8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
10 # FOR A PARTICULAR PURPOSE. |
10 # FOR A PARTICULAR PURPOSE. |
11 # |
11 # |
12 |
12 |
13 __docformat__ = 'restructuredtext' |
|
14 |
|
15 |
|
16 # import standard library |
|
17 |
|
18 # import interfaces |
|
19 from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE |
13 from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE |
20 from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, MANAGER_RESTRICTIONS_KEY, \ |
14 from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, \ |
21 IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, IRestrictionInfo, \ |
15 MANAGER_RESTRICTIONS_KEY, IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, \ |
22 IContributorRestrictionInfo, IContributorRestrictions, IContributorRestrictionsFactory, \ |
16 IRestrictionInfo, IContributorRestrictionInfo, IContributorRestrictions, \ |
23 CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions |
17 IContributorRestrictionsFactory, CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions |
24 |
18 |
25 # import packages |
|
26 from persistent import Persistent |
19 from persistent import Persistent |
27 from pyams_security.interfaces import IPrincipalInfo, IRevokedRoleEvent, IGrantedRoleEvent |
20 from pyams_security.interfaces import IPrincipalInfo, IRevokedRoleEvent, IGrantedRoleEvent |
28 from pyams_utils.adapter import adapter_config, ContextAdapter, get_annotation_adapter |
21 from pyams_utils.adapter import adapter_config, ContextAdapter, get_annotation_adapter |
29 from pyams_utils.request import check_request |
22 from pyams_utils.request import check_request |
30 from pyams_utils.traversing import get_parent |
23 from pyams_utils.traversing import get_parent |
32 from zope.container.folder import Folder |
25 from zope.container.folder import Folder |
33 from zope.interface import implementer |
26 from zope.interface import implementer |
34 from zope.schema.fieldproperty import FieldProperty |
27 from zope.schema.fieldproperty import FieldProperty |
35 |
28 |
36 |
29 |
|
30 __docformat__ = 'restructuredtext' |
|
31 |
|
32 |
37 @implementer(IRestrictionInfo) |
33 @implementer(IRestrictionInfo) |
38 class PrincipalRestrictionInfo(Persistent): |
34 class PrincipalRestrictionInfo(Persistent): |
39 """Principal restriction info""" |
35 """Principal restriction info""" |
40 |
36 |
41 principal_id = FieldProperty(IManagerRestrictionInfo['principal_id']) |
37 principal_id = FieldProperty(IManagerRestrictionInfo['principal_id']) |
95 """Shared tool contributor restriction info""" |
91 """Shared tool contributor restriction info""" |
96 |
92 |
97 restriction_interface = IContributorRestrictionInfo |
93 restriction_interface = IContributorRestrictionInfo |
98 |
94 |
99 publication_checks = FieldProperty(IContributorRestrictionInfo['publication_checks']) |
95 publication_checks = FieldProperty(IContributorRestrictionInfo['publication_checks']) |
|
96 owners = FieldProperty(IContributorRestrictionInfo['owners']) |
|
97 |
|
98 def check_access(self, context, permission=MANAGE_CONTENT_PERMISSION, request=None): |
|
99 if request is None: |
|
100 request = check_request() |
|
101 if not request.has_permission(permission, context): # check permission |
|
102 return False |
|
103 if context.owner & (self.owners or set()): # check if owners are matching |
|
104 return True |
|
105 return False |
100 |
106 |
101 |
107 |
102 @adapter_config(context=IBaseSharedTool, provides=IContributorRestrictions) |
108 @adapter_config(context=IBaseSharedTool, provides=IContributorRestrictions) |
103 class SharedToolContributorRestrictions(PrincipalRestrictions): |
109 class SharedToolContributorRestrictions(PrincipalRestrictions): |
104 """Shared tool contributor restrictions""" |
110 """Shared tool contributor restrictions""" |