Mercurial Mercurial > pyams > pyams_form / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_form/security.py
changeset 204 c435de184bda
parent 95 aafae25003ba
child 227 2ff78f851351 
--- a/src/pyams_form/security.py	Tue Nov 19 16:30:58 2019 +0100
+++ b/src/pyams_form/security.py	Wed Dec 04 11:05:25 2019 +0100
@@ -10,16 +10,15 @@
 # FOR A PARTICULAR PURPOSE.
 #
 
-__docformat__ = 'restructuredtext'
+"""PyAMS_form.security module
 
-
-# import standard library
+"""
 
-# import interfaces
-from pyams_form.interfaces.form import IFormSecurityContext, IFormContextPermissionChecker
+from pyramid.decorator import reify
 
-# import packages
-from pyramid.decorator import reify
+from pyams_form.interfaces.form import IFormContextPermissionChecker, IFormSecurityContext
+
+__docformat__ = 'restructuredtext'
 
 
 def get_edit_permission(request, context=None):
@@ -32,22 +31,42 @@
         checker = registry.queryAdapter(context, IFormContextPermissionChecker)
     if checker is not None:
         return checker.edit_permission
+    return None
 
 
-class ProtectedFormObjectMixin(object):
-    """Form object protected by a permission"""
+class ProtectedFormObjectMixin:
+    """Form object protected by a permission
+
+    A "protected" form is a form on which you apply a permission; the context on which the security
+    applies can be provided by an :py:class:`IFormSecurityContext
+    <pyams_form.interfaces.IFormSecurityContext>` adapter, or will be extracted for the form
+    context itself.
+
+    The permission itself will be provided by an adapter to :py:class:`IFormContextPermissionChecker
+    <pyams_form.interfaces.IFormContextPermissionChecker>`
+    :
+
+    This class is a form mixin class which should be used for forms protected by a
+    security context.
+    """
 
     @reify
     def permission(self):
-        registry = self.request.registry
+        """This permission is required to be able to edit the form context"""
+        request = self.request  # pylint: disable=no-member
+        registry = request.registry
         checker = None
         context = IFormSecurityContext(self, None)
         if context is None:
-            context = self.context
-        view = getattr(self, '__parent__', None) or getattr(self, 'view', None) or getattr(self, 'table', None)
+            context = self.context  # pylint: disable=no-member
+        view = getattr(self, '__parent__', None) or \
+            getattr(self, 'view', None) or \
+            getattr(self, 'table', None)
         if view is not None:
-            checker = registry.queryMultiAdapter((context, self.request, view), IFormContextPermissionChecker)
+            checker = registry.queryMultiAdapter((context, request, view),
+                                                 IFormContextPermissionChecker)
         if checker is None:
             checker = registry.queryAdapter(context, IFormContextPermissionChecker)
         if checker is not None:
             return checker.edit_permission
+        return None
pyams/pyams_form