|
1 from yams.buildobjs import EntityType, RelationType, RelationDefinition, String |
|
2 from cubicweb.schema import PUB_SYSTEM_ENTITY_PERMS, PUB_SYSTEM_REL_PERMS |
|
3 |
|
4 |
|
5 class CWPermission(EntityType): |
|
6 """entity type that may be used to construct some advanced security |
|
7 configuration |
|
8 """ |
|
9 __permissions__ = PUB_SYSTEM_ENTITY_PERMS |
|
10 |
|
11 name = String(required=True, indexed=True, internationalizable=True, |
|
12 maxsize=100, description=( |
|
13 'name or identifier of the permission')) |
|
14 label = String(required=True, internationalizable=True, maxsize=100, |
|
15 description=('distinct label to distinguate between other ' |
|
16 'permission entity of the same name')) |
|
17 |
|
18 |
|
19 class granted_permission(RelationType): |
|
20 """explicitly granted permission on an entity""" |
|
21 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
22 # XXX cardinality = '*1' |
|
23 |
|
24 |
|
25 class require_permission(RelationType): |
|
26 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
27 |
|
28 |
|
29 class require_group(RelationDefinition): |
|
30 """groups to which the permission is granted""" |
|
31 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
32 subject = 'CWPermission' |
|
33 object = 'CWGroup' |
|
34 |
|
35 |
|
36 class has_group_permission(RelationDefinition): |
|
37 """short cut relation for 'U in_group G, P require_group G' for efficiency |
|
38 reason. This relation is set automatically, you should not set this. |
|
39 """ |
|
40 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
41 subject = 'CWUser' |
|
42 object = 'CWPermission' |