Mercurial Mercurial > pyams > pyams_security / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update default protected object ACL to grant 'public' permission to everyone
authorThierry Florac <thierry.florac@onf.fr>
Wed, 11 Apr 2018 16:43:52 +0200
changeset 118 e29e9774400a
parent 117 bab0e0098c8e
child 119 ccf5a7b0bbe4
Update default protected object ACL to grant 'public' permission to everyone
src/pyams_security/security.py file | annotate | diff | comparison | revisions 
--- a/src/pyams_security/security.py	Wed Apr 11 11:40:14 2018 +0200
+++ b/src/pyams_security/security.py	Wed Apr 11 16:43:52 2018 +0200
@@ -9,6 +9,7 @@
 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
 # FOR A PARTICULAR PURPOSE.
 #
+from pyams_utils.interfaces import PUBLIC_PERMISSION
 
 __docformat__ = 'restructuredtext'
 
@@ -170,7 +171,9 @@
     @request_property(key=None)
     def __acl__(self):
         # always grant all permissions to system manager
-        result = [(Allow, ADMIN_USER_ID, ALL_PERMISSIONS)]
+        # and 'public' permission to everyone
+        result = [(Allow, ADMIN_USER_ID, ALL_PERMISSIONS),
+                  (Allow, Everyone, {PUBLIC_PERMISSION})]
         # grant access to all roles permissions
         for role_id in self.get_granted_roles():
             role = query_utility(IRole, role_id)
pyams/pyams_security