本文整理汇总了Python中AccessControl.Permission.Permission类的典型用法代码示例。如果您正苦于以下问题:Python Permission类的具体用法?Python Permission怎么用?Python Permission使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Permission类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: _modifyPermissionMappings
def _modifyPermissionMappings(ob, map):
"""
Modifies multiple role to permission mappings.
"""
# This mimics what AccessControl/Role.py does.
# Needless to say, it's crude. :-(
something_changed = 0
perm_info = _ac_inherited_permissions(ob, 1)
for name, settings in map.items():
cur_roles = rolesForPermissionOn(name, ob)
if isinstance(cur_roles, basestring):
cur_roles = [cur_roles]
else:
cur_roles = list(cur_roles)
changed = 0
for (role, allow) in settings.items():
if not allow:
if role in cur_roles:
changed = 1
cur_roles.remove(role)
else:
if role not in cur_roles:
changed = 1
cur_roles.append(role)
if changed:
data = () # The list of methods using this permission.
for perm in perm_info:
n, d = perm[:2]
if n == name:
data = d
break
p = Permission(name, data, ob)
p.setRoles(tuple(cur_roles))
something_changed = 1
return something_changed示例2: allowed
def allowed(context, permission=None):
"""
Roles that have `permission` and why.
Returns {PERM_NAME: {'Role': (REASON, META), ..}, ..}
where `REASON` in ('assigned', 'inherited').
`META` can be None or dict supplying extra info, like `source` of
permission inheritance.
"""
out = {}
all_roles = context.valid_roles()
permissions = context.ac_inherited_permissions(1)
if permission:
permissions = [x for x in permissions if x[0] == permission]
for perm in permissions:
name, value = perm[:2]
maps = out[name] = {}
perm = Permission(name, value, context)
roles = perm.getRoles(default=[])
for role in roles:
maps[role] = ('assigned', None)
if isinstance(roles, list):
for role in set(all_roles) - set(roles):
from_parent = allowed(context.aq_parent, name)
parent_permission = from_parent[name].get(role)
if parent_permission:
reason, meta = parent_permission
if reason == 'assigned':
maps[role] = ('inherited',
{'source': ofs_path(context.aq_parent)})
elif reason == 'inherited':
maps[role] = parent_permission
return out示例3: listPermissions
def listPermissions( self ):
""" List permissions for export.
o Returns a sqeuence of mappings describing locally-modified
permission / role settings. Keys include:
'permission' -- the name of the permission
'acquire' -- a flag indicating whether to acquire roles from the
site's container
'roles' -- the list of roles which have the permission.
o Do not include permissions which both acquire and which define
no local changes to the acquired policy.
"""
permissions = []
valid_roles = self.listRoles()
for perm in self._site.ac_inherited_permissions( 1 ):
name = perm[ 0 ]
p = Permission( name, perm[ 1 ], self._site )
roles = p.getRoles( default=[] )
acquire = isinstance( roles, list ) # tuple means don't acquire
roles = [ r for r in roles if r in valid_roles ]
roles.sort()
if roles or not acquire:
permissions.append( { 'name' : name
, 'acquire' : acquire
, 'roles' : roles
} )
return permissions示例4: manage_changePermissions
def manage_changePermissions(self, REQUEST):
"""Change all permissions settings, called by management screen.
"""
valid_roles=self.valid_roles()
indexes=range(len(valid_roles))
have=REQUEST.has_key
permissions=self.ac_inherited_permissions(1)
fails = []
for ip in range(len(permissions)):
roles = []
for ir in indexes:
if have("p%dr%d" % (ip, ir)):
roles.append(valid_roles[ir])
name, value = permissions[ip][:2]
try:
p = Permission(name, value, self)
if not have('a%d' % ip):
roles=tuple(roles)
p.setRoles(roles)
except:
fails.append(name)
if fails:
return MessageDialog(title="Warning!",
message="Some permissions had errors: "
+ escape(', '.join(fails)),
action='manage_access')
return MessageDialog(
title = 'Success!',
message = 'Your changes have been saved',
action = 'manage_access')示例5: manage_role
def manage_role(self, role_to_manage, permissions=[]):
"""Change the permissions given to the given role.
"""
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
p = Permission(name, value, self)
p.setRole(role_to_manage, name in permissions)示例6: permission_settings
def permission_settings(self, permission=None):
"""Return user-role permission settings.
