34 eid_param('__type', entity.eid), entity.e_schema)) |
34 eid_param('__type', entity.eid), entity.e_schema)) |
35 if msg: |
35 if msg: |
36 w(u'<input type="hidden" name="__message" value="%s"/>\n' |
36 w(u'<input type="hidden" name="__message" value="%s"/>\n' |
37 % html_escape(msg)) |
37 % html_escape(msg)) |
38 |
38 |
39 |
39 class SecurityViewMixIn(object): |
40 class SecurityManagementView(EntityView): |
40 """display security information for a given schema """ |
|
41 def schema_definition(self, eschema, link=True, access_types=None): |
|
42 w = self.w |
|
43 _ = self.req._ |
|
44 if not access_types: |
|
45 access_types = eschema.ACTIONS |
|
46 w(u'<table class="schemaInfo">') |
|
47 w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % ( |
|
48 _("permission"), _('granted to groups'), _('rql expressions'))) |
|
49 for access_type in access_types: |
|
50 w(u'<tr>') |
|
51 w(u'<td>%s</td>' % _('%s_perm' % access_type)) |
|
52 groups = eschema.get_groups(access_type) |
|
53 l = [] |
|
54 groups = [(_(group), group) for group in groups] |
|
55 for trad, group in sorted(groups): |
|
56 if link: |
|
57 l.append(u'<a href="%s" class="%s">%s</a><br/>' % ( |
|
58 self.build_url('egroup/%s' % group), group, trad)) |
|
59 else: |
|
60 l.append(u'<div class="%s">%s</div>' % (group, trad)) |
|
61 w(u'<td>%s</td>' % u''.join(l)) |
|
62 rqlexprs = eschema.get_rqlexprs(access_type) |
|
63 w(u'<td>%s</td>' % u'<br/><br/>'.join(expr.expression for expr in rqlexprs)) |
|
64 w(u'</tr>\n') |
|
65 w(u'</table>') |
|
66 |
|
67 def has_schema_modified_permissions(self, eschema, access_types): |
|
68 """ return True if eschema's actual permissions are diffrents |
|
69 from the default ones |
|
70 """ |
|
71 for access_type in access_types: |
|
72 if eschema.get_rqlexprs(access_type): |
|
73 return True |
|
74 if eschema.get_groups(access_type) != \ |
|
75 frozenset(eschema.get_default_groups()[access_type]): |
|
76 return True |
|
77 return False |
|
78 |
|
79 class SecurityManagementView(EntityView, SecurityViewMixIn): |
41 """display security information for a given entity""" |
80 """display security information for a given entity""" |
42 id = 'security' |
81 id = 'security' |
43 title = _('security') |
82 title = _('security') |
44 |
83 |
45 def cell_call(self, row, col): |
84 def cell_call(self, row, col): |
52 % (entity.dc_type().capitalize(), |
91 % (entity.dc_type().capitalize(), |
53 html_escape(entity.absolute_url()), |
92 html_escape(entity.absolute_url()), |
54 html_escape(entity.dc_title()))) |
93 html_escape(entity.dc_title()))) |
55 # first show permissions defined by the schema |
94 # first show permissions defined by the schema |
56 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
95 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
57 self.schema_definition(entity) |
96 self.schema_definition(entity.e_schema) |
58 self.w('<h2>%s</h2>' % _('manage security')) |
97 self.w('<h2>%s</h2>' % _('manage security')) |
59 # ownership information |
98 # ownership information |
60 if self.schema.rschema('owned_by').has_perm(self.req, 'add', |
99 if self.schema.rschema('owned_by').has_perm(self.req, 'add', |
61 fromeid=entity.eid): |
100 fromeid=entity.eid): |
62 self.owned_by_edit_form(entity) |
101 self.owned_by_edit_form(entity) |
67 w('<h3>%s</h3>' % _('permissions for this entity')) |
106 w('<h3>%s</h3>' % _('permissions for this entity')) |
68 reqpermschema = self.schema.rschema('require_permission') |
107 reqpermschema = self.schema.rschema('require_permission') |
69 self.require_permission_information(entity, reqpermschema) |
108 self.require_permission_information(entity, reqpermschema) |
70 if reqpermschema.has_perm(self.req, 'add', fromeid=entity.eid): |
109 if reqpermschema.has_perm(self.req, 'add', fromeid=entity.eid): |
71 self.require_permission_edit_form(entity) |
110 self.require_permission_edit_form(entity) |
72 |
|
73 def schema_definition(self, entity): |
|
74 w = self.w |
|
75 _ = self.req._ |
|
76 w(u'<table class="schemaInfo">') |
|
77 w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % ( |
|
78 _("access type"), _('granted to groups'), _('rql expressions'))) |
|
79 for access_type in ('read', 'add', 'update', 'delete'): |
|
80 w(u'<tr>') |
|
81 w(u'<th>%s</th>' % self.req.__('%s_permission' % access_type)) |
|
82 groups = entity.e_schema.get_groups(access_type) |
|
83 l = [] |
|
84 for group in groups: |
|
85 l.append(u'<a href="%s">%s</a>' % ( |
|
86 self.build_url('egroup/%s' % group), _(group))) |
|
87 w(u'<td>%s</td>' % u', '.join(l)) |
|
88 rqlexprs = entity.e_schema.get_rqlexprs(access_type) |
|
89 w(u'<td>%s</td>' % u'<br/>'.join(expr.expression for expr in rqlexprs)) |
|
90 w(u'</tr>\n') |
|
91 w(u'</table>') |
|
92 |
111 |
93 def owned_by_edit_form(self, entity): |
112 def owned_by_edit_form(self, entity): |
94 self.w('<h3>%s</h3>' % self.req._('ownership')) |
113 self.w('<h3>%s</h3>' % self.req._('ownership')) |
95 begin_form(self.w, entity, 'security', msg= _('ownerships have been changed')) |
114 begin_form(self.w, entity, 'security', msg= _('ownerships have been changed')) |
96 self.w(u'<table border="0">\n') |
115 self.w(u'<table border="0">\n') |