Updated permissions
authorThierry Florac <thierry.florac@onf.fr>
Mon, 11 Sep 2017 13:41:11 +0200
changeset 24 8547bf49b3db
parent 23 acd4a4eef95d
child 25 702a8fb6f451
Updated permissions
src/pyams_ldap/zmi/plugin.py
--- a/src/pyams_ldap/zmi/plugin.py	Mon Sep 11 13:40:15 2017 +0200
+++ b/src/pyams_ldap/zmi/plugin.py	Mon Sep 11 13:41:11 2017 +0200
@@ -24,7 +24,7 @@
 from pyams_skin.interfaces import IPageHeader
 from pyams_skin.interfaces.viewlet import IToolbarAddingMenu
 from pyams_skin.layer import IPyAMSLayer
-from pyams_utils.interfaces import VIEW_SYSTEM_PERMISSION, MANAGE_SYSTEM_PERMISSION
+from pyams_utils.interfaces import VIEW_SYSTEM_PERMISSION, MANAGE_SECURITY_PERMISSION
 from pyams_zmi.interfaces import IAdminView
 from pyams_zmi.layer import IAdminLayer
 from z3c.form.interfaces import DISPLAY_MODE
@@ -64,7 +64,7 @@
 
 @viewlet_config(name='add-ldap-folder.menu', context=ISite, layer=IAdminLayer,
                 view=SecurityManagerPluginsTable, manager=IToolbarAddingMenu,
-                permission=MANAGE_SYSTEM_PERMISSION, weight=60)
+                permission=MANAGE_SECURITY_PERMISSION, weight=60)
 class LDAPPluginAddMenu(ToolbarMenuItem):
     """LDAP users folder add menu"""
 
@@ -83,7 +83,7 @@
 #
 
 @pagelet_config(name='add-ldap-folder.html', context=ISite, layer=IPyAMSLayer,
-                permission=MANAGE_SYSTEM_PERMISSION)
+                permission=MANAGE_SECURITY_PERMISSION)
 @implementer(ILDAPForm)
 class LDAPPluginAddForm(AdminDialogAddForm):
     """LDAP users folder plug-in add form"""
@@ -94,7 +94,7 @@
 
     fields = field.Fields(IPlugin).omit('__name__', '__parent__')
     ajax_handler = 'add-ldap-folder.json'
-    edit_permission = MANAGE_SYSTEM_PERMISSION
+    edit_permission = MANAGE_SECURITY_PERMISSION
 
     def create(self, data):
         return LDAPPlugin()
@@ -108,7 +108,7 @@
 
 
 @view_config(name='add-ldap-folder.json', context=ISite, request_type=IPyAMSLayer,
-             permission=MANAGE_SYSTEM_PERMISSION, renderer='json', xhr=True)
+             permission=MANAGE_SECURITY_PERMISSION, renderer='json', xhr=True)
 class LDAPPluginAJAXAddForm(AJAXAddForm, LDAPPluginAddForm):
     """LDAP users folder plug-in add form, AJAX handler"""
 
@@ -199,7 +199,7 @@
     fields = field.Fields(IPlugin).omit('__parent__', '__name__')
 
     ajax_handler = 'properties.json'
-    edit_permission = MANAGE_SYSTEM_PERMISSION
+    edit_permission = MANAGE_SECURITY_PERMISSION
 
     def updateWidgets(self, prefix=None):
         super(LDAPPluginEditForm, self).updateWidgets()
@@ -213,7 +213,7 @@
 
 
 @view_config(name='properties.json', context=ILDAPPlugin, request_type=IPyAMSLayer,
-             permission=MANAGE_SYSTEM_PERMISSION, renderer='json', xhr=True)
+             permission=MANAGE_SECURITY_PERMISSION, renderer='json', xhr=True)
 @implementer(IAdminView)
 class LDAPPluginAJAXEditForm(AJAXEditForm, LDAPPluginEditForm):
     """LDAP users folder plug-in edit form, AJAX handler"""
@@ -232,6 +232,8 @@
     legend = None
     fields = field.Fields(ILDAPPlugin).select('server_uri', 'bind_dn', 'bind_password', 'use_tls',
                                               'use_pool', 'pool_size', 'pool_lifetime')
+    edit_permission = MANAGE_SECURITY_PERMISSION
+
     weight = 1
 
 
@@ -245,6 +247,7 @@
     fields = field.Fields(ILDAPPlugin).select('base_dn', 'search_scope', 'login_attribute', 'login_query',
                                               'uid_attribute', 'uid_query', 'title_format',
                                               'mail_attribute', 'user_extra_attributes')
+    edit_permission = MANAGE_SECURITY_PERMISSION
 
     label_css_class = 'control-label col-md-4'
     input_css_class = 'col-md-8'
@@ -264,6 +267,7 @@
                                               'group_members_attribute', 'user_groups_attribute', 'group_mail_mode',
                                               'group_replace_expression', 'group_mail_attribute',
                                               'group_extra_attributes')
+    edit_permission = MANAGE_SECURITY_PERMISSION
 
     label_css_class = 'control-label col-md-4'
     input_css_class = 'col-md-8'
@@ -279,6 +283,7 @@
     legend = None
     fields = field.Fields(ILDAPPlugin).select('users_select_query', 'users_search_query',
                                               'groups_select_query', 'groups_search_query')
+    edit_permission = MANAGE_SECURITY_PERMISSION
 
     label_css_class = 'control-label col-md-4'
     input_css_class = 'col-md-8'