# HG changeset patch # User Katia Saurfelt # Date 1240586128 -7200 # Node ID d68aac1cda0d8188875a65b9f9171568cf9175d2 # Parent 89567fcc6b1553c3bd0f90f7886d9363ff25c1bd #342695: add new security section to the schema view diff -r 89567fcc6b15 -r d68aac1cda0d i18n/en.po --- a/i18n/en.po Thu Apr 23 12:16:16 2009 +0200 +++ b/i18n/en.po Fri Apr 24 17:15:28 2009 +0200 @@ -118,6 +118,10 @@ msgid "%s software version of the database" msgstr "" +#, python-format +msgid "%s_perm" +msgstr "" + msgid "**" msgstr "0..n 0..n" @@ -196,12 +200,6 @@ msgid "Bytes_plural" msgstr "Bytes" -msgid "Card" -msgstr "Card" - -msgid "Card_plural" -msgstr "Cards" - msgid "Date" msgstr "Date" @@ -332,9 +330,6 @@ msgid "New Bookmark" msgstr "New bookmark" -msgid "New Card" -msgstr "New card" - msgid "New ECache" msgstr "" @@ -471,9 +466,6 @@ msgid "This Bookmark" msgstr "This bookmark" -msgid "This Card" -msgstr "This card" - msgid "This ECache" msgstr "" @@ -596,11 +588,6 @@ msgstr "" msgid "" -"a card is a textual content used as documentation, reference, procedure " -"reminder" -msgstr "" - -msgid "" "a simple cache entity characterized by a name and a validity date. The " "target application is responsible for updating timestamp when necessary to " "invalidate the cache (typically in hooks). Also, checkout the AppRsetObject." @@ -820,9 +807,6 @@ msgid "add a Bookmark" msgstr "add a bookmark" -msgid "add a Card" -msgstr "add a card" - msgid "add a ECache" msgstr "" @@ -928,9 +912,6 @@ msgid "am/pm calendar (year)" msgstr "" -msgid "an abstract for this card" -msgstr "" - msgid "an electronic mail address associated to a short alias" msgstr "" @@ -968,6 +949,9 @@ msgid "attribute" msgstr "" +msgid "attributes with modified permissions:" +msgstr "" + msgid "august" msgstr "" @@ -1236,12 +1220,6 @@ msgid "constraints applying on this relation" msgstr "" -msgid "content" -msgstr "" - -msgid "content_format" -msgstr "content format" - msgid "contentnavigation" msgstr "contextual components" @@ -1827,7 +1805,7 @@ msgstr "" msgid "hide meta-data" -msgstr "" +msgstr "hide meta entities and relations" msgid "home" msgstr "" @@ -1945,9 +1923,6 @@ msgid "inlined" msgstr "" -msgid "inlined view" -msgstr "" - msgid "internationalizable" msgstr "" @@ -2220,6 +2195,9 @@ msgid "object" msgstr "" +msgid "object_plural:" +msgstr "objects:" + msgid "october" msgstr "" @@ -2278,6 +2256,12 @@ msgid "permission" msgstr "" +msgid "permissions for entities" +msgstr "" + +msgid "permissions for relations" +msgstr "" + msgid "permissions for this entity" msgstr "" @@ -2290,9 +2274,6 @@ msgid "pkey" msgstr "key" -msgid "planned_delivery" -msgstr "planned delivery" - msgid "please correct errors below" msgstr "" @@ -2348,6 +2329,9 @@ msgid "relation_type_object" msgstr "relation definitions" +msgid "relations" +msgstr "" + msgid "relations deleted" msgstr "" @@ -2357,9 +2341,6 @@ msgid "remove this Bookmark" msgstr "remove this bookmark" -msgid "remove this Card" -msgstr "remove this card" - msgid "remove this ECache" msgstr "" @@ -2543,7 +2524,7 @@ msgstr "" msgid "show meta-data" -msgstr "" +msgstr "show the complete schema" msgid "site configuration" msgstr "" @@ -2597,6 +2578,9 @@ msgid "subject/object cardinality" msgstr "" +msgid "subject_plural:" +msgstr "subjects:" + msgid "sunday" msgstr "" @@ -2606,9 +2590,6 @@ msgid "symetric" msgstr "" -msgid "synopsis" -msgstr "" - msgid "system entities" msgstr "" @@ -2724,6 +2705,9 @@ msgid "unknown property key" msgstr "" +msgid "up" +msgstr "" + msgid "upassword" msgstr "password" @@ -2850,9 +2834,6 @@ "which is the preferred form." msgstr "" -msgid "wikiid" -msgstr "wiki identifier" - #, python-format msgid "workflow for %s" msgstr "" @@ -2871,3 +2852,30 @@ msgid "you have been logged out" msgstr "" + +#~ msgid "Card" +#~ msgstr "Card" + +#~ msgid "Card_plural" +#~ msgstr "Cards" + +#~ msgid "New Card" +#~ msgstr "New card" + +#~ msgid "This Card" +#~ msgstr "This card" + +#~ msgid "add a Card" +#~ msgstr "add a card" + +#~ msgid "content_format" +#~ msgstr "content format" + +#~ msgid "planned_delivery" +#~ msgstr "planned delivery" + +#~ msgid "remove this Card" +#~ msgstr "remove this card" + +#~ msgid "wikiid" +#~ msgstr "wiki identifier" diff -r 89567fcc6b15 -r d68aac1cda0d i18n/es.po --- a/i18n/es.po Thu Apr 23 12:16:16 2009 +0200 +++ b/i18n/es.po Fri Apr 24 17:15:28 2009 +0200 @@ -123,6 +123,10 @@ msgid "%s software version of the database" msgstr "version sistema de la base para %s" +#, python-format +msgid "%s_perm" +msgstr "" + msgid "**" msgstr "0..n 0..n" @@ -201,12 +205,6 @@ msgid "Bytes_plural" msgstr "Datos binarios" -msgid "Card" -msgstr "Ficha" - -msgid "Card_plural" -msgstr "Fichas" - msgid "Date" msgstr "Fecha" @@ -337,9 +335,6 @@ msgid "New Bookmark" msgstr "Nuevo Atajo" -msgid "New Card" -msgstr "Nueva ficha" - msgid "New ECache" msgstr "Nueva memoria cache" @@ -476,9 +471,6 @@ msgid "This Bookmark" msgstr "Este atajo" -msgid "This Card" -msgstr "Esta Ficha" - msgid "This ECache" msgstr "Esta Memoria Cache" @@ -615,13 +607,6 @@ "representan respectivamente la entidad en transición y el usuarioactual. " msgid "" -"a card is a textual content used as documentation, reference, procedure " -"reminder" -msgstr "" -"una ficha es un texto utilizado como documentación, referencia, memoria de " -"procedimiento..." - -msgid "" "a simple cache entity characterized by a name and a validity date. The " "target application is responsible for updating timestamp when necessary to " "invalidate the cache (typically in hooks). Also, checkout the AppRsetObject." @@ -841,9 +826,6 @@ msgid "add a Bookmark" msgstr "agregar un atajo" -msgid "add a Card" -msgstr "agregar una ficha" - msgid "add a ECache" msgstr "agregar una memoria cache" @@ -951,9 +933,6 @@ msgid "am/pm calendar (year)" msgstr "calendario am/pm (año)" -msgid "an abstract for this card" -msgstr "un resumen para esta ficha" - msgid "an electronic mail address associated to a short alias" msgstr "una dirección electrónica asociada a este alias" @@ -993,6 +972,9 @@ msgid "attribute" msgstr "atributo" +msgid "attributes with modified permissions:" +msgstr "" + msgid "august" msgstr "agosto" @@ -1268,12 +1250,6 @@ msgid "constraints applying on this relation" msgstr "condiciones que se aplican a esta relación" -msgid "content" -msgstr "contenido" - -msgid "content_format" -msgstr "formato" - msgid "contentnavigation" msgstr "composantes contextuales" @@ -2031,9 +2007,6 @@ msgid "inlined" msgstr "puesto en línea" -msgid "inlined view" -msgstr "vista incluída (en línea)" - msgid "internationalizable" msgstr "internacionalizable" @@ -2315,6 +2288,9 @@ msgid "object" msgstr "objet" +msgid "object_plural:" +msgstr "" + msgid "october" msgstr "octobre" @@ -2374,6 +2350,12 @@ msgid "permission" msgstr "permission" +msgid "permissions for entities" +msgstr "" + +msgid "permissions for relations" +msgstr "" + msgid "permissions for this entity" msgstr "permissions pour cette entitÈ" @@ -2386,9 +2368,6 @@ msgid "pkey" msgstr "clÈ" -msgid "planned_delivery" -msgstr "" - msgid "please correct errors below" msgstr "veuillez corriger les erreurs ci-dessous" @@ -2444,6 +2423,9 @@ msgid "relation_type_object" msgstr "dÈfinition" +msgid "relations" +msgstr "" + msgid "relations deleted" msgstr "relations supprimÈes" @@ -2453,9 +2435,6 @@ msgid "remove this Bookmark" msgstr "supprimer ce signet" -msgid "remove this Card" -msgstr "supprimer cette fiche" - msgid "remove this ECache" msgstr "supprimer ce cache applicatif" @@ -2705,6 +2684,9 @@ msgid "subject/object cardinality" msgstr "cardinalitÈ sujet/objet" +msgid "subject_plural:" +msgstr "" + msgid "sunday" msgstr "dimanche" @@ -2714,9 +2696,6 @@ msgid "symetric" msgstr "symÈtrique" -msgid "synopsis" -msgstr "synopsis" - msgid "system entities" msgstr "entitÈs systËmes" @@ -2833,6 +2812,9 @@ msgid "unknown property key" msgstr "clÈ de propriÈtÈ inconnue" +msgid "up" +msgstr "" + msgid "upassword" msgstr "mot de passe" @@ -2970,9 +2952,6 @@ "org et python-projects@lists.logilab.org), mettez cette propriÈtÈ ‡ vrai sur " "l'une d'entre-elle qui sera la forme canonique" -msgid "wikiid" -msgstr "identifiant wiki" - #, python-format msgid "workflow for %s" msgstr "workflow pour %s" @@ -3001,12 +2980,37 @@ #~ msgid "%s, or without time: %s" #~ msgstr "%s, ou bien sans prÈciser d'heure: %s" +#~ msgid "Card" +#~ msgstr "Ficha" + +#~ msgid "Card_plural" +#~ msgstr "Fichas" + #~ msgid "Loading" #~ msgstr "chargement" +#~ msgid "New Card" +#~ msgstr "Nueva ficha" + #~ msgid "Problem occured while setting new value" #~ msgstr "Un problËme est survenu lors de la mise ‡ jour" +#~ msgid "This Card" +#~ msgstr "Esta Ficha" + +#~ msgid "" +#~ "a card is a textual content used as documentation, reference, procedure " +#~ "reminder" +#~ msgstr "" +#~ "una ficha es un texto utilizado como documentación, referencia, memoria " +#~ "de procedimiento..." + +#~ msgid "add a Card" +#~ msgstr "agregar una ficha" + +#~ msgid "an abstract for this card" +#~ msgstr "un resumen para esta ficha" + #~ msgid "and" #~ msgstr "et" @@ -3016,6 +3020,12 @@ #~ msgid "cancel edition" #~ msgstr "annuler l'Èdition" +#~ msgid "content" +#~ msgstr "contenido" + +#~ msgid "content_format" +#~ msgstr "formato" + #~ msgid "" #~ "default language (look at the i18n directory of the application to see " #~ "available languages)" @@ -3041,6 +3051,9 @@ #~ msgid "incorrect value for type \"%s\"" #~ msgstr "valeur incorrecte pour le type \"%s\"" +#~ msgid "inlined view" +#~ msgstr "vista incluída (en línea)" + #~ msgid "linked" #~ msgstr "liÈ" @@ -3055,11 +3068,20 @@ #~ msgid "owned by" #~ msgstr "appartient ‡" +#~ msgid "remove this Card" +#~ msgstr "supprimer cette fiche" + #~ msgid "see also" #~ msgstr "voir aussi" #~ msgid "status will change from %s to %s" #~ msgstr "l'Ètat va passer de %s ‡ %s" +#~ msgid "synopsis" +#~ msgstr "synopsis" + +#~ msgid "wikiid" +#~ msgstr "identifiant wiki" + #~ msgid "workflow history" #~ msgstr "historique du