[CMF-checkins] CVS: CMF/CMFCore - CMFCoreExceptions.py:1.2
CMFCorePermissions.py:1.17 MemberDataTool.py:1.31
MembershipTool.py:1.39 PortalFolder.py:1.49 __init__.py:1.24
Yvo Schubbe
schubbe at web.de
Wed Sep 24 06:02:45 EDT 2003
Update of /cvs-repository/CMF/CMFCore
In directory cvs.zope.org:/tmp/cvs-serv1184/CMFCore
Modified Files:
CMFCorePermissions.py MemberDataTool.py MembershipTool.py
PortalFolder.py __init__.py
Added Files:
CMFCoreExceptions.py
Log Message:
Merged yuppie-deleteMembers-branch:
- Added deleteMemberData, deleteMemberArea and deleteLocalRoles.
- Added 'recursive' argument to deleteLocalRoles.
- Renamed createMemberarea to createMemberArea.
- Moved getMembersFolder to CMFCore.
- Added CMFCoreExceptions.py.
- Added 'Change local roles' Permission.
=== CMF/CMFCore/CMFCoreExceptions.py 1.1 => 1.2 ===
--- /dev/null Wed Sep 24 06:02:45 2003
+++ CMF/CMFCore/CMFCoreExceptions.py Wed Sep 24 06:02:14 2003
@@ -0,0 +1,40 @@
+##############################################################################
+#
+# Copyright (c) 2003 Zope Corporation and Contributors. All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+""" Declare Exceptions used throughout the CMF.
+
+$Id$
+"""
+
+from AccessControl import allow_class
+from AccessControl import Unauthorized
+
+
+class CMFError(Exception):
+ """ The root of all CMF evil.
+ """
+
+allow_class(CMFError)
+
+
+class CMFNotImplementedError(NotImplementedError, CMFError):
+ """ NotImplementedError in CMF.
+ """
+
+allow_class(CMFNotImplementedError)
+
+
+class CMFUnauthorizedError(Unauthorized, CMFError):
+ """ Unauthorized error in CMF.
+ """
+
+allow_class(CMFUnauthorizedError)
=== CMF/CMFCore/CMFCorePermissions.py 1.16 => 1.17 ===
--- CMF/CMFCore/CMFCorePermissions.py:1.16 Wed Sep 3 05:21:21 2003
+++ CMF/CMFCore/CMFCorePermissions.py Wed Sep 24 06:02:14 2003
@@ -92,6 +92,9 @@
SetOwnProperties = 'Set own properties'
setDefaultRoles(SetOwnProperties, ('Manager',)) # + Member
+ChangeLocalRoles = 'Change local roles'
+setDefaultRoles(ChangeLocalRoles, ('Owner', 'Manager'))
+
MailForgottenPassword = 'Mail forgotten password'
setDefaultRoles(MailForgottenPassword, ('Anonymous', 'Manager',))
=== CMF/CMFCore/MemberDataTool.py 1.30 => 1.31 ===
--- CMF/CMFCore/MemberDataTool.py:1.30 Fri May 9 13:46:10 2003
+++ CMF/CMFCore/MemberDataTool.py Wed Sep 24 06:02:14 2003
@@ -169,11 +169,8 @@
security.declarePrivate('pruneMemberDataContents')
def pruneMemberDataContents(self):
- '''
- Compare the user IDs stored in the member data
- tool with the list in the actual underlying acl_users
- and delete anything not in acl_users
- '''
+ """ Delete data contents of all members not listet in acl_users.
+ """
membertool= getToolByName(self, 'portal_membership')
members = self._members
user_list = membertool.listMemberIds()
@@ -216,13 +213,20 @@
security.declarePrivate('registerMemberData')
def registerMemberData(self, m, id):
- '''
- Adds the given member data to the _members dict.
- This is done as late as possible to avoid side effect
- transactions and to reduce the necessary number of
- entries.
- '''
+ """ Add the given member data to the _members btree.
