vendor/CMF/1.5.2/DCWorkflow

view Guard.py @ 0:e89e53b8c32e

Vendor import of CMF 1.5.2
author fguillaume
date Wed, 20 Jul 2005 16:21:26 +0000
parents
children
line source
1 ##############################################################################
2 #
3 # Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
4 #
5 # This software is subject to the provisions of the Zope Public License,
6 # Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
7 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
8 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
10 # FOR A PARTICULAR PURPOSE.
11 #
12 ##############################################################################
13 """ Guard conditions in a web-configurable workflow.
15 $Id: Guard.py,v 1.16.2.1 2005/04/26 15:59:42 anguenot Exp $
16 """
18 from cgi import escape
20 from Globals import DTMLFile
21 from Globals import InitializeClass
22 from Globals import Persistent
23 from AccessControl import ClassSecurityInfo
24 from Acquisition import Explicit
25 from Acquisition import aq_base
27 from Products.CMFCore.utils import _checkPermission
29 from Expression import Expression
30 from Expression import StateChangeInfo
31 from Expression import createExprContext
32 from permissions import ManagePortal
33 from utils import _dtmldir
36 class Guard (Persistent, Explicit):
37 permissions = ()
38 roles = ()
39 groups = ()
40 expr = None
42 security = ClassSecurityInfo()
43 security.declareObjectProtected(ManagePortal)
45 guardForm = DTMLFile('guard', _dtmldir)
47 def check(self, sm, wf_def, ob, **kw):
48 """Checks conditions in this guard.
49 """
50 u_roles = None
51 if wf_def.manager_bypass:
52 # Possibly bypass.
53 u_roles = sm.getUser().getRolesInContext(ob)
54 if 'Manager' in u_roles:
55 return 1
56 if self.permissions:
57 for p in self.permissions:
58 if _checkPermission(p, ob):
59 break
60 else:
61 return 0
62 if self.roles:
63 # Require at least one of the given roles.
64 if u_roles is None:
65 u_roles = sm.getUser().getRolesInContext(ob)
66 for role in self.roles:
67 if role in u_roles:
68 break
69 else:
70 return 0
71 if self.groups:
72 # Require at least one of the specified groups.
73 u = sm.getUser()
74 b = aq_base( u )
75 if hasattr( b, 'getGroupsInContext' ):
76 u_groups = u.getGroupsInContext( ob )
77 elif hasattr( b, 'getGroups' ):
78 u_groups = u.getGroups()
79 else:
80 u_groups = ()
81 for group in self.groups:
82 if group in u_groups:
83 break
84 else:
85 return 0
86 expr = self.expr
87 if expr is not None:
88 econtext = createExprContext(
89 StateChangeInfo(ob, wf_def, kwargs=kw))
90 res = expr(econtext)
91 if not res:
92 return 0
93 return 1
95 security.declareProtected(ManagePortal, 'getSummary')
96 def getSummary(self):
97 # Perhaps ought to be in DTML.
98 res = []
99 if self.permissions:
100 res.append('Requires permission:')
101 res.append(formatNameUnion(self.permissions))
102 if self.roles:
103 if res:
104 res.append('<br/>')
105 res.append('Requires role:')
106 res.append(formatNameUnion(self.roles))
107 if self.groups:
108 if res:
109 res.append('<br/>')
110 res.append('Requires group:')
111 res.append(formatNameUnion(self.groups))
112 if self.expr is not None:
113 if res:
114 res.append('<br/>')
115 res.append('Requires expr:')
116 res.append('<code>' + escape(self.expr.text) + '</code>')
117 return ' '.join(res)
119 def changeFromProperties(self, props):
120 '''
121 Returns 1 if changes were specified.
122 '''
123 if props is None:
124 return 0
125 res = 0
126 s = props.get('guard_permissions', None)
127 if s:
128 res = 1
129 p = [ permission.strip() for permission in s.split(';') ]
130 self.permissions = tuple(p)
131 s = props.get('guard_roles', None)
132 if s:
133 res = 1
134 r = [ role.strip() for role in s.split(';') ]
135 self.roles = tuple(r)
136 s = props.get('guard_groups', None)
137 if s:
138 res = 1
139 g = [ group.strip() for group in s.split(';') ]
140 self.groups = tuple(g)
141 s = props.get('guard_expr', None)
142 if s:
143 res = 1
144 self.expr = Expression(s)
145 return res
147 security.declareProtected(ManagePortal, 'getPermissionsText')
148 def getPermissionsText(self):
149 if not self.permissions:
150 return ''
151 return '; '.join(self.permissions)
153 security.declareProtected(ManagePortal, 'getRolesText')
154 def getRolesText(self):
155 if not self.roles:
156 return ''
157 return '; '.join(self.roles)
159 security.declareProtected(ManagePortal, 'getGroupsText')
160 def getGroupsText(self):
161 if not self.groups:
162 return ''
163 return '; '.join(self.groups)
165 security.declareProtected(ManagePortal, 'getExprText')
166 def getExprText(self):
167 if not self.expr:
168 return ''
169 return str(self.expr.text)
171 InitializeClass(Guard)
174 def formatNameUnion(names):
175 escaped = ['<code>' + escape(name) + '</code>' for name in names]
176 if len(escaped) == 2:
177 return ' or '.join(escaped)
178 elif len(escaped) > 2:
179 escaped[-1] = ' or ' + escaped[-1]
180 return '; '.join(escaped)