Mercurial Mercurial > pyams > pyams_content / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_content/shared/common/security.py
changeset 1358 c682811fa1ea
parent 591 b694d5667d17
equal deleted inserted replaced
1357:329116e5f8e3 1358:c682811fa1ea 
     8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 
     8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
 
     9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
 
     9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
 
    10 # FOR A PARTICULAR PURPOSE.
 
    10 # FOR A PARTICULAR PURPOSE.
 
    11 #
 
    11 #
 
    12 
    12 
    13 __docformat__ = 'restructuredtext'
 
       
    14 
       
    15 
       
    16 # import standard library
 
       
    17 
       
    18 # import interfaces
 
       
    19 from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE
 
    13 from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE
 
    20 from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, MANAGER_RESTRICTIONS_KEY, \
 
    14 from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, \
 
    21     IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, IRestrictionInfo, \
 
    15     MANAGER_RESTRICTIONS_KEY, IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, \
 
    22     IContributorRestrictionInfo, IContributorRestrictions, IContributorRestrictionsFactory, \
 
    16     IRestrictionInfo, IContributorRestrictionInfo, IContributorRestrictions, \
 
    23     CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions
 
    17     IContributorRestrictionsFactory, CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions
 
    24 
    18 
    25 # import packages
 
       
    26 from persistent import Persistent
 
    19 from persistent import Persistent
 
    27 from pyams_security.interfaces import IPrincipalInfo, IRevokedRoleEvent, IGrantedRoleEvent
 
    20 from pyams_security.interfaces import IPrincipalInfo, IRevokedRoleEvent, IGrantedRoleEvent
 
    28 from pyams_utils.adapter import adapter_config, ContextAdapter, get_annotation_adapter
 
    21 from pyams_utils.adapter import adapter_config, ContextAdapter, get_annotation_adapter
 
    29 from pyams_utils.request import check_request
 
    22 from pyams_utils.request import check_request
 
    30 from pyams_utils.traversing import get_parent
 
    23 from pyams_utils.traversing import get_parent
 
    32 from zope.container.folder import Folder
 
    25 from zope.container.folder import Folder
 
    33 from zope.interface import implementer
 
    26 from zope.interface import implementer
 
    34 from zope.schema.fieldproperty import FieldProperty
 
    27 from zope.schema.fieldproperty import FieldProperty
 
    35 
    28 
    36 
    29 
       
    30 __docformat__ = 'restructuredtext'
 
       
    31 
       
    32 
    37 @implementer(IRestrictionInfo)
 
    33 @implementer(IRestrictionInfo)
 
    38 class PrincipalRestrictionInfo(Persistent):
 
    34 class PrincipalRestrictionInfo(Persistent):
 
    39     """Principal restriction info"""
 
    35     """Principal restriction info"""
 
    40 
    36 
    41     principal_id = FieldProperty(IManagerRestrictionInfo['principal_id'])
 
    37     principal_id = FieldProperty(IManagerRestrictionInfo['principal_id'])
 
    95     """Shared tool contributor restriction info"""
 
    91     """Shared tool contributor restriction info"""
 
    96 
    92 
    97     restriction_interface = IContributorRestrictionInfo
 
    93     restriction_interface = IContributorRestrictionInfo
 
    98 
    94 
    99     publication_checks = FieldProperty(IContributorRestrictionInfo['publication_checks'])
 
    95     publication_checks = FieldProperty(IContributorRestrictionInfo['publication_checks'])
 
       
    96     owners = FieldProperty(IContributorRestrictionInfo['owners'])
 
       
    97 
       
    98     def check_access(self, context, permission=MANAGE_CONTENT_PERMISSION, request=None):
 
       
    99         if request is None:
 
       
   100             request = check_request()
 
       
   101         if not request.has_permission(permission, context):  # check permission
 
       
   102             return False
 
       
   103         if context.owner & (self.owners or set()):  # check if owners are matching
 
       
   104             return True
 
       
   105         return False
 
   100 
   106 
   101 
   107 
   102 @adapter_config(context=IBaseSharedTool, provides=IContributorRestrictions)
 
   108 @adapter_config(context=IBaseSharedTool, provides=IContributorRestrictions)
 
   103 class SharedToolContributorRestrictions(PrincipalRestrictions):
 
   109 class SharedToolContributorRestrictions(PrincipalRestrictions):
 
   104     """Shared tool contributor restrictions"""
 
   110     """Shared tool contributor restrictions"""
pyams/pyams_content