workflow" diff -r 89567fcc6b15 -r d68aac1cda0d i18n/fr.po --- a/i18n/fr.po Thu Apr 23 12:16:16 2009 +0200 +++ b/i18n/fr.po Fri Apr 24 17:15:28 2009 +0200 @@ -123,6 +123,10 @@ msgid "%s software version of the database" msgstr "version logicielle de la base pour %s" +#, python-format +msgid "%s_perm" +msgstr "" + msgid "**" msgstr "0..n 0..n" @@ -201,12 +205,6 @@ msgid "Bytes_plural" msgstr "Données binaires" -msgid "Card" -msgstr "Fiche" - -msgid "Card_plural" -msgstr "Fiches" - msgid "Date" msgstr "Date" @@ -337,9 +335,6 @@ msgid "New Bookmark" msgstr "Nouveau signet" -msgid "New Card" -msgstr "Nouvelle fiche" - msgid "New ECache" msgstr "Nouveau cache applicatif" @@ -476,9 +471,6 @@ msgid "This Bookmark" msgstr "Ce signet" -msgid "This Card" -msgstr "Cette fiche" - msgid "This ECache" msgstr "Ce cache applicatif" @@ -617,13 +609,6 @@ "transition et l'utilisateur courant." msgid "" -"a card is a textual content used as documentation, reference, procedure " -"reminder" -msgstr "" -"une fiche est un texte utilisé comme documentation, référence, rappel de " -"procédure..." - -msgid "" "a simple cache entity characterized by a name and a validity date. The " "target application is responsible for updating timestamp when necessary to " "invalidate the cache (typically in hooks). Also, checkout the AppRsetObject." @@ -843,9 +828,6 @@ msgid "add a Bookmark" msgstr "ajouter un signet" -msgid "add a Card" -msgstr "ajouter une fiche" - msgid "add a ECache" msgstr "ajouter un cache applicatif" @@ -953,9 +935,6 @@ msgid "am/pm calendar (year)" msgstr "calendrier am/pm (année)" -msgid "an abstract for this card" -msgstr "un résumé pour cette fiche" - msgid "an electronic mail address associated to a short alias" msgstr "une addresse électronique associée à un alias" @@ -995,6 +974,9 @@ msgid "attribute" msgstr "attribut" +msgid "attributes with modified permissions:" +msgstr "attributs ayant des permissions modifiées :" + msgid "august" msgstr "août" @@ -1269,12 +1251,6 @@ msgid "constraints applying on this relation" msgstr "contraintes s'appliquant à cette relation" -msgid "content" -msgstr "contenu" - -msgid "content_format" -msgstr "format" - msgid "contentnavigation" msgstr "composants contextuels" @@ -1904,7 +1880,7 @@ msgstr "cacher le filtre" msgid "hide meta-data" -msgstr "cacher les méta-données" +msgstr "cacher les entités et relations \"méta\"" msgid "home" msgstr "maison" @@ -2031,9 +2007,6 @@ msgid "inlined" msgstr "mise en ligne" -msgid "inlined view" -msgstr "vue embarquée (en ligne)" - msgid "internationalizable" msgstr "internationalisable" @@ -2316,6 +2289,9 @@ msgid "object" msgstr "objet" +msgid "object_plural:" +msgstr "objets :" + msgid "october" msgstr "octobre" @@ -2375,6 +2351,12 @@ msgid "permission" msgstr "permission" +msgid "permissions for entities" +msgstr "permissions pour les entités" + +msgid "permissions for relations" +msgstr "permissions pour les relations" + msgid "permissions for this entity" msgstr "permissions pour cette entité" @@ -2387,9 +2369,6 @@ msgid "pkey" msgstr "clé" -msgid "planned_delivery" -msgstr "livraison prévue" - msgid "please correct errors below" msgstr "veuillez corriger les erreurs ci-dessous" @@ -2445,6 +2424,9 @@ msgid "relation_type_object" msgstr "définition" +msgid "relations" +msgstr "" + msgid "relations