Mercurial Mercurial > pyams > pyams_content / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_content/shared/common/security.py
changeset 1358 c682811fa1ea
parent 591 b694d5667d17 
--- a/src/pyams_content/shared/common/security.py	Tue Oct 01 08:31:43 2019 +0200
+++ b/src/pyams_content/shared/common/security.py	Tue Oct 01 12:04:20 2019 +0200
@@ -10,19 +10,12 @@
 # FOR A PARTICULAR PURPOSE.
 #
 
-__docformat__ = 'restructuredtext'
-
-
-# import standard library
+from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE
+from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, \
+    MANAGER_RESTRICTIONS_KEY, IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, \
+    IRestrictionInfo, IContributorRestrictionInfo, IContributorRestrictions, \
+    IContributorRestrictionsFactory, CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions
 
-# import interfaces
-from pyams_content.interfaces import MANAGE_CONTENT_PERMISSION, MANAGER_ROLE, CONTRIBUTOR_ROLE
-from pyams_content.shared.common.interfaces import IWfSharedContent, IManagerRestrictions, MANAGER_RESTRICTIONS_KEY, \
-    IManagerRestrictionsFactory, IBaseSharedTool, IManagerRestrictionInfo, IRestrictionInfo, \
-    IContributorRestrictionInfo, IContributorRestrictions, IContributorRestrictionsFactory, \
-    CONTRIBUTOR_RESTRICTIONS_KEY, IRestrictions
-
-# import packages
 from persistent import Persistent
 from pyams_security.interfaces import IPrincipalInfo, IRevokedRoleEvent, IGrantedRoleEvent
 from pyams_utils.adapter import adapter_config, ContextAdapter, get_annotation_adapter
@@ -34,6 +27,9 @@
 from zope.schema.fieldproperty import FieldProperty
 
 
+__docformat__ = 'restructuredtext'
+
+
 @implementer(IRestrictionInfo)
 class PrincipalRestrictionInfo(Persistent):
     """Principal restriction info"""
@@ -97,6 +93,16 @@
     restriction_interface = IContributorRestrictionInfo
 
     publication_checks = FieldProperty(IContributorRestrictionInfo['publication_checks'])
+    owners = FieldProperty(IContributorRestrictionInfo['owners'])
+
+    def check_access(self, context, permission=MANAGE_CONTENT_PERMISSION, request=None):
+        if request is None:
+            request = check_request()
+        if not request.has_permission(permission, context):  # check permission
+            return False
+        if context.owner & (self.owners or set()):  # check if owners are matching
+            return True
+        return False
 
 
 @adapter_config(context=IBaseSharedTool, provides=IContributorRestrictions)
pyams/pyams_content