Mercurial Mercurial > pyams > pyams_security / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added user profile ACL
authorThierry Florac <thierry.florac@onf.fr>
Mon, 18 Jan 2016 18:31:24 +0100
changeset 58 5085503b72c2
parent 57 61244cf5c1a0
child 59 45ce94599ba1
Added user profile ACL
src/pyams_security/profile.py file | annotate | diff | comparison | revisions
src/pyams_security/zmi/profile.py file | annotate | diff | comparison | revisions 
--- a/src/pyams_security/profile.py	Thu Oct 15 15:38:05 2015 +0200
+++ b/src/pyams_security/profile.py	Mon Jan 18 18:31:24 2016 +0100
@@ -18,6 +18,7 @@
 # import interfaces
 from pyams_security.interfaces import IPrincipalInfo
 from pyams_security.interfaces.profile import PUBLIC_PROFILE_KEY, IPublicProfile
+from pyams_utils.interfaces import PUBLIC_PERMISSION
 from pyams_utils.interfaces.site import ISiteRoot
 from pyams_utils.interfaces.tales import ITALESExtension
 from zope.annotation.interfaces import IAnnotations, IAttributeAnnotatable
@@ -27,8 +28,9 @@
 from persistent import Persistent
 from pyams_file.property import FileProperty
 from pyams_utils.adapter import adapter_config, ContextRequestAdapter
-from pyams_utils.request import check_request
+from pyams_utils.request import check_request, query_request
 from pyams_utils.traversing import get_parent
+from pyramid.security import Allow, ALL_PERMISSIONS, Everyone
 from pyramid.threadlocal import get_current_registry, get_current_request
 from zope.container.contained import Contained
 from zope.lifecycleevent import ObjectCreatedEvent
@@ -42,6 +44,14 @@
 
     avatar = FileProperty(IPublicProfile['avatar'])
 
+    def __acl__(self):
+        result = [(Allow, 'system:admin', ALL_PERMISSIONS)]
+        request = query_request()
+        if request is not None:
+            result.append((Allow, request.principal.id, ALL_PERMISSIONS))
+        result.append((Allow, Everyone, PUBLIC_PERMISSION))
+        return result
+
 
 @adapter_config(context=Interface, provides=IPublicProfile)
 def PublicProfileFactory(context):
--- a/src/pyams_security/zmi/profile.py	Thu Oct 15 15:38:05 2015 +0200
+++ b/src/pyams_security/zmi/profile.py	Mon Jan 18 18:31:24 2016 +0100
@@ -18,16 +18,19 @@
 # import interfaces
 from pyams_form.interfaces.form import IInnerTabForm
 from pyams_security.interfaces.profile import IPublicProfile
-from pyams_skin.interfaces.viewlet import IShortcutsViewletManager
+from pyams_skin.interfaces.viewlet import IUserMenusViewletManager
 from pyams_skin.layer import IPyAMSLayer
+from pyams_utils.interfaces.site import ISiteRoot
 
 # import packages
-from pyams_form.form import InnerEditForm, AJAXEditForm
+from pyams_form.form import AJAXEditForm
 from pyams_pagelet.pagelet import pagelet_config
+from pyams_skin.viewlet.menu import MenuItem, MenuDivider
+from pyams_template.template import template_config
+from pyams_utils.adapter import adapter_config
+from pyams_utils.traversing import get_parent
 from pyams_viewlet.viewlet import viewlet_config
-from pyams_skin.viewlet.shortcuts import Shortcut
-from pyams_utils.adapter import adapter_config
-from pyams_zmi.form import AdminDialogEditForm
+from pyams_zmi.form import AdminDialogEditForm, InnerAdminEditForm
 from pyramid.view import view_config
 from z3c.form import field
 from zope.interface import Interface
@@ -35,16 +38,20 @@
 from pyams_security import _
 
 
-@viewlet_config(name='profile', layer=IPyAMSLayer, manager=IShortcutsViewletManager, weight=10)
-class UserProfileShortcut(Shortcut):
-    """User profile shortcut"""
+@viewlet_config(name='login', layer=IPyAMSLayer, manager=IUserMenusViewletManager, weight=1)
+@template_config(template='templates/user-login.pt', layer=IPyAMSLayer)
+class UserLoginMenuItem(MenuItem):
+    """User login menu item"""
+
+
+@viewlet_config(name='profile', layer=IPyAMSLayer, manager=IUserMenusViewletManager, weight=10)
+class UserProfileMenuItem(MenuItem):
+    """User profile menu item"""
 
     label = _("User profile")
-    bg_color_class = 'bg-color-greenLight'
     icon_class = 'fa-user'
     url = 'user-profile.html'
     modal_target = True
-    checked = 'selected'
 
 
 @pagelet_config(name='user-profile.html', layer=IPyAMSLayer)
@@ -63,6 +70,9 @@
     def title(self):
         return self.request.principal.title
 
+    def getContent(self):
+        return get_parent(self.context, ISiteRoot)
+
 
 @view_config(name='user-profile.json', request_type=IPyAMSLayer, renderer='json', xhr=True)
 class UserProfileAJAXEditForm(AJAXEditForm, UserProfileEditForm):
@@ -72,7 +82,7 @@
 @adapter_config(name='public_profile',
                 context=(Interface, IPyAMSLayer, UserProfileEditForm),
                 provides=IInnerTabForm)
-class PublicProfileTabForm(InnerEditForm):
+class PublicProfileTabForm(InnerAdminEditForm):
     """Public profile tab form"""
 
     tab_label = _("Public profile")
@@ -88,3 +98,18 @@
 
     def getContent(self):
         return IPublicProfile(self.request.principal)
+
+
+@viewlet_config(name='logout-divider', layer=IPyAMSLayer, manager=IUserMenusViewletManager, weight=999)
+class UserLogoutMenuDivider(MenuDivider):
+    """User logout menu divider"""
+
+
+@viewlet_config(name='logout-menu', layer=IPyAMSLayer, manager=IUserMenusViewletManager, weight=1000)
+class UserLogoutMenuItem(MenuItem):
+    """User logout menu item"""
+
+    label = _("Logout")
+    css_class = 'logout'
+    icon_class = 'fa-sign-out'
+    url = "logout.html"
pyams/pyams_security