deleted" msgstr "relations supprimées" @@ -2454,9 +2436,6 @@ msgid "remove this Bookmark" msgstr "supprimer ce signet" -msgid "remove this Card" -msgstr "supprimer cette fiche" - msgid "remove this ECache" msgstr "supprimer ce cache applicatif" @@ -2652,7 +2631,7 @@ msgstr "afficher le filtre" msgid "show meta-data" -msgstr "afficher les méta-données" +msgstr "afficher le schéma complet" msgid "site configuration" msgstr "configuration du site" @@ -2706,6 +2685,9 @@ msgid "subject/object cardinality" msgstr "cardinalité sujet/objet" +msgid "subject_plural:" +msgstr "sujets :" + msgid "sunday" msgstr "dimanche" @@ -2715,9 +2697,6 @@ msgid "symetric" msgstr "symétrique" -msgid "synopsis" -msgstr "synopsis" - msgid "system entities" msgstr "entités systèmes" @@ -2834,6 +2813,9 @@ msgid "unknown property key" msgstr "clé de propriété inconnue" +msgid "up" +msgstr "" + msgid "upassword" msgstr "mot de passe" @@ -2971,9 +2953,6 @@ "org et python-projects@lists.logilab.org), mettez cette propriété à vrai sur " "l'une d'entre-elle qui sera la forme canonique" -msgid "wikiid" -msgstr "identifiant wiki" - #, python-format msgid "workflow for %s" msgstr "workflow pour %s" @@ -3002,12 +2981,37 @@ #~ msgid "%s, or without time: %s" #~ msgstr "%s, ou bien sans préciser d'heure: %s" +#~ msgid "Card" +#~ msgstr "Fiche" + +#~ msgid "Card_plural" +#~ msgstr "Fiches" + #~ msgid "Loading" #~ msgstr "chargement" +#~ msgid "New Card" +#~ msgstr "Nouvelle fiche" + #~ msgid "Problem occured while setting new value" #~ msgstr "Un problème est survenu lors de la mise à jour" +#~ msgid "This Card" +#~ msgstr "Cette fiche" + +#~ msgid "" +#~ "a card is a textual content used as documentation, reference, procedure " +#~ "reminder" +#~ msgstr "" +#~ "une fiche est un texte utilisé comme documentation, référence, rappel de " +#~ "procédure..." + +#~ msgid "add a Card" +#~ msgstr "ajouter une fiche" + +#~ msgid "an abstract for this card" +#~ msgstr "un résumé pour cette fiche" + #~ msgid "and" #~ msgstr "et" @@ -3017,6 +3021,12 @@ #~ msgid "cancel edition" #~ msgstr "annuler l'édition" +#~ msgid "content" +#~ msgstr "contenu" + +#~ msgid "content_format" +#~ msgstr "format" + #~ msgid "" #~ "default language (look at the i18n directory of the application to see " #~ "available languages)" @@ -3042,6 +3052,9 @@ #~ msgid "incorrect value for type \"%s\"" #~ msgstr "valeur incorrecte pour le type \"%s\"" +#~ msgid "inlined view" +#~ msgstr "vue embarquée (en ligne)" + #~ msgid "linked" #~ msgstr "lié" @@ -3056,11 +3069,23 @@ #~ msgid "owned by" #~ msgstr "appartient à" +#~ msgid "planned_delivery" +#~ msgstr "livraison prévue" + +#~ msgid "remove this Card" +#~ msgstr "supprimer cette fiche" + #~ msgid "see also" #~ msgstr "voir aussi" #~ msgid "status will change from %s to %s" #~ msgstr "l'état va passer de %s à %s" +#~ msgid "synopsis" +#~ msgstr "synopsis" + +#~ msgid "wikiid" +#~ msgstr "identifiant wiki" + #~ msgid "workflow history" #~ msgstr "historique du workflow" diff -r 89567fcc6b15 -r d68aac1cda0d schemaviewer.py --- a/schemaviewer.py Thu Apr 23 12:16:16 2009 +0200 +++ b/schemaviewer.py Fri Apr 24 17:15:28 2009 +0200 @@ -158,7 +158,7 @@ return layout _ = self.req._ if self.req.user.matching_groups('managers'): - layout.append(self.format_acls(eschema, ('read', 'add', 'delete', 