Mercurial Mercurial > pyams > pyams_security / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/pyams_security/zmi/security.py
changeset 42 07229ac2497b
parent 34 b84b491ea8bd
child 44 b999bd4dd461
equal deleted inserted replaced
41:905e30f5467b 42:07229ac2497b 
    14 
    14 
    15 
    15 
    16 # import standard library
 
    16 # import standard library
 
    17 
    17 
    18 # import interfaces
 
    18 # import interfaces
 
    19 from pyams_security.interfaces import IDefaultProtectionPolicy, IProtectedObject
 
    19 from pyams_form.interfaces.form import IInnerSubForm
 
       
    20 from pyams_security.interfaces import IDefaultProtectionPolicy, IProtectedObject, IRole
 
    20 from pyams_skin.layer import IPyAMSLayer
 
    21 from pyams_skin.layer import IPyAMSLayer
 
    21 from pyams_zmi.interfaces.menu import IPropertiesMenu
 
    22 from pyams_zmi.interfaces.menu import IPropertiesMenu
 
    22 from pyams_zmi.layer import IAdminLayer
 
    23 from pyams_zmi.layer import IAdminLayer
 
       
    24 from z3c.form.interfaces import DISPLAY_MODE, INPUT_MODE
 
    23 
    25 
    24 # import packages
 
    26 # import packages
 
    25 from pyams_form.form import AJAXEditForm
 
    27 from pyams_form.form import AJAXEditForm, InnerEditForm
 
    26 from pyams_pagelet.pagelet import pagelet_config
 
    28 from pyams_pagelet.pagelet import pagelet_config
 
    27 from pyams_skin.viewlet.menu import MenuItem
 
    29 from pyams_skin.viewlet.menu import MenuItem, MenuDivider
 
       
    30 from pyams_utils.adapter import adapter_config
 
       
    31 from pyams_utils.registry import get_utility
 
    28 from pyams_viewlet.viewlet import viewlet_config
 
    32 from pyams_viewlet.viewlet import viewlet_config
 
    29 from pyams_zmi.form import AdminDialogEditForm
 
    33 from pyams_zmi.form import AdminDialogEditForm
 
    30 from pyramid.view import view_config
 
    34 from pyramid.view import view_config
 
    31 from z3c.form import field
 
    35 from z3c.form import field
 
       
    36 from zope.interface import Interface
 
    32 
    37 
    33 from pyams_security import _
 
    38 from pyams_security import _
 
    34 
    39 
    35 
    40 
       
    41 @viewlet_config(name='protected-object-roles.divider', context=IDefaultProtectionPolicy, layer=IAdminLayer,
 
       
    42                 manager=IPropertiesMenu, permission='system.view', weight=899)
 
       
    43 class ProtectedObjectRolesMenuDivider(MenuDivider):
 
       
    44     """Protected object roles menu divider"""
 
       
    45 
       
    46 
    36 @viewlet_config(name='protected-object-roles.menu', context=IDefaultProtectionPolicy, layer=IAdminLayer,
 
    47 @viewlet_config(name='protected-object-roles.menu', context=IDefaultProtectionPolicy, layer=IAdminLayer,
 
    37                 manager=IPropertiesMenu, permission='system.view', weight=10)
 
    48                 manager=IPropertiesMenu, permission='system.view', weight=900)
 
    38 class ProtectedObjectRolesMenuItem(MenuItem):
 
    49 class ProtectedObjectRolesMenuItem(MenuItem):
 
    39     """Protected object roles menu item"""
 
    50     """Protected object roles menu item"""
 
    40 
    51 
    41     label = _("Access rules...")
 
    52     label = _("Access rules...")
 
    42     icon_class = 'fa fa-fw fa-key'
 
    53     icon_class = 'fa fa-fw fa-key'
 
    47 @pagelet_config(name='protected-object-roles.html', context=IDefaultProtectionPolicy, layer=IPyAMSLayer,
 
    58 @pagelet_config(name='protected-object-roles.html', context=IDefaultProtectionPolicy, layer=IPyAMSLayer,
 
    48                 permission='system.view')
 
    59                 permission='system.view')
 
    49 class ProtectedObjectRolesEditForm(AdminDialogEditForm):
 
    60 class ProtectedObjectRolesEditForm(AdminDialogEditForm):
 
    50     """Protected object roles edit form"""
 
    61     """Protected object roles edit form"""
 
    51 
    62 
    52     @property
 
    63     legend = None
 
    53     def title(self):
 
    64     fieldset_class = 'no-padding'
 
    54         return self.context.title
 
       
    55 
    65 
    56     legend = _("Edit local roles")
 
