本文整理汇总了Python中repoze.what.predicates.has_permission函数的典型用法代码示例。如果您正苦于以下问题:Python has_permission函数的具体用法?Python has_permission怎么用?Python has_permission使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了has_permission函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: __actions__
def __actions__(self, obj):
"""Override this function to define how action links should be displayed for the given record."""
bool_ultimo = obj.bool_ultimo
primary_fields = self.__provider__.get_primary_fields(self.__entity__)
pklist = '/'.join(map(lambda x: str(getattr(obj, x)), primary_fields))
if bool_ultimo == 1:
cod_item = obj.cod_item
value = '<div>'
if has_permission('editar_item'):
value = value + '<div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a></div>'
if has_permission('eliminar_relacion'):
value = value + '<div><form method="POST" action="'+pklist+'" class="button-to"><input type="hidden" name="_method" value="DELETE" /><input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/></form></div>'
value = value + '<div><a class="relacion_link" href="../relacions/?iid='+pklist+'">Relaciones </a><br/><a class="versiones_link" href="./?codi='+cod_item+'">Revertir</a></div></div>'
else:
id_item_rev = DBSession.query(Item).filter_by(cod_item = obj.cod_item, bool_ultimo = 1).one().id_item
ids = str(pklist) + "-" + str(id_item_rev)
href = "./revertir/?ids=" + ids
value = '<div><div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a>'\
'</div><div>'\
'<form method="POST" action="'+pklist+'" class="button-to">'\
'<input type="hidden" name="_method" value="DELETE" />'\
'<input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" '\
'style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/>'\
'</form>'\
'<a class="relacion_link" href="../relacions/?iid='+pklist+'">Relaciones </a>'\
'<a class="volver_link" href="'+href+'">Volver a</a>'\
'</div></div>'
return value
示例2: index
def index(self, **kw):
feegrouups = DBSession.query(FeeGroup).filter(FeeGroup.active == 0).order_by(FeeGroup.order)
companies = DBSession.query(Company, Currency).filter(and_(Company.active == 0,
Currency.active == 0,
Company.currency_id == Currency.id,
)).order_by(Company.name)
result = {
'feegroups' : feegrouups,
'companies' : companies,
'is_fin' : has_permission('FIN_VIEW_ALL'),
}
if has_permission('FIN_VIEW_ALL'): # if FIN team
teams = DBSession.query(LogicTeam).filter(LogicTeam.active == 0).order_by(LogicTeam.order).all()
else:
# get the user's belonging team
teams = []
try:
mp = DBSession.query(Permission).filter(Permission.permission_name == 'MANAGER_VIEW').one()
for g in request.identity["user"].groups:
if mp in g.permissions and g.logicteams:
teams.extend(g.logicteams)
except:
traceback.print_exc()
pass
result['teams'] = teams
return result
示例3: __actions__
def __actions__(self, obj):
"""Override this function to define how action links should be displayed for the given record."""
primary_fields = self.__provider__.get_primary_fields(self.__entity__)
pklist = '/'.join(map(lambda x: str(getattr(obj, x)), primary_fields))
value = '<div>'
if has_permission('editar_fase'):
value = value + '<div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a></div>'
if has_permission('eliminar_fase'):
value = value + '<div><form method="POST" action="'+pklist+'" class="button-to"><input type="hidden" name="_method" value="DELETE" /><input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/></form></div>'
value = value + '<div><a class="itmes_link" href="../items/?fid='+pklist+'">Items</a><br/><a class="lineas_link" href="../lineabases/?fid='+pklist+'">Linea Base</a></div></div>'
return value
示例4: check_fase_permiso
def check_fase_permiso(self, id_fase, permiso_name,nuleable=False):
"""
Controla si el usuario que actualmente se encuentra logeado posee
el deteminado permiso sobre una fase.
@type id_fase : Integer
@param id_fase : Identificador de la fase
@type permiso_name : String
@param permiso_name : Nombre del permiso
@type nuleable : Boolean
@param nuleable : Variable de control del valor de retorno.
