diff -r 3826d8480a68 -r a1d5365fefc1 web/views/management.py
--- a/web/views/management.py Tue Sep 13 14:41:53 2011 +0200
+++ b/web/views/management.py Tue Sep 13 14:48:24 2011 +0200
@@ -1,4 +1,4 @@
-# copyright 2003-2010 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# copyright 2003-2011 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr/ -- mailto:contact@logilab.fr
#
# This file is part of CubicWeb.
@@ -45,10 +45,9 @@
self.w(u'%s
' % self._cw._('validating...'))
super(SecurityManagementView, self).call()
- def cell_call(self, row, col):
+ def entity_call(self, entity):
self._cw.add_js('cubicweb.edition.js')
self._cw.add_css('cubicweb.acl.css')
- entity = self.cw_rset.get_entity(row, col)
w = self.w
_ = self._cw._
w(u''
@@ -65,13 +64,6 @@
self.owned_by_edit_form(entity)
else:
self.owned_by_information(entity)
- # cwpermissions
- if 'require_permission' in entity.e_schema.subject_relations():
- w('%s
' % _('permissions for this entity'))
- reqpermschema = self._cw.vreg.schema.rschema('require_permission')
- self.require_permission_information(entity, reqpermschema)
- if reqpermschema.has_perm(self._cw, 'add', fromeid=entity.eid):
- self.require_permission_edit_form(entity)
def owned_by_edit_form(self, entity):
self.w('%s
' % self._cw._('ownership'))
@@ -97,65 +89,6 @@
# else we don't know if this is because entity has no owner or becayse
# user as no access to owner users entities
- def require_permission_information(self, entity, reqpermschema):
- if entity.require_permission:
- w = self.w
- _ = self._cw._
- if reqpermschema.has_perm(self._cw, 'delete', fromeid=entity.eid):
- delurl = self._cw.build_url('edit', __redirectvid='security',
- __redirectpath=entity.rest_path())
- delurl = delurl.replace('%', '%%')
- # don't give __delete value to build_url else it will be urlquoted
- # and this will replace %s by %25s
- delurl += '&__delete=%s:require_permission:%%s' % entity.eid
- dellinktempl = u'[-] ' % (
- xml_escape(delurl), _('delete this permission'))
- else:
- dellinktempl = None
- w(u'')
- w(u'| %s | %s |
|---|
' % (_("permission"),
- _('granted to groups')))
- for cwperm in entity.require_permission:
- w(u'')
- if dellinktempl:
- w(u'| %s%s | ' % (dellinktempl % cwperm.eid,
- cwperm.view('oneline')))
- else:
- w(u'%s | ' % cwperm.view('oneline'))
- w(u'%s | ' % self._cw.view('csv', cwperm.related('require_group'), 'null'))
- w(u'
\n')
- w(u'
')
- else:
- self.w(self._cw._('no associated permissions'))
-
- def require_permission_edit_form(self, entity):
- newperm = self._cw.vreg['etypes'].etype_class('CWPermission')(self._cw)
- newperm.eid = self._cw.varmaker.next()
- self.w(u'%s
' % self._cw._('add a new permission'))
- form = self._cw.vreg['forms'].select('base', self._cw, entity=newperm,
- form_buttons=[wdgs.SubmitButton()],
- domid='reqperm%s' % entity.eid,
- __redirectvid='security',
- __redirectpath=entity.rest_path())
- form.add_hidden('require_permission', entity.eid, role='object',
- eidparam=True)
- permnames = getattr(entity, '__permissions__', None)
- cwpermschema = newperm.e_schema
- if permnames is not None:
- field = guess_field(cwpermschema, self._cw.vreg.schema.rschema('name'),
- widget=wdgs.Select({'size': 1}),
- choices=permnames)
- else:
- field = guess_field(cwpermschema, self._cw.vreg.schema.rschema('name'))
- form.append_field(field)
- field = guess_field(cwpermschema, self._cw.vreg.schema.rschema('label'))
- form.append_field(field)
- field = guess_field(cwpermschema, self._cw.vreg.schema.rschema('require_group'))
- form.append_field(field)
- renderer = self._cw.vreg['formrenderers'].select(
- 'htable', self._cw, rset=None, display_progress_div=False)
- form.render(w=self.w, renderer=renderer)
-
class ErrorView(AnyRsetView):
"""default view when no result has been found"""