    66     fields = field.Fields(Interface)
 
       
    67     ajax_handler = 'protected-object-roles.json'
 
       
    68     edit_permission = None
 
       
    69 
       
    70 
       
    71 @adapter_config(name='security.subform',
 
       
    72                 context=(IDefaultProtectionPolicy, IPyAMSLayer, ProtectedObjectRolesEditForm),
 
       
    73                 provides=IInnerSubForm)
 
       
    74 class ProtectedObjectSecuritySubform(InnerEditForm):
 
       
    75     """Protected object security sub-form"""
 
       
    76 
       
    77     legend = _("Security management")
 
    57     icon_css_class = 'fa fa-fw fa-key'
 
    78     icon_css_class = 'fa fa-fw fa-key'
 
    58     label_css_class = 'control-label col-md-4'
 
    79     label_css_class = 'control-label col-md-4'
 
    59     input_css_class = 'col-md-8'
 
    80     input_css_class = 'col-md-8'
 
    60 
    81 
    61     ajax_handler = 'protected-object-roles.json'
 
    82     fields = field.Fields(IProtectedObject)
 
    62     edit_permission = 'system.manage'
 
    83     edit_permission = 'security.manage'
 
    63 
    84     weight = 1
 
    64     @property
 
       
    65     def fields(self):
 
       
    66         fields = field.Fields(IProtectedObject) + \
 
       
    67                  field.Fields(self.context.roles_interface)
 
       
    68         return fields
 
       
    69 
    85 
    70     def updateWidgets(self, prefix=None):
 
    86     def updateWidgets(self, prefix=None):
 
    71         super(ProtectedObjectRolesEditForm, self).updateWidgets()
 
    87         super(ProtectedObjectSecuritySubform, self).updateWidgets()
 
    72         translate = self.request.localizer.translate
 
    88         translate = self.request.localizer.translate
 
    73         self.widgets['everyone_permissions'].noValueMessage = translate(_("(inherit from parent)"))
 
    89         self.widgets['everyone_permissions'].noValueMessage = translate(_("(inherit from parent)"))
 
    74         self.widgets['authenticated_permissions'].noValueMessage = translate(_("(inherit from parent)"))
 
    90         self.widgets['authenticated_permissions'].noValueMessage = translate(_("(inherit from parent)"))
 
    75 
    91 
    76 
    92 
       
    93 @adapter_config(name='roles.subform',
 
       
    94                 context=(IDefaultProtectionPolicy, IPyAMSLayer, ProtectedObjectRolesEditForm),
 
       
    95                 provides=IInnerSubForm)
 
       
    96 class ProtectedObjectRolesSubform(InnerEditForm):
 
       
    97     """Protected object roles edit form"""
 
       
    98 
       
    99     legend = _("Granted roles")
 
       
   100     icon_css_class = 'fa fa-fw fa-users'
 
       
   101 
       
   102     @property
 
       
   103     def fields(self):
 
       
   104         return field.Fields(self.context.roles_interface)
 
       
   105 
       
   106     edit_permission = 'security.manage_roles'
 
       
   107     weight = 2
 
       
   108 
       
   109     def updateWidgets(self, prefix=None):
 
       
   110         super(ProtectedObjectRolesSubform, self).updateWidgets(prefix)
 
       
   111         if self.mode == DISPLAY_MODE:
 
       
   112             return
 
       
   113         principals = self.request.effective_principals
 
       
   114         for widget in self.widgets.values():
 
       
   115             widget.mode = DISPLAY_MODE
 
       
   116             role = get_utility(IRole, name=widget.field.role_id)
 
       
   117             if role.managers:
 
       
   118                 for manager in role.managers:
 
       
   119                     if manager in principals:
 
       
   120                         widget.mode = INPUT_MODE
 
       
   121 
       
   122 
    77 @view_config(name='protected-object-roles.json', context=IDefaultProtectionPolicy, request_type=IPyAMSLayer,
 
   123 @view_config(name='protected-object-roles.json', context=IDefaultProtectionPolicy, request_type=IPyAMSLayer,
 
    78              permission='system.manage', renderer='json', xhr=True)
 
   124              permission='security.manage', renderer='json', xhr=True)
 
    79 class ProtectedObjectRolesAJAXEditForm(AJAXEditForm, ProtectedObjectRolesEditForm):
 
   125 class ProtectedObjectRolesAJAXEditForm(AJAXEditForm, ProtectedObjectRolesEditForm):
 
    80     """Protected object roles edit form, AJAX view"""
 
   126     """Protected object roles edit form, AJAX view"""
pyams/pyams_security