14 from cubicweb.selectors import yes, none_rset, match_user_groups, authenticated_user |
14 from cubicweb.selectors import yes, none_rset, match_user_groups, authenticated_user |
15 from cubicweb.view import AnyRsetView, StartupView, EntityView, View |
15 from cubicweb.view import AnyRsetView, StartupView, EntityView, View |
16 from cubicweb.uilib import html_traceback, rest_traceback |
16 from cubicweb.uilib import html_traceback, rest_traceback |
17 from cubicweb.web import formwidgets as wdgs |
17 from cubicweb.web import formwidgets as wdgs |
18 from cubicweb.web.formfields import guess_field |
18 from cubicweb.web.formfields import guess_field |
|
19 from cubicweb.web.views.schema import SecurityViewMixIn |
19 |
20 |
20 from yams.buildobjs import EntityType |
21 from yams.buildobjs import EntityType |
21 |
22 |
22 SUBMIT_MSGID = _('Submit bug report') |
23 SUBMIT_MSGID = _('Submit bug report') |
23 MAIL_SUBMIT_MSGID = _('Submit bug report by mail') |
24 MAIL_SUBMIT_MSGID = _('Submit bug report by mail') |
24 |
25 |
25 |
26 class SecurityManagementView(SecurityViewMixIn, EntityView): |
26 class SecurityViewMixIn(object): |
|
27 """display security information for a given schema """ |
|
28 |
|
29 def schema_definition(self, eschema, link=True, access_types=None): |
|
30 w = self.w |
|
31 _ = self._cw._ |
|
32 if not access_types: |
|
33 access_types = eschema.ACTIONS |
|
34 w(u'<table class="schemaInfo">') |
|
35 w(u'<tr><th>%s</th><th>%s</th><th>%s</th></tr>' % ( |
|
36 _("permission"), _('granted to groups'), _('rql expressions'))) |
|
37 for access_type in access_types: |
|
38 w(u'<tr>') |
|
39 w(u'<td>%s</td>' % self._cw.__('%s_perm' % access_type)) |
|
40 groups = eschema.get_groups(access_type) |
|
41 l = [] |
|
42 groups = [(_(group), group) for group in groups] |
|
43 for trad, group in sorted(groups): |
|
44 if link: |
|
45 # XXX we should get a group entity and call its absolute_url |
|
46 # method |
|
47 l.append(u'<a href="%s" class="%s">%s</a><br/>' % ( |
|
48 self._cw.build_url('cwgroup/%s' % group), group, trad)) |
|
49 else: |
|
50 l.append(u'<div class="%s">%s</div>' % (group, trad)) |
|
51 w(u'<td>%s</td>' % u''.join(l)) |
|
52 rqlexprs = eschema.get_rqlexprs(access_type) |
|
53 w(u'<td>%s</td>' % u'<br/><br/>'.join(expr.expression for expr in rqlexprs)) |
|
54 w(u'</tr>\n') |
|
55 w(u'</table>') |
|
56 |
|
57 class SecurityManagementView(EntityView, SecurityViewMixIn): |
|
58 """display security information for a given entity""" |
27 """display security information for a given entity""" |
59 __regid__ = 'security' |
28 __regid__ = 'security' |
60 __select__ = EntityView.__select__ & authenticated_user() |
29 __select__ = EntityView.__select__ & authenticated_user() |
61 |
30 |
62 title = _('security') |
31 title = _('security') |
75 % (entity.dc_type().capitalize(), |
44 % (entity.dc_type().capitalize(), |
76 xml_escape(entity.absolute_url()), |
45 xml_escape(entity.absolute_url()), |
77 xml_escape(entity.dc_title()))) |
46 xml_escape(entity.dc_title()))) |
78 # first show permissions defined by the schema |
47 # first show permissions defined by the schema |
79 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
48 self.w('<h2>%s</h2>' % _('schema\'s permissions definitions')) |
80 self.schema_definition(entity.e_schema) |
49 self.permissions_table(entity.e_schema) |
81 self.w('<h2>%s</h2>' % _('manage security')) |
50 self.w('<h2>%s</h2>' % _('manage security')) |
82 # ownership information |
51 # ownership information |
83 if self._cw.vreg.schema.rschema('owned_by').has_perm(self._cw, 'add', |
52 if self._cw.vreg.schema.rschema('owned_by').has_perm(self._cw, 'add', |
84 fromeid=entity.eid): |
53 fromeid=entity.eid): |
85 self.owned_by_edit_form(entity) |
54 self.owned_by_edit_form(entity) |