Si es True y el usuario no posee permisos
retorna None
@rtype : Predicates
@return : retorna las credenciales del usuario
"""
current_user = self.get_current_user()
#Se obtiene la fase actual
fase = DBSession.query(Fase).get(id_fase)
#se recupera el rol del lider del proyecto
rol = util.get_rol_by_codigo('lider_' + str(fase.proyecto))
#si el usuario es lider del proyecto se salta los controles
if util.usuario_has_rol(current_user.usuario_id, rol) :
return predicates.has_permission(permiso_name)
usuario_permiso_fase = DBSession.query(UsuarioPermisoFase).\
filter(UsuarioPermisoFase.usuario_id ==
RolUsuario.usuario_id).\
filter(UsuarioPermisoFase.fase_id ==
id_fase).\
filter(Permiso.permiso_id ==
UsuarioPermisoFase.permiso_id).\
filter(Permiso.nombre ==
permiso_name).\
filter(RolUsuario.usuario_id ==
current_user.usuario_id).\
all()
if (len(usuario_permiso_fase) != 0):
return predicates.has_permission(permiso_name)
elif nuleable == False:
#return predicates.has_permission(permiso_name+' '+str(id_proyecto))
return predicates.has_permission('Sin permiso')
else:
return None
示例5: permission_met
def permission_met(menu):
"""
This is one of the more complicated methods. It works recursively.
When called, it is given the root of the controller hierarchy. It looks
for the path to the menu entry, and checks everything that it can along
the way: allow_only on all controllers, and the (optional) permission on
the method itself (which must be given to the @menu decorator or
menu_append, see the README for details why and a workaround).
"""
global rootcon
retval = True
if not rootcon:
pname = '%s.controllers.root' % (config['package'].__name__)
__import__(pname)
rootcon = sys.modules[pname].RootController
# Check to see if specific menu permission has been set
permission = menu._permission
if type(permission) is str:
try:
has_permission(permission).check_authorization(request.environ)
return True
except NotAuthorizedError:
return False
elif permission is not None:
try:
permission.check_authorization(request.environ)
return True
except:
return False
else:
# No specific menu permission has been set, walk the tree
lpath = menu._url.split('/')[1:]
currcon = rootcon
for component in lpath:
if hasattr(currcon, 'allow_only'):
try:
getattr(currcon, 'allow_only').check_authorization(request.environ)
except:
return False
if hasattr(currcon, component):
currcon = getattr(currcon, component)
else:
break
return True
示例6: index
def index( self , **kw ):
ws = [OrderHeader.active == 0]
if kw.get( "no", False ) : ws.append( OrderHeader.no.op( "ilike" )( "%%%s%%" % kw["no"] ) )
if kw.get( "customerpo", False ) : ws.append( OrderHeader.customerpo.op( "ilike" )( "%%%s%%" % kw["customerpo"] ) )
if kw.get( "vendorpo", False ) : ws.append( OrderHeader.vendorpo.op( "ilike" )( "%%%s%%" % kw["vendorpo"] ) )
if kw.get( "status", False ) : ws.append( OrderHeader.status == kw["status"] )
if kw.get( "printShopId", False ) : ws.append( OrderHeader.printShopId == kw["printShopId"] )
if kw.get( "create_time_from", False ) : ws.append( OrderHeader.createTime >= kw["create_time_from"] )
if kw.get( "create_time_to", False ) : ws.append( OrderHeader.createTime <= kw["create_time_from"] )
if kw.get( "divisionId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.divisionId == kw['divisionId']] )
if kw.get( "brandId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.brandId == kw['brandId']] )
if kw.get( "categoryId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.categoryId == kw['categoryId']] )
if not has_permission( "MAIN_ORDERING_CHECKING_ALL" ): ws.append( OrderHeader.createById == request.identity["user"].user_id )
result = qry( OrderHeader ).filter( and_( *ws ) ).order_by( desc( OrderHeader.createTime ) ).all()