+ """
self._members[id] = m
+
+ security.declarePrivate('deleteMemberData')
+ def deleteMemberData(self, member_id):
+ """ Delete member data of specified member.
+ """
+ members = self._members
+ if members.has_key(member_id):
+ del members[member_id]
+ return 1
+ else:
+ return 0
InitializeClass(MemberDataTool)
=== CMF/CMFCore/MembershipTool.py 1.38 => 1.39 ===
--- CMF/CMFCore/MembershipTool.py:1.38 Wed Sep 3 05:21:21 2003
+++ CMF/CMFCore/MembershipTool.py Wed Sep 24 06:02:14 2003
@@ -15,20 +15,29 @@
$Id$
"""
+from types import StringType
from utils import UniqueObject, _getAuthenticatedUser, _checkPermission
from utils import getToolByName, _dtmldir
from OFS.Folder import Folder
-from Globals import InitializeClass, DTMLFile, MessageDialog, \
- PersistentMapping
from Acquisition import aq_base
+from Acquisition import aq_inner
+from Acquisition import aq_parent
from AccessControl.User import nobody
from AccessControl import ClassSecurityInfo
+from Globals import DTMLFile
+from Globals import InitializeClass
+from Globals import MessageDialog
+from Globals import PersistentMapping
+
+from ActionProviderBase import ActionProviderBase
+from CMFCoreExceptions import CMFNotImplementedError
+from CMFCoreExceptions import CMFUnauthorizedError
from CMFCorePermissions import AccessContentsInformation
+from CMFCorePermissions import ChangeLocalRoles
from CMFCorePermissions import ManagePortal
from CMFCorePermissions import ManageUsers
from CMFCorePermissions import SetOwnPassword
from CMFCorePermissions import View
-from ActionProviderBase import ActionProviderBase
from interfaces.portal_membership \
import portal_membership as IMembershipTool
@@ -189,6 +198,14 @@
else:
return ''
+ security.declarePublic('getMembersFolder')
+ def getMembersFolder(self):
+ """ Get the members folder object.
+ """
+ parent = aq_parent( aq_inner(self) )
+ members = getattr(parent, 'Members', None)
+ return members
+
security.declareProtected(ManagePortal, 'getMemberareaCreationFlag')
def getMemberareaCreationFlag(self):
"""
@@ -220,14 +237,13 @@
message='Member area creation flag has been updated',
action ='manage_mapRoles')
- security.declarePublic('createMemberarea')
- def createMemberarea(self, member_id=''):
+ security.declarePublic('createMemberArea')
+ def createMemberArea(self, member_id=''):
""" Create a member area for 'member_id' or authenticated user.
"""
if not self.getMemberareaCreationFlag():
return None
- parent = self.aq_inner.aq_parent
- members = getattr(parent, 'Members', None)
+ members = self.getMembersFolder()
if not members:
return None
if self.isAnonymousUser():
@@ -266,6 +282,22 @@
f.manage_setLocalRoles(member_id, ['Owner'])
return f
+ security.declarePublic('createMemberarea')
+ createMemberarea = createMemberArea
+
+ security.declareProtected(ManageUsers, 'deleteMemberArea')
+ def deleteMemberArea(self, member_id):
+ """ Delete member area of member specified by member_id.
+ """
+ members = self.getMembersFolder()
+ if not members:
+ return 0
+ if hasattr( aq_base(members), member_id ):
+ members.manage_delObjects(member_id)
+ return 1
+ else:
+ return 0
+
security.declarePublic('isAnonymousUser')
def isAnonymousUser(self):
'''
@@ -360,7 +392,7 @@
""" What local roles can I assign? """
member = self.getAuthenticatedMember()
- if 'Manager' in member.getRoles():
+ if _checkPermission(ManageUsers, obj):
return self.getPortalRoles()
else:
member_roles = list( member.getRolesInContext( obj ) )
@@ -369,12 +401,11 @@
return tuple( member_roles )
security.declareProtected(View, 'setLocalRoles')
- def setLocalRoles( self, obj, member_ids, member_role, reindex=1 ):
- """ Set local roles on an item """
- member = self.getAuthenticatedMember()
- my_roles = member.getRolesInContext( obj )
-
- if 'Manager' in my_roles or member_role in my_roles:
+ def setLocalRoles(self, obj, member_ids, member_role, reindex=1):
+ """ Add local roles on an item.
