Mercurial Mercurial > pyams > pyams_form / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Updated form context permission checker
authorThierry Florac <tflorac@ulthar.net>
Wed, 26 May 2021 09:26:21 +0200
changeset 227 2ff78f851351
parent 226 89e80c486d52
child 228 5342b300e50e
Updated form context permission checker
src/pyams_form/security.py file | annotate | diff | comparison | revisions 
--- a/src/pyams_form/security.py	Mon Feb 01 13:45:25 2021 +0100
+++ b/src/pyams_form/security.py	Wed May 26 09:26:21 2021 +0200
@@ -21,14 +21,29 @@
 __docformat__ = 'restructuredtext'
 
 
-def get_edit_permission(request, context=None):
-    """Get required edit permission"""
+def get_checker(request, context=None, view=None, action=''):
+    """Get permission checker"""
+    registry = request.registry
     if context is None:
         context = request.context
-    registry = request.registry
-    checker = registry.queryMultiAdapter((context, request), IFormContextPermissionChecker)
+    checker = registry.queryMultiAdapter((context, request, view),
+                                         IFormContextPermissionChecker,
+                                         name=action) if view is not None else None
+    if checker is None:
+        checker = registry.queryMultiAdapter((context, request),
+                                             IFormContextPermissionChecker,
+                                             name=action)
     if checker is None:
-        checker = registry.queryAdapter(context, IFormContextPermissionChecker)
+        checker = registry.queryAdapter(context, IFormContextPermissionChecker,
+                                        name=action)
+    return checker
+
+
+def get_edit_permission(request, context=None, action=''):
+    """Get required edit permission"""
+    checker = get_checker(request, context, action=action)
+    if action and (checker is None):
+        checker = get_checker(request, context, action='')
     if checker is not None:
         return checker.edit_permission
     return None
@@ -50,23 +65,21 @@
     security context.
     """
 
+    action_type = ''  # default action
+
     @reify
     def permission(self):
         """This permission is required to be able to edit the form context"""
         request = self.request  # pylint: disable=no-member
-        registry = request.registry
-        checker = None
         context = IFormSecurityContext(self, None)
         if context is None:
             context = self.context  # pylint: disable=no-member
         view = getattr(self, '__parent__', None) or \
             getattr(self, 'view', None) or \
             getattr(self, 'table', None)
-        if view is not None:
-            checker = registry.queryMultiAdapter((context, request, view),
-                                                 IFormContextPermissionChecker)
-        if checker is None:
-            checker = registry.queryAdapter(context, IFormContextPermissionChecker)
+        checker = get_checker(request, context, view, action=self.action_type)
+        if (checker is None) and self.action_type:
+            checker = get_checker(request, context, action='')
         if checker is not None:
             return checker.edit_permission
         return None
pyams/pyams_form