--- a/src/pyams_content/workflow/__init__.py Tue Oct 01 08:31:43 2019 +0200
+++ b/src/pyams_content/workflow/__init__.py Tue Oct 01 12:04:20 2019 +0200
@@ -10,8 +10,6 @@
# FOR A PARTICULAR PURPOSE.
#
-__docformat__ = 'restructuredtext'
-
from datetime import datetime, timedelta
from pyramid.threadlocal import get_current_registry
@@ -21,11 +19,12 @@
from zope.location import locate
from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary
-from pyams_content import _
-from pyams_content.interfaces import CREATE_VERSION_PERMISSION, MANAGE_CONTENT_PERMISSION, MANAGE_SITE_ROOT_PERMISSION, \
- PUBLISH_CONTENT_PERMISSION
-from pyams_content.interfaces import MANAGER_ROLE, OWNER_ROLE, PILOT_ROLE, READER_ROLE, WEBMASTER_ROLE
-from pyams_content.shared.common.interfaces import IManagerRestrictions, IWfSharedContentRoles
+from pyams_content.interfaces import CREATE_VERSION_PERMISSION, MANAGE_CONTENT_PERMISSION, \
+ MANAGE_SITE_ROOT_PERMISSION, PUBLISH_CONTENT_PERMISSION
+from pyams_content.interfaces import MANAGER_ROLE, OWNER_ROLE, PILOT_ROLE, READER_ROLE, \
+ WEBMASTER_ROLE
+from pyams_content.shared.common.interfaces import IContributorRestrictions, IManagerRestrictions, \
+ IWfSharedContentRoles
from pyams_content.workflow.interfaces import IContentWorkflow
from pyams_content.workflow.task import ContentArchivingTask, ContentPublishingTask
from pyams_scheduler.interfaces import IDateTaskScheduling, IScheduler
@@ -36,11 +35,17 @@
from pyams_utils.registry import get_utility, query_utility, utility_config
from pyams_utils.request import check_request
from pyams_utils.timezone import gmtime
-from pyams_workflow.interfaces import AUTOMATIC, IWorkflow, IWorkflowInfo, IWorkflowPublicationInfo, IWorkflowState, \
- IWorkflowStateLabel, IWorkflowVersions, ObjectClonedEvent, SYSTEM
+from pyams_workflow.interfaces import AUTOMATIC, IWorkflow, IWorkflowInfo, \
+ IWorkflowPublicationInfo, IWorkflowState, IWorkflowStateLabel, IWorkflowVersions, \
+ ObjectClonedEvent, SYSTEM
from pyams_workflow.workflow import Transition, Workflow
+__docformat__ = 'restructuredtext'
+
+from pyams_content import _
+
+
#
# Workflow states
#
@@ -137,12 +142,18 @@
principal_id = request.principal.id
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# grant access to local content managers
if principal_id in context.managers:
return True
# grant access to shared tool managers if restrictions apply
restrictions = IManagerRestrictions(context).get_restrictions(principal_id)
- return restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION, request=request)
+ return restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request)
def can_backdraft_content(wf, context):
@@ -173,6 +184,11 @@
principal_id = request.principal.id
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# grant access to local content managers
if principal_id in context.managers:
return True
@@ -191,6 +207,11 @@
principal_id = request.principal.id
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# grant access to local content managers
if principal_id in context.managers:
return True
@@ -227,6 +248,11 @@
# owner, creator and contributors can cancel workflow request
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# local content managers can cancel workflow request
if principal_id in context.managers:
return True