|
120 |
|
121 owner = PrincipalsSet(title=_("Content owner"), |
|
122 description=_("The owner is the creator of content's first version, except if it was " |
|
123 "transferred afterwards to another owner"), |
|
124 role_id='pyams.Owner', |
|
125 required=True, |
|
126 max_length=1) |
|
127 |
|
128 managers = PrincipalsSet(title=_("Managers"), |
|
129 description=_("Managers can handle main operations in tool's workflow, like publish " |
|
130 "or retire contents"), |
|
131 role_id='pyams.Manager', |
|
132 required=False) |
|
133 |
|
134 contributors = PrincipalsSet(title=_("Contributors"), |
|
135 description=_("Contributors are users which are allowed to update this content in " |
|
136 "addition to it's owner"), |
|
137 role_id='pyams.Contributor', |
|
138 required=False) |
|
139 |
|
140 readers = PrincipalsSet(title=_("Readers"), |
|
141 description=_("Readers are users which are asked to verify and comment contents before " |
|
142 "they are published"), |
|
143 role_id='pyams.Reader', |
|
144 required=False) |
|
145 |
|
146 guests = PrincipalsSet(title=_("Guests"), |
|
147 description=_("Guests are users which are allowed to view contents with restricted access"), |
|
148 role_id='pyams.Guest', |
|
149 required=False) |
|
150 |
|
151 |
|
152 class ISharedContent(IWorkflowManagedContent): |
|
153 """Workflow managed shared content interface""" |
|
154 |
|
155 |
|
156 # |
|
157 # Shared tool manager security restrictions |
|
158 # |
|
159 |
|
160 MANAGER_RESTRICTIONS_KEY = 'pyams_content.manager.restrictions' |
|
161 |
|
162 |
|
163 class IManagerRestrictionInfo(Interface): |
|
164 """Shared content manager restrictions""" |
|
165 |
|
166 principal_id = Principal(title=_("Principal ID"), |
|
167 required=True) |
|
168 |
|
169 restriction_interface = Attribute("Restrictions interface") |
|
170 |
|
171 restricted_contents = Bool(title=_("Restricted contents"), |
|
172 description=_("If 'yes', this manager will get restricted access to manage contents " |
|
173 "based on selected settings"), |
|
174 required=False, |
|
175 default=True) |
|
176 |
|
177 owners = PrincipalsSet(title=_("Selected owners"), |
|
178 description=_("Manager will have access to contents owned by these principals"), |
|
179 required=False) |
|
180 |
|
181 def check_access(self, context, permission=MANAGE_CONTENT_PERMISSION, request=None): |
|
182 """Check if principal is granted access to given content""" |
|
183 |
|
184 |
|
185 class IManagerRestrictionsFactory(Interface): |
|
186 """Manager restrictions factory interface""" |
|
187 |
|
188 |
|
189 class IManagerRestrictions(Interface): |
|
190 """Manager restrictions""" |
|
191 |
|
192 def get_restrictions(self, principal): |
|
193 """Get manager restrictions for given principal""" |
|
194 |
|
195 def set_restrictions(self, principal, restrictions): |
|
196 """Set manager restrictions for given principal""" |