If 'permission' is passed to the method then only the settings for
'permission' is returned.
"""
result=[]
valid=self.valid_roles()
indexes=range(len(valid))
ip=0
permissions = self.ac_inherited_permissions(1)
# Filter permissions
if permission:
permissions = [p for p in permissions if p[0] == permission]
for p in permissions:
name, value = p[:2]
p=Permission(name, value, self)
roles = p.getRoles(default=[])
d={'name': name,
'acquire': isinstance(roles, list) and 'CHECKED' or '',
'roles': map(
lambda ir, roles=roles, valid=valid, ip=ip:
{
'name': "p%dr%d" % (ip, ir),
'checked': (valid[ir] in roles) and 'CHECKED' or '',
},
indexes)
}
ip = ip + 1
result.append(d)
return result示例7: manage_doCustomize
def manage_doCustomize(self, folder_path, RESPONSE=None):
"""Makes a ZODB Based clone with the same data.
Calls _createZODBClone for the actual work.
"""
obj = self._createZODBClone()
parent = aq_parent(aq_inner(self))
# Preserve cache manager associations
cachemgr_id = self.ZCacheable_getManagerId()
if ( cachemgr_id and
getattr(obj, 'ZCacheable_setManagerId', None) is not None ):
obj.ZCacheable_setManagerId(cachemgr_id)
# If there are proxy roles we preserve them
proxy_roles = getattr(aq_base(self), '_proxy_roles', None)
if proxy_roles is not None and isinstance(proxy_roles, tuple):
obj._proxy_roles = tuple(self._proxy_roles)
# Also, preserve any permission settings that might have come
# from a metadata file or from fiddling in the ZMI
old_info = [x[:2] for x in self.ac_inherited_permissions(1)]
for old_perm, value in old_info:
p = Permission(old_perm, value, self)
acquired = int(isinstance(p.getRoles(default=[]), list))
rop_info = self.rolesOfPermission(old_perm)
roles = [x['name'] for x in rop_info if x['selected'] != '']
try:
# if obj is based on OFS.ObjectManager an acquisition context is
# required for _subobject_permissions()
obj.__of__(parent).manage_permission(old_perm, roles=roles,
acquire=acquired)
except ValueError:
# The permission was invalid, never mind
pass
id = obj.getId()
fpath = tuple( folder_path.split('/') )
portal_skins = getUtility(ISkinsTool)
folder = portal_skins.restrictedTraverse(fpath)
if id in folder.objectIds():
# we cant catch the badrequest so
# we'll that to check before hand
obj = folder._getOb(id)
if RESPONSE is not None:
RESPONSE.redirect('%s/manage_main?manage_tabs_message=%s' % (
obj.absolute_url(), html_quote("An object with this id already exists")
))
else:
folder._verifyObjectPaste(obj, validate_src=0)
folder._setObject(id, obj)
if RESPONSE is not None:
RESPONSE.redirect('%s/%s/manage_main' % (
folder.absolute_url(), id))
if RESPONSE is not None:
RESPONSE.redirect('%s/%s/manage_main' % (
folder.absolute_url(), id))示例8: manage_changePermissions
def manage_changePermissions(self, REQUEST):
"""Change all permissions settings, called by management screen."""