ps = qry( PrintShop ).filter( and_( PrintShop.active == 0 ) ).order_by( PrintShop.name )
is_admin = False
for g in request.identity["user"].groups :
if g.flag == 'ADMIN' :
is_admin = True
break
return { "result" : result , "values" : kw, "widget" : order_search_form , "printshops" : ps , "is_admin" : is_admin}
示例7: __init__
def __init__(self, *args, **kw):
# /event/url/submissions
self.event = kw.get('event', None)
# /event/url/lesson/id/submissions
self.lesson = kw.get('lesson', None)
# /event/url/sheet/id/assignment/id/submissions
self.assignment = kw.get('assignment', None)
# /event/url/sheet/id/submissions
self.sheet = kw.get('sheet', None)
if self.event:
pass
elif self.lesson:
self.event = self.lesson.event
elif self.assignment:
self.event = self.assignment.sheet.event
elif self.sheet:
self.event = self.sheet.event
else:
log.warn('SubmissionController without any filter')
flash('You can not view Submissions without any constraint.', 'error')
abort(400)
# Allow access for event teacher and lesson teacher
self.allow_only = Any(
has('teachers', self.event),
has('tutors', self.lesson),
# has_teacher(self.event),
# has_teachers(self.event),
# has_teacher(self.lesson),
has_permission('manage'),
msg=u'You have no permission to manage this Lesson'
)
self.table = SubmissionTable(DBSession)
self.table_filler = SubmissionTableFiller(DBSession, lesson=self.lesson)
示例8: protect_obj_modify
def protect_obj_modify(protected_obj=None):
p = protected_obj
if p:
if not Any(is_user(p.user.user_name),
has_permission('dmirr_admin'),
in_group(p.group.group_name)):
raise NotAuthorizedError
示例9: get_failures
def get_failures(self):
"""
Retourne la liste (au format JSON) des collecteurs Vigilo en panne.
Déclenche un appel à la méthode flash si cette liste est non vide.
"""
# On vérifie que l'utilisateurs dispose des permissions appropriées
All(
not_anonymous(msg=_("You need to be authenticated")),
Any(
config.is_manager,
has_permission('%s-access' % config.app_name.lower()),
msg=_("You don't have access to %s") % config.app_name
)
).check_authorization(request.environ)
# On récupère la liste des connecteurs en panne
failures = self.check_connectors_freshness()
# Si cette liste n'est pas vide, on affiche un message à l'utilisateur
if failures:
flash(_(
'Vigilo has detected a breakdown on the following '
'collector(s): %(list)s'
) % {'list': ', '.join(failures)},
'error'
)
# Dans les 2 cas (liste vide ou non), on la retourne au format JSON
return dict(failures=failures)
示例10: index
def index(self, **kw):
companies = DBSession.query(Company, Currency).filter(and_(Company.active == 0,
Currency.active == 0,
Company.currency_id == Currency.id,
)).order_by(Company.name)
subline = DBSession.query(Subline).filter(and_(Subline.active == 0)).order_by(Subline.label)
saletype = DBSession.query(SaleType).filter(and_(SaleType.active == 0)).order_by(SaleType.label)
result = {
'companies' : companies,
'subline' : subline,
'saletype' : saletype,
}
if has_permission('FIN_VIEW_ALL'): # if FIN team
teams = DBSession.query(LogicTeam).filter(and_(LogicTeam.active == 0, LogicTeam.for_sale == 0)).order_by(LogicTeam.order).all()
result['is_fin'] = True
else:
# get the user's belonging team
result['is_fin'] = False
teams = []
try:
mp = DBSession.query(Permission).filter(Permission.permission_name == 'MANAGER_VIEW').one()
for g in request.identity["user"].groups:
if mp in g.permissions and g.logicteams:
teams.extend(g.logicteams)
except:
traceback.print_exc()
pass
result['teams'] = teams
return result
示例11: admin
def admin(self,id=None,page=1):
def asort(sort,querystr):
feilds ={'1':'Invoice.id',
'2':'Invoice.customer_id',
'3':'Invoice.date_time',
