cubicweb: comparison web/views/management.py

equal deleted inserted replaced

-:89567fcc6b15
+:d68aac1cda0d
 eid_param('__type', entity.eid), entity.e_schema))
 if msg:
 w(u'<input type="hidden" name="__message" value="%s"/>\n'
 % html_escape(msg))
+class SecurityViewMixIn(object):
-class SecurityManagementView(EntityView):
+"""display security information for a given schema """
+def schema_definition(self, eschema, link=True,  access_types=None):
+w = self.w
+_ = self.req._
+if not access_types:
+access_types = eschema.ACTIONS
+w(u'<table class="schemaInfo">')
+w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % (
+_("permission"), _('granted to groups'), _('rql expressions')))
+for access_type in access_types:
+w(u'<tr>')
+w(u'<td>%s</td>' % _('%s_perm' % access_type))
+groups = eschema.get_groups(access_type)
+l = []
+groups = [(_(group), group) for group in groups]
+for trad, group in sorted(groups):
+if link:
+l.append(u'<a href="%s" class="%s">%s</a><br/>' % (
+self.build_url('egroup/%s' % group), group, trad))
+else:
+l.append(u'<div class="%s">%s</div>' % (group, trad))
+w(u'<td>%s</td>' % u''.join(l))
+rqlexprs = eschema.get_rqlexprs(access_type)
+w(u'<td>%s</td>' % u'<br/><br/>'.join(expr.expression for expr in rqlexprs))
+w(u'</tr>\n')
+w(u'</table>')
+def has_schema_modified_permissions(self, eschema, access_types):
+""" return True if eschema's actual permissions are diffrents
+from the default ones
+"""
+for access_type in access_types:
+if eschema.get_rqlexprs(access_type):
+return True
+if eschema.get_groups(access_type) != \
+frozenset(eschema.get_default_groups()[access_type]):
+return True
+return False
+class SecurityManagementView(EntityView, SecurityViewMixIn):
 """display security information for a given entity"""
 id = 'security'
 title = _('security')
 def cell_call(self, row, col):
 % (entity.dc_type().capitalize(),
 html_escape(entity.absolute_url()),
 html_escape(entity.dc_title())))
 # first show permissions defined by the schema
 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions'))
-self.schema_definition(entity)
+self.schema_definition(entity.e_schema)
 self.w('<h2>%s</h2>' % _('manage security'))
 # ownership information
 if self.schema.rschema('owned_by').has_perm(self.req, 'add',
 fromeid=entity.eid):
 self.owned_by_edit_form(entity)
 w('<h3>%s</h3>' % _('permissions for this entity'))
 reqpermschema = self.schema.rschema('require_permission')
 self.require_permission_information(entity, reqpermschema)
 if reqpermschema.has_perm(self.req, 'add', fromeid=entity.eid):
 self.require_permission_edit_form(entity)
-def schema_definition(self, entity):
-w = self.w
-_ = self.req._
-w(u'<table class="schemaInfo">')
-w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % (
-_("access type"), _('granted to groups'), _('rql expressions')))
-for access_type in ('read', 'add', 'update', 'delete'):
-w(u'<tr>')
-w(u'<th>%s</th>' % self.req.__('%s_permission' % access_type))
-groups = entity.e_schema.get_groups(access_type)
-l = []
-for group in groups:
-l.append(u'<a href="%s">%s</a>' % (
-self.build_url('egroup/%s' % group), _(group)))
-w(u'<td>%s</td>' % u', '.join(l))
-rqlexprs = entity.e_schema.get_rqlexprs(access_type)
-w(u'<td>%s</td>' % u'<br/>'.join(expr.expression for expr in rqlexprs))
-w(u'</tr>\n')
-w(u'</table>')
 def owned_by_edit_form(self, entity):
 self.w('<h3>%s</h3>' % self.req._('ownership'))
 begin_form(self.w, entity, 'security', msg= _('ownerships have been changed'))
 self.w(u'<table border="0">\n')

changeset 1494	d68aac1cda0d
parent 1333	85d1bc9da0ad
child 1522	47b2ffbee760
child 1613	96a136073fd1