valid_roles = self.valid_roles()
have = REQUEST.__contains__
permissions = self.ac_inherited_permissions(1)
fails = []
for ip in range(len(permissions)):
permission_name = permissions[ip][0]
permission_hash = _string_hash(permission_name)
roles = []
for role in valid_roles:
role_name = role
role_hash = _string_hash(role_name)
if have("permission_%srole_%s" % (permission_hash, role_hash)):
roles.append(role)
name, value = permissions[ip][:2]
try:
p = Permission(name, value, self)
if not have('acquire_%s' % permission_hash):
roles = tuple(roles)
p.setRoles(roles)
except Exception:
fails.append(name)
if fails:
raise BadRequest('Some permissions had errors: '
+ escape(', '.join(fails), True))
if REQUEST is not None:
return self.manage_access(REQUEST)示例9: getPermissionMapping
def getPermissionMapping(self):
""" Return the permission mapping for the parent """
ret = {}
for zope_perm in self.permissions:
permission = Permission(zope_perm, (), self.aq_parent)
ret[zope_perm] = permission.getRoles()
return ret示例10: update
def update(app):
catalog = getattr(app, 'Catalog')
brains = catalog(meta_type='Report Document')
for brain in brains:
doc = brain.getObject()
valid_roles = doc.valid_roles()
if 'Auditor' in valid_roles:
permissions = doc.ac_inherited_permissions(1)
for perm in permissions:
name, value = perm[:2]
if name == 'View':
p = Permission(name, value, doc)
roles = list(p.getRoles())
if 'Auditor' not in roles:
roles.append('Auditor')
roles = tuple(roles)
try:
p.setRoles(roles)
print "Added Auditor to View permission for %s" % doc.absolute_url()
except:
print "Failed"
transaction.commit()示例11: testChangeUseOpenFlowPermission
def testChangeUseOpenFlowPermission(self):
from AccessControl.Permission import Permission
perms = self.of.ac_inherited_permissions(1)
name, value = [p for p in perms if p[0]=='Use OpenFlow'][0][:2]
p=Permission(name,value,self.of)
roles = ['Authenticated']
p.setRoles(roles)示例12: getPermissionMapping
def getPermissionMapping(self):
""" Return the permission mapping for the object """
mapping = {}
for permission in self.permissions:
permission_object = Permission(permission, (), self.getObject())
mapping[permission] = permission_object.getRoles()
return mapping示例13: getPermissionsWithAcquiredRoles
def getPermissionsWithAcquiredRoles(self):
""" Return the permissions which acquire roles from their parents """
ret = []
for zope_perm in self.permissions:
permission = Permission(zope_perm, (), self.aq_parent)
if isinstance(permission.getRoles(), list):
ret.append(zope_perm)
return ret示例14: _getTempFolder
def _getTempFolder(self, type_name):
factory_info = self.REQUEST.get(FACTORY_INFO, {})
tempFolder = factory_info.get(type_name, None)
if tempFolder:
tempFolder = aq_inner(tempFolder).__of__(self)
return tempFolder
# make sure we can add an object of this type to the temp folder
types_tool = getToolByName(self, 'portal_types')
if not type_name in types_tool.TempFolder.allowed_content_types:
# update allowed types for tempfolder
types_tool.TempFolder.allowed_content_types=(types_tool.listContentTypes())
tempFolder = TempFolder(type_name).__of__(self)
intended_parent = aq_parent(self)
portal = getToolByName(self, 'portal_url').getPortalObject()
folder_roles = {} # mapping from permission name to list or tuple of roles
# list if perm is acquired; tuple if not
n_acquired = 0 # number of permissions that are acquired
# build initial folder_roles dictionary
for p in intended_parent.ac_inherited_permissions(1):
name, value = p[:2]
p=Permission(name,value,intended_parent)
roles = p.getRoles()
folder_roles[name] = roles
if isinstance(roles, list):
n_acquired += 1
# If intended_parent is not the portal, walk up the acquisition hierarchy and
# acquire permissions explicitly so we can assign the acquired version to the
# temp_folder. In addition to being cumbersome, this is undoubtedly very slow.
if intended_parent != portal:
parent = aq_parent(aq_inner(intended_parent))
while(n_acquired and parent!=portal):
n_acquired = 0
for p in parent.ac_inherited_permissions(1):
name, value = p[:2]
roles = folder_roles[name]
if isinstance(roles, list):
p=Permission(name,value,parent)
aq_roles=p.getRoles()
for r in aq_roles:
if not r in roles:
roles.append(r)
if isinstance(aq_roles, list):
n_acquired += 1
else:
roles = tuple(roles)
folder_roles[name] = roles
parent = aq_parent(aq_inner(parent))
for name, roles in folder_roles.items():
tempFolder.manage_permission(name, roles, acquire=isinstance(roles, list))
factory_info[type_name] = tempFolder
self.REQUEST.set(FACTORY_INFO, factory_info)
return tempFolder示例15: _update
def _update(self, portal):
permission = "Naaya - Create user"
p = Permission(permission, (), portal)
if 'Administrator' not in p.getRoles():
permission_add_role(portal, permission, 'Administrator')
permission_add_role(portal, permission, 'Anonymous')
self.log.debug('Added %s permission', permission)
return True