'update'))) + # layout.append(self.format_acls(eschema, ('read', 'add', 'delete', 'update'))) # possible views for this entity type views = [_(view.title) for view in self.possible_views(etype)] layout.append(Section(children=(Table(cols=1, rheaders=1, diff -r 89567fcc6b15 -r d68aac1cda0d web/data/cubicweb.acl.css --- a/web/data/cubicweb.acl.css Thu Apr 23 12:16:16 2009 +0200 +++ b/web/data/cubicweb.acl.css Fri Apr 24 17:15:28 2009 +0200 @@ -9,19 +9,90 @@ /* security edition form (views/management.py) */ /******************************************************************************/ +h2.schema{ + background : #ff7700; + color: #fff; + font-weight: bold; + padding : 0.1em 0.3em; +} + + +h3.schema{ + font-weight: bold; +} + +h4 a, +h4 a:link, +h4 a:visited{ + color:#000; + } + table.schemaInfo { - margin: 1ex 1em; + margin: 1em 0em; text-align: left; border: 1px solid black; border-collapse: collapse; + width:100%; } table.schemaInfo th, table.schemaInfo td { - padding: 0em 1em; - border: 1px solid black; + padding: .3em .5em; + border: 1px solid grey; + width:33%; +} + + +table.schemaInfo tr th { + padding: 0.2em 0px 0.2em 5px; + background-image:none; + background-color:#dfdfdf; +} + +table.schemaInfo thead tr { + border: 1px solid #dfdfdf; +} + +table.schemaInfo td { + padding: 3px 10px 3px 5px; + } +.users{ + color : #00CC33; + font-weight: bold } + +.guests{ + color : #ff7700; + font-weight: bold; +} + +.staff{ + color : #0083ab; + font-weight: bold; +} + +.owners{ + color : #8b0000; + font-weight: bold; +} + +.discret, +a.grey{ + color:#666; +} + +a.grey:hover{ + color:#000; +} + +.red{ + color : #ff7700; + } + +div#schema_security{ + width:780px; + } /******************************************************************************/ /* user groups edition form (views/euser.py) */ /******************************************************************************/ diff -r 89567fcc6b15 -r d68aac1cda0d web/data/external_resources --- a/web/data/external_resources Thu Apr 23 12:16:16 2009 +0200 +++ b/web/data/external_resources Fri Apr 24 17:15:28 2009 +0200 @@ -52,3 +52,4 @@ DOWNLOAD_ICON = DATADIR/download.gif UPLOAD_ICON = DATADIR/upload.gif GMARKER_ICON = DATADIR/gmap_blue_marker.png +UP_ICON = DATADIR/up.gif diff -r 89567fcc6b15 -r d68aac1cda0d web/data/up.gif Binary file web/data/up.gif has changed diff -r 89567fcc6b15 -r d68aac1cda0d web/views/management.py --- a/web/views/management.py Thu Apr 23 12:16:16 2009 +0200 +++ b/web/views/management.py Fri Apr 24 17:15:28 2009 +0200 @@ -36,8 +36,47 @@ w(u'\n' % html_escape(msg)) +class SecurityViewMixIn(object): + """display security information for a given schema """ + def schema_definition(self, eschema, link=True, access_types=None): + w = self.w + _ = self.req._ + if not access_types: + access_types = eschema.ACTIONS + w(u'') + w(u'' % ( + _("permission"), _('granted to groups'), _('rql expressions'))) + for access_type in access_types: + w(u'') + w(u'' % _('%s_perm' % access_type)) + groups = eschema.get_groups(access_type) + l = [] + groups = [(_(group), group) for group in groups] + for trad, group in sorted(groups): + if link: + l.append(u'%s
' % ( + self.build_url('egroup/%s' % group), group, trad)) + else: + l.append(u'
%s
' % (group, trad)) + w(u'' % u''.join(l)) + rqlexprs = eschema.get_rqlexprs(access_type) + w(u'' % u'

