177 subject = 'CWProperty' |
177 subject = 'CWProperty' |
178 object = 'CWUser' |
178 object = 'CWUser' |
179 composite = 'object' |
179 composite = 'object' |
180 cardinality = '?*' |
180 cardinality = '?*' |
181 |
181 |
182 |
|
183 class CWPermission(EntityType): |
|
184 """entity type that may be used to construct some advanced security configuration |
|
185 """ |
|
186 __permissions__ = PUB_SYSTEM_ENTITY_PERMS |
|
187 |
|
188 name = String(required=True, indexed=True, internationalizable=True, maxsize=100, |
|
189 description=_('name or identifier of the permission')) |
|
190 label = String(required=True, internationalizable=True, maxsize=100, |
|
191 description=_('distinct label to distinguate between other ' |
|
192 'permission entity of the same name')) |
|
193 require_group = SubjectRelation('CWGroup', |
|
194 description=_('groups to which the permission is granted')) |
|
195 |
|
196 # explicitly add X require_permission CWPermission for each entity that should have |
|
197 # configurable security |
|
198 class require_permission(RelationType): |
|
199 """link a permission to the entity. This permission should be used in the |
|
200 security definition of the entity's type to be useful. |
|
201 """ |
|
202 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
203 |
|
204 class require_group(RelationType): |
|
205 """used to grant a permission to a group""" |
|
206 __permissions__ = PUB_SYSTEM_REL_PERMS |
|
207 |
182 |
208 |
183 |
209 class ExternalUri(EntityType): |
184 class ExternalUri(EntityType): |
210 """a URI representing an object in external data store""" |
185 """a URI representing an object in external data store""" |
211 uri = String(required=True, unique=True, maxsize=256, |
186 uri = String(required=True, unique=True, maxsize=256, |
380 __permissions__ = { |
355 __permissions__ = { |
381 'read': ('managers', 'users', 'guests',), |
356 'read': ('managers', 'users', 'guests',), |
382 'add': ('managers', RRQLExpression('U has_update_permission S'),), |
357 'add': ('managers', RRQLExpression('U has_update_permission S'),), |
383 'delete': ('managers', RRQLExpression('U has_update_permission S'),), |
358 'delete': ('managers', RRQLExpression('U has_update_permission S'),), |
384 } |
359 } |
|
360 |
|
361 |