equal
deleted
inserted
replaced
7 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED |
7 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED |
8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
10 # FOR A PARTICULAR PURPOSE. |
10 # FOR A PARTICULAR PURPOSE. |
11 # |
11 # |
|
12 from pyams_utils.interfaces import PUBLIC_PERMISSION |
12 |
13 |
13 __docformat__ = 'restructuredtext' |
14 __docformat__ = 'restructuredtext' |
14 |
15 |
15 # import standard library |
16 # import standard library |
16 import logging |
17 import logging |
168 return roles |
169 return roles |
169 |
170 |
170 @request_property(key=None) |
171 @request_property(key=None) |
171 def __acl__(self): |
172 def __acl__(self): |
172 # always grant all permissions to system manager |
173 # always grant all permissions to system manager |
173 result = [(Allow, ADMIN_USER_ID, ALL_PERMISSIONS)] |
174 # and 'public' permission to everyone |
|
175 result = [(Allow, ADMIN_USER_ID, ALL_PERMISSIONS), |
|
176 (Allow, Everyone, {PUBLIC_PERMISSION})] |
174 # grant access to all roles permissions |
177 # grant access to all roles permissions |
175 for role_id in self.get_granted_roles(): |
178 for role_id in self.get_granted_roles(): |
176 role = query_utility(IRole, role_id) |
179 role = query_utility(IRole, role_id) |
177 if role is not None: |
180 if role is not None: |
178 result.append((Allow, 'role:{0}'.format(role_id), role.permissions)) |
181 result.append((Allow, 'role:{0}'.format(role_id), role.permissions)) |