Mercurial Mercurial > pub > hg > cubicweb / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
schemas/base.py
changeset 4762 8dce25da9d95
parent 4759 af2e6c377c71
child 5421 8167de96c523
equal deleted inserted replaced
4737:64143d458495 4762:8dce25da9d95 
     8 __docformat__ = "restructuredtext en"
 
     8 __docformat__ = "restructuredtext en"
 
     9 _ = unicode
 
     9 _ = unicode
 
    10 
    10 
    11 from yams.buildobjs import (EntityType, RelationType, SubjectRelation,
 
    11 from yams.buildobjs import (EntityType, RelationType, SubjectRelation,
 
    12                             String, Datetime, Password)
 
    12                             String, Datetime, Password)
 
    13 from cubicweb.schema import (RQLConstraint, WorkflowableEntityType,
 
    13 from cubicweb.schema import (
 
    14                              ERQLExpression, RRQLExpression)
 
    14     RQLConstraint, WorkflowableEntityType, ERQLExpression, RRQLExpression,
 
    15 from cubicweb.schemas import META_ETYPE_PERMS, META_RTYPE_PERMS
 
    15     PUB_SYSTEM_ENTITY_PERMS, PUB_SYSTEM_REL_PERMS, PUB_SYSTEM_ATTR_PERMS)
 
    16 
    16 
    17 class CWUser(WorkflowableEntityType):
 
    17 class CWUser(WorkflowableEntityType):
 
    18     """define a CubicWeb user"""
 
    18     """define a CubicWeb user"""
 
    19     __permissions__ = {
 
    19     __permissions__ = {
 
    20         'read':   ('managers', 'users', ERQLExpression('X identity U')),
 
    20         'read':   ('managers', 'users', ERQLExpression('X identity U')),
 
    83         'delete': ('managers', RRQLExpression('U has_update_permission S'),),
 
    83         'delete': ('managers', RRQLExpression('U has_update_permission S'),),
 
    84         }
 
    84         }
 
    85 
    85 
    86 class in_group(RelationType):
 
    86 class in_group(RelationType):
 
    87     """core relation indicating a user's groups"""
 
    87     """core relation indicating a user's groups"""
 
    88     __permissions__ = META_RTYPE_PERMS
 
    88     __permissions__ = PUB_SYSTEM_REL_PERMS
 
    89 
    89 
    90 class owned_by(RelationType):
 
    90 class owned_by(RelationType):
 
    91     """core relation indicating owners of an entity. This relation
 
    91     """core relation indicating owners of an entity. This relation
 
    92     implicitly put the owner into the owners group for the entity
 
    92     implicitly put the owner into the owners group for the entity
 
    93     """
 
    93     """
 
   116     object = 'CWUser'
 
   116     object = 'CWUser'
 
   117 
   117 
   118 
   118 
   119 class creation_date(RelationType):
 
   119 class creation_date(RelationType):
 
   120     """creation time of an entity"""
 
   120     """creation time of an entity"""
 
       
   121     __permissions__ = PUB_SYSTEM_ATTR_PERMS
 
   121     cardinality = '11'
 
   122     cardinality = '11'
 
   122     subject = '*'
 
   123     subject = '*'
 
   123     object = 'Datetime'
 
   124     object = 'Datetime'
 
   124 
   125 
   125 class modification_date(RelationType):
 
   126 class modification_date(RelationType):
 
   126     """latest modification time of an entity"""
 
   127     """latest modification time of an entity"""
 
       
   128     __permissions__ = PUB_SYSTEM_ATTR_PERMS
 
   127     cardinality = '11'
 
   129     cardinality = '11'
 
   128     subject = '*'
 
   130     subject = '*'
 
   129     object = 'Datetime'
 
   131     object = 'Datetime'
 
   130 
   132 
   131 class cwuri(RelationType):
 
   133 class cwuri(RelationType):
 
   132     """internal entity uri"""
 
   134     """internal entity uri"""
 
       
   135     __permissions__ = PUB_SYSTEM_ATTR_PERMS
 
   133     cardinality = '11'
 
   136     cardinality = '11'
 
   134     subject = '*'
 
   137     subject = '*'
 
   135     object = 'String'
 
   138     object = 'String'
 
   136 
   139 
   137 
   140 
   153 
   156 
   154 
   157 
   155 class CWPermission(EntityType):
 
   158 class CWPermission(EntityType):
 
   156     """entity type that may be used to construct some advanced security configuration
 
   159     """entity type that may be used to construct some advanced security configuration
 
   157     """
 
   160     """
 
   158     __permissions__ = META_ETYPE_PERMS
 
   161     __permissions__ = PUB_SYSTEM_ENTITY_PERMS
 
   159 
   162 
   160     name = String(required=True, indexed=True, internationalizable=True, maxsize=100,
 
   163     name = String(required=True, indexed=True, internationalizable=True, maxsize=100,
 
   161                   description=_('name or identifier of the permission'))
 
   164                   description=_('name or identifier of the permission'))
 
   162     label = String(required=True, internationalizable=True, maxsize=100,
 
   165     label = String(required=True, internationalizable=True, maxsize=100,
 
   163                    description=_('distinct label to distinguate between other permission entity of the same name'))
 
   166                    description=_('distinct label to distinguate between other permission entity of the same name'))
 
   168 # configurable security
 
   171 # configurable security
 
   169 class require_permission(RelationType):
 
   172 class require_permission(RelationType):
 
   170     """link a permission to the entity. This permission should be used in the
 
   173     """link a permission to the entity. This permission should be used in the
 
   171     security definition of the entity's type to be useful.
 
   174     security definition of the entity's type to be useful.
 
   172     """
 
   175     """
 
   173     __permissions__ = META_RTYPE_PERMS
 
   176     __permissions__ = PUB_SYSTEM_REL_PERMS
 
   174 
   177 
   175 class require_group(RelationType):
 
   178 class require_group(RelationType):
 
   176     """used to grant a permission to a group"""
 
   179     """used to grant a permission to a group"""
 
   177     __permissions__ = META_RTYPE_PERMS
 
   180     __permissions__ = PUB_SYSTEM_REL_PERMS
 
   178 
   181 
   179 
   182 
   180 class ExternalUri(EntityType):
 
   183 class ExternalUri(EntityType):
 
   181     """a URI representing an object in external data store"""
 
   184     """a URI representing an object in external data store"""
 
   182     uri = String(required=True, unique=True, maxsize=256,
 
   185     uri = String(required=True, unique=True, maxsize=256,
 
   207     The target application is responsible for updating timestamp
 
   210     The target application is responsible for updating timestamp
 
   208     when necessary to invalidate the cache (typically in hooks).
 
   211     when necessary to invalidate the cache (typically in hooks).
 
   209 
   212 
   210     Also, checkout the AppObject.get_cache() method.
 
   213     Also, checkout the AppObject.get_cache() method.
 
   211     """
 
   214     """
 
       
   215     # XXX only handle by hooks, shouldn't be readable/editable at all through
 
       
   216     # the ui and so no permissions should be granted, no?
 
   212     __permissions__ = {
 
   217     __permissions__ = {
 
   213         'read':   ('managers', 'users', 'guests'),
 
   218         'read':   ('managers', 'users', 'guests'),
 
   214         'add':    ('managers',),
 
   219         'add':    ('managers',),
 
   215         'update': ('managers', 'users',), # XXX
 
   220         'update': ('managers', 'users',), # XXX
 
   216         'delete': ('managers',),
 
   221         'delete': ('managers',),
cubicweb