'.join(expr.expression for expr in rqlexprs)) + w(u'\n') + w(u'
%s%s%s
%s%s%s
') -class SecurityManagementView(EntityView): + def has_schema_modified_permissions(self, eschema, access_types): + """ return True if eschema's actual permissions are diffrents + from the default ones + """ + for access_type in access_types: + if eschema.get_rqlexprs(access_type): + return True + if eschema.get_groups(access_type) != \ + frozenset(eschema.get_default_groups()[access_type]): + return True + return False + +class SecurityManagementView(EntityView, SecurityViewMixIn): """display security information for a given entity""" id = 'security' title = _('security') @@ -54,7 +93,7 @@ html_escape(entity.dc_title()))) # first show permissions defined by the schema self.w('

%s

' % _('schema\'s permissions definitions')) - self.schema_definition(entity) + self.schema_definition(entity.e_schema) self.w('

%s

' % _('manage security')) # ownership information if self.schema.rschema('owned_by').has_perm(self.req, 'add', @@ -70,26 +109,6 @@ if reqpermschema.has_perm(self.req, 'add', fromeid=entity.eid): self.require_permission_edit_form(entity) - def schema_definition(self, entity): - w = self.w - _ = self.req._ - w(u'') - w(u'' % ( - _("access type"), _('granted to groups'), _('rql expressions'))) - for access_type in ('read', 'add', 'update', 'delete'): - w(u'') - w(u'' % self.req.__('%s_permission' % access_type)) - groups = entity.e_schema.get_groups(access_type) - l = [] - for group in groups: - l.append(u'%s' % ( - self.build_url('egroup/%s' % group), _(group))) - w(u'' % u', '.join(l)) - rqlexprs = entity.e_schema.get_rqlexprs(access_type) - w(u'' % u'
'.join(expr.expression for expr in rqlexprs)) - w(u'\n') - w(u'
%s%s%s
%s%s%s
') - def owned_by_edit_form(self, entity): self.w('

%s

' % self.req._('ownership')) begin_form(self.w, entity, 'security', msg= _('ownerships have been changed')) diff -r 89567fcc6b15 -r d68aac1cda0d web/views/startup.py --- a/web/views/startup.py Thu Apr 23 12:16:16 2009 +0200 +++ b/web/views/startup.py Fri Apr 24 17:15:28 2009 +0200 @@ -11,8 +11,10 @@ from cubicweb.common.uilib import ureport_as_html, unormalize, ajax_replace_url from cubicweb.common.view import StartupView +from cubicweb.common.selectors import match_user_group from cubicweb.web.httpcache import EtagHTTPCacheManager - +from cubicweb.web.views.management import SecurityViewMixIn +from copy import deepcopy _ = unicode @@ -158,25 +160,133 @@ def call(self): """display schema information""" self.req.add_js('cubicweb.ajax.js') - self.req.add_css('cubicweb.schema.css') + self.req.add_css(('cubicweb.schema.css','cubicweb.acl.css')) withmeta = int(self.req.form.get('withmeta', 0)) + section = self.req.form.get('sec', '') self.w(u'%s\n' % ( html_escape(self.req.build_url('view', vid='schemagraph', withmeta=withmeta)), self.req._("graphical representation of the application'schema"))) if withmeta: self.w(u'
%s
' % ( - self.build_url('schema', withmeta=0), + html_escape(self.build_url('schema', withmeta=0, sec=section)), self.req._('hide meta-data'))) else: self.w(u'
%s
' % ( - self.build_url('schema', withmeta=1), + html_escape(self.build_url('schema', withmeta=1, sec=section)), self.req._('show meta-data'))) - self.w(u'
%s
' % + self.w(u'%s
' % (html_escape(ajax_replace_url('detailed_schema', '', 'schematext', skipmeta=int(not withmeta))), self.req._('detailed schema view'))) + if self.req.user.matching_groups('managers'): + self.w(u'%s' % + (html_escape(ajax_replace_url('detailed_schema', '', 'schema_security', + skipmeta=int(not withmeta))), + self.req._('security'))) + self.w(u'
') + if section: + self.wview(section, None) + +class SchemaPermissionsView(StartupView, SecurityViewMixIn): + id = 'schema_security' + require_groups = ('managers',) + __selectors__ = StartupView.__selectors__ + (match_user_group,) + + def call(self, display_relations=True, + skiprels=('is', 'is_instance_of', 'identity', 'owned_by', 'created_by')): + _ = self.req._ + formparams = {} + formparams['sec'] = self.id + formparams['withmeta'] = int(self.req.form.get('withmeta', True)) + schema = self.schema + # compute entities + entities = [eschema for eschema in schema.entities() + if not eschema.is_final()] + if not formparams['withmeta']: + entities = [eschema for eschema in entities + if not eschema.meta] + # compute relations + relations = [] + if display_relations: + relations = [rschema for rschema in schema.relations() + if not (rschema.is_final() or rschema.type in skiprels)] + if not formparams['withmeta']: + relations = [rschema for rschema in relations + if not rschema.meta] + # index + self.w(u'
') + self.w(u'

