--- a/src/pyams_thesaurus/__init__.py Mon Jun 11 16:11:07 2018 +0200
+++ b/src/pyams_thesaurus/__init__.py Tue Jun 26 15:10:29 2018 +0200
@@ -16,14 +16,16 @@
from pyramid.i18n import TranslationStringFactory
_ = TranslationStringFactory('pyams_thesaurus')
-from pyams_thesaurus.interfaces import CREATE_THESAURUS_PERMISSION, ADMIN_THESAURUS_PERMISSION, \
- MANAGE_THESAURUS_CONTENT_PERMISSION, MANAGE_THESAURUS_EXTRACT_PERMISSION
-from pyams_utils.interfaces import VIEW_PERMISSION, VIEW_SYSTEM_PERMISSION
-
def includeme(config):
"""Pyramid include"""
+ from pyams_security.interfaces import SYSTEM_ADMIN_ROLE, ADMIN_USER_ID
+ from pyams_thesaurus.interfaces import CREATE_THESAURUS_PERMISSION, ADMIN_THESAURUS_PERMISSION, \
+ MANAGE_THESAURUS_CONTENT_PERMISSION, MANAGE_THESAURUS_EXTRACT_PERMISSION, THESAURUS_ADMIN_ROLE, \
+ THESAURUS_MANAGER_ROLE, THESAURUS_EXTRACT_MANAGER_ROLE
+ from pyams_utils.interfaces import VIEW_PERMISSION, VIEW_SYSTEM_PERMISSION
+
from .include import include_package
include_package(config)
@@ -38,19 +40,24 @@
'title': _("Manage thesaurus extract")})
# register custom roles
- config.register_role({'id': 'thesaurus.Admin',
+ config.register_role({'id': THESAURUS_ADMIN_ROLE,
'title': _("Thesaurus administrator (role)"),
'permissions': {ADMIN_THESAURUS_PERMISSION, MANAGE_THESAURUS_CONTENT_PERMISSION,
MANAGE_THESAURUS_EXTRACT_PERMISSION,
VIEW_PERMISSION, VIEW_SYSTEM_PERMISSION},
- 'managers': {'system:admin', 'role:system.Manager'}})
- config.register_role({'id': 'thesaurus.Manager',
+ 'managers': {ADMIN_USER_ID,
+ 'role:{0}'.format(SYSTEM_ADMIN_ROLE)}})
+ config.register_role({'id': THESAURUS_MANAGER_ROLE,
'title': _("Thesaurus content manager (role)"),
'permissions': {MANAGE_THESAURUS_CONTENT_PERMISSION, MANAGE_THESAURUS_EXTRACT_PERMISSION,
VIEW_PERMISSION, VIEW_SYSTEM_PERMISSION},
- 'managers': {'system:admin', 'role:system.Manager', 'role:thesaurus.Admin'}})
- config.register_role({'id': 'thesaurus.ExtractManager',
+ 'managers': {ADMIN_USER_ID,
+ 'role:{0}'.format(SYSTEM_ADMIN_ROLE),
+ 'role:{0}'.format(THESAURUS_ADMIN_ROLE)}})
+ config.register_role({'id': THESAURUS_EXTRACT_MANAGER_ROLE,
'title': _("Thesaurus extract manager (role)"),
'permissions': {MANAGE_THESAURUS_EXTRACT_PERMISSION,
VIEW_PERMISSION, VIEW_SYSTEM_PERMISSION},
- 'managers': {'system:admin', 'role:system.Manager', 'role:thesaurus.Admin'}})
+ 'managers': {ADMIN_USER_ID,
+ 'role:{0}'.format(SYSTEM_ADMIN_ROLE),
+ 'role:{0}'.format(THESAURUS_ADMIN_ROLE)}})
--- a/src/pyams_thesaurus/interfaces/__init__.py Mon Jun 11 16:11:07 2018 +0200
+++ b/src/pyams_thesaurus/interfaces/__init__.py Tue Jun 26 15:10:29 2018 +0200
@@ -31,3 +31,15 @@
MANAGE_THESAURUS_EXTRACT_PERMISSION = 'pyams.ManageThesaurusExtract'
'''Permission to manage thesaurus extract contents'''
+
+
+THESAURUS_ADMIN_ROLE = 'thesaurus.Admin'
+'''Thesaurus admin is allowed to manage all thesaurus properties'''
+
+
+THESAURUS_MANAGER_ROLE = 'thesaurus.Manager'
+'''Thesaurus manager is allowed to manage thesaurus terms and extracts'''
+
+
+THESAURUS_EXTRACT_MANAGER_ROLE = 'thesaurus.ExtractManager'
+'''Thesaurus extract manager is allowed to manager content of a thesaurus extract'''