--- a/src/pyams_content/workflow/basic.py Tue Oct 01 08:31:43 2019 +0200
+++ b/src/pyams_content/workflow/basic.py Tue Oct 01 12:04:20 2019 +0200
@@ -10,8 +10,6 @@
# FOR A PARTICULAR PURPOSE.
#
-__docformat__ = 'restructuredtext'
-
from datetime import datetime, timedelta
from zope.copy import copy
@@ -20,11 +18,10 @@
from zope.location import locate
from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary
-from pyams_content import _
from pyams_content.interfaces import CREATE_VERSION_PERMISSION, MANAGER_ROLE, \
- MANAGE_CONTENT_PERMISSION, MANAGE_SITE_ROOT_PERMISSION, OWNER_ROLE, PILOT_ROLE, PUBLISH_CONTENT_PERMISSION, \
- READER_ROLE, WEBMASTER_ROLE
-from pyams_content.shared.common.interfaces import IManagerRestrictions
+ MANAGE_CONTENT_PERMISSION, MANAGE_SITE_ROOT_PERMISSION, OWNER_ROLE, PILOT_ROLE, \
+ PUBLISH_CONTENT_PERMISSION, READER_ROLE, WEBMASTER_ROLE
+from pyams_content.shared.common.interfaces import IContributorRestrictions, IManagerRestrictions
from pyams_content.shared.common.interfaces import IWfSharedContentRoles
from pyams_content.workflow import ContentArchivingTask, ContentPublishingTask
from pyams_content.workflow.interfaces import IBasicWorkflow
@@ -36,11 +33,16 @@
from pyams_utils.registry import get_current_registry, get_utility, query_utility, utility_config
from pyams_utils.request import check_request
from pyams_utils.timezone import gmtime
-from pyams_workflow.interfaces import IWorkflow, IWorkflowInfo, IWorkflowPublicationInfo, IWorkflowState, \
- IWorkflowStateLabel, IWorkflowVersions, ObjectClonedEvent, SYSTEM
+from pyams_workflow.interfaces import IWorkflow, IWorkflowInfo, IWorkflowPublicationInfo, \
+ IWorkflowState, IWorkflowStateLabel, IWorkflowVersions, ObjectClonedEvent, SYSTEM
from pyams_workflow.workflow import Transition, Workflow
+__docformat__ = 'restructuredtext'
+
+from pyams_content import _
+
+
DRAFT = 'draft'
PRE_PUBLISHED = 'pre-published'
PUBLISHED = 'published'
@@ -127,6 +129,11 @@
principal_id = request.principal.id
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# grant access to local content managers
if principal_id in context.managers:
return True
@@ -145,6 +152,11 @@
principal_id = request.principal.id
if principal_id in context.owner | {context.creator} | context.contributors:
return True
+ # grant access to allowed contributors
+ restrictions = IContributorRestrictions(context).get_restrictions(principal_id)
+ if restrictions and restrictions.check_access(context, permission=MANAGE_CONTENT_PERMISSION,
+ request=request):
+ return True
# grant access to local content managers
if principal_id in context.managers:
return True