%s

' % _('index').capitalize()) + self.w(u'

%s

' % _('Entities').capitalize()) + ents = [] + for eschema in sorted(entities): + url = html_escape(self.build_url('schema', **formparams) + '#' + eschema.type) + ents.append(u'%s (%s)' % (url, eschema.type, _(eschema.type))) + self.w('%s' % ', '.join(ents)) + self.w(u'

%s

' % (_('relations').capitalize())) + rels = [] + for eschema in sorted(relations): + url = html_escape(self.build_url('schema', **formparams) + '#' + eschema.type) + rels.append(u'%s (%s), ' % (url , eschema.type, _(eschema.type))) + self.w('%s' % ', '.join(ents)) + # entities + self.display_entities(entities, formparams) + # relations + if relations: + self.display_relations(relations, formparams) + self.w(u'
') + + def display_entities(self, entities, formparams): + _ = self.req._ + self.w(u'') + self.w(u'

%s

' % _('permissions for entities').capitalize()) + for eschema in sorted(entities): + self.w(u'' % (eschema.type, eschema.type)) + self.w(u'

%s (%s) ' % (eschema.type, _(eschema.type))) + url = html_escape(self.build_url('schema', **formparams) + '#index') + self.w(u'%s' % (url, self.req.external_resource('UP_ICON'), _('up'))) + self.w(u'

') + self.w(u'
') + self.schema_definition(eschema, link=False) + + # display entity attributes only if they have some permissions modified + modified_attrs = [] + for attr, etype in eschema.attribute_definitions(): + if self.has_schema_modified_permissions(attr, attr.ACTIONS): + modified_attrs.append(attr) + if modified_attrs: + self.w(u'

%s

' % _('attributes with modified permissions:').capitalize()) + self.w(u'
') + self.w(u'
') + for attr in modified_attrs: + self.w(u'

%s (%s)

' % (attr.type, _(attr.type))) + self.schema_definition(attr, link=False) + self.w(u'
') + else: + self.w(u'') + def display_relations(self, relations, formparams): + _ = self.req._ + self.w(u'') + self.w(u'

%s

' % _('permissions for relations').capitalize()) + for rschema in sorted(relations): + self.w(u'' % (rschema.type, rschema.type)) + self.w(u'

%s (%s) ' % (rschema.type, _(rschema.type))) + url = html_escape(self.build_url('schema', **formparams) + '#index') + self.w(u'%s' % (url, self.req.external_resource('UP_ICON'), _('up'))) + self.w(u'

') + self.w(u'
') + subjects = [str(subj) for subj in rschema.subjects()] + self.w(u'
%s %s (%s)
' % (_('subject_plural:'), + ', '.join( [str(subj) for subj in rschema.subjects()]), + ', '.join( [_(str(subj)) for subj in rschema.subjects()]))) + self.w(u'
%s %s (%s)
' % (_('object_plural:'), + ', '.join( [str(obj) for obj in rschema.objects()]), + ', '.join( [_(str(obj)) for obj in rschema.objects()]))) + self.schema_definition(rschema, link=False) + self.w(u'
') + + class SchemaUreportsView(StartupView): id = 'schematext'