'4':'Invoice.total_price',
'5':'Invoice.Description',}
if sort != '':
if session['invoice_sort_togle'][sort]:
session['invoice_sort_togle'][sort] = False
direction = '.desc()'
else:
session['invoice_sort_togle'][sort] = True
direction = '.asc()'
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
session['invoice_sort'] = sort
session['invoice_sort_direction']=direction
session.save()
elif 'invoice_sort' in session:
sort = session['invoice_sort']
direction = session['invoice_sort_direction']
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
return querystr
came_from = str(request.GET.get('came_from', ''))
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if came_from == 'removeproduct':
h.flash('To delete a product find it in the table and press on the Delete link')
elif came_from == 'editproduct':
h.flash('To Edit a product details find it in the table below and press on the Edit link')
sort = str(request.GET.get('sort',''))
if 'invoice_sort_togle' not in session:
session['invoice_sort_togle']={'1':True,
'2':True,
'3':True,
'4':True,
'5':True,}
session.save()
querystr=''
if is_met(has_permission('view_invoice')):
Uc = aliased(User)
Us = aliased(User)
if 'invoice_querystr' in session:
querystr = asort(sort,querystr)
invoices = eval(session['invoice_querystr']+querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/invoice/staff/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
querystr = "Session.query(Invoice).filter(Invoice.deleted==False)"
querystr = asort(sort,querystr)
invoices = eval(querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/invoice/staff/index.html')
示例12: _cal
def _cal(self, context, done_rs, notdone_rs):
# handle the cal fields
updated_rs = {}
while len(notdone_rs) > 0:
ids_set = set(map(unicode, done_rs.keys()))
tmp = []
for obj in notdone_rs:
feeitem = getattr(obj, 'feeitem', DBSession.query(FeeItem).get(obj.feeitem_id))
args_list = map(lambda v: unicode(v.strip()), feeitem.args.split(","))
args_ids = filter(lambda a : a.isdigit(), args_list)
args_set = set(args_ids)
if not args_set.issubset(ids_set): # if not all the args is ready ,put it to the next round
tmp.append(obj)
continue
# if all the params is fulfill ,the cal the val
# 1. get the fomula
fun = eval(feeitem.expression.exp)
# 2, prepare the args value
attrs = ['actual_value', 'budget_value'] if has_permission('FIN_VIEW_ALL') else ['forecast_value']
for attr in attrs:
vals = []
for a in args_list:
if a.isdigit() : vals.append(float(getattr(done_rs[a], attr) or 0.0))
elif a.startswith('$') : vals.append(context[a[1:]])
# 3. run the exp and set the value
setattr(obj, attr, fin_helper.round2int(fun(*vals)))
done_rs[unicode(obj.feeitem_id)] = obj
updated_rs[unicode(obj.feeitem_id)] = obj
notdone_rs = tmp
return updated_rs
示例13: protect_product_release_obj
def protect_product_release_obj(protected_obj=None):
p = protected_obj
if p:
if not Any(is_user(p.product.project.user.user_name),
has_permission('dmirr_admin'),
in_group(p.product.project.group.group_name)):
raise NotAuthorizedError
示例14: index
def index(self):
admin=False
if predicates.not_anonymous():
if predicates.has_permission('admin'):
admin=True
osfamilies = DBSession.query(OSFamily).order_by('name')
return dict(osfamilies=osfamilies, num_items=osfamilies.count(),
admin=admin)
示例15: edit
def edit(self,id):
if is_met(has_permission(u'edit_invoice')):
return render_edit_form_admin(self.menu_items,id=id)
else:
#check to see if the user is the owner of the invoice and invoice is pending the show edit form
#check to see if staff is editing the form
h.flash(_('You don not have enough permission to edit invoice'))
return redirect(url(controller='invoice',action='index'))