+ """
+ if ( _checkPermission(ChangeLocalRoles, obj)
+ and member_role in self.getCandidateLocalRoles(obj) ):
for member_id in member_ids:
roles = list(obj.get_local_roles_for_userid( userid=member_id ))
@@ -389,15 +420,21 @@
obj.reindexObjectSecurity()
security.declareProtected(View, 'deleteLocalRoles')
- def deleteLocalRoles( self, obj, member_ids, reindex=1 ):
- """ Delete local roles for members member_ids """
- member = self.getAuthenticatedMember()
- my_roles = member.getRolesInContext( obj )
-
- if 'Manager' in my_roles or 'Owner' in my_roles:
- obj.manage_delLocalRoles( userids=member_ids )
+ def deleteLocalRoles(self, obj, member_ids, reindex=1, recursive=0):
+ """ Delete local roles of specified members.
+ """
+ if _checkPermission(ChangeLocalRoles, obj):
+ for member_id in member_ids:
+ if obj.get_local_roles_for_userid(userid=member_id):
+ obj.manage_delLocalRoles(userids=member_ids)
+ break
+
+ if recursive and hasattr( aq_base(obj), 'contentValues' ):
+ for subobj in obj.contentValues():
+ self.deleteLocalRoles(subobj, member_ids, 0, 1)
if reindex:
+ # reindexObjectSecurity is always recursive
obj.reindexObjectSecurity()
security.declarePrivate('addMember')
@@ -420,6 +457,49 @@
member = self.getMemberById(id)
member.setMemberProperties(properties)
+ security.declareProtected(ManageUsers, 'deleteMembers')
+ def deleteMembers(self, member_ids, delete_memberareas=1,
+ delete_localroles=1):
+ """ Delete members specified by member_ids.
+ """
+
+ # Delete members in acl_users.
+ acl_users = self.acl_users
+ if _checkPermission(ManageUsers, acl_users):
+ if type(member_ids) is StringType:
+ member_ids = (member_ids,)
+ member_ids = list(member_ids)
+ for member_id in member_ids[:]:
+ if not acl_users.getUserById(member_id, None):
+ member_ids.remove(member_id)
+ try:
+ acl_users.userFolderDelUsers(member_ids)
+ except (NotImplementedError, 'NotImplemented'):
+ raise CMFNotImplementedError('The underlying User Folder '
+ 'doesn\'t support deleting members.')
+ else:
+ raise CMFUnauthorizedError('You need the \'Manage users\' '
+ 'permission for the underlying User Folder.')
+
+ # Delete member data in portal_memberdata.
+ mdtool = getToolByName(self, 'portal_memberdata', None)
+ if mdtool:
+ for member_id in member_ids:
+ mdtool.deleteMemberData(member_id)
+
+ # Delete members' home folders including all content items.
+ if delete_memberareas:
+ for member_id in member_ids:
+ self.deleteMemberArea(member_id)
+
+ # Delete members' local roles.
+ if delete_localroles:
+ utool = getToolByName(self, 'portal_url', None)
+ self.deleteLocalRoles( utool.getPortalObject(), member_ids,
+ reindex=1, recursive=1 )
+
+ return tuple(member_ids)
+
security.declarePublic('getHomeFolder')
def getHomeFolder(self, id=None, verifyPermission=0):
"""Returns a member's home folder object or None.
@@ -435,6 +515,5 @@
doesn't have the View permission on the folder.
"""
return None
-
InitializeClass(MembershipTool)
=== CMF/CMFCore/PortalFolder.py 1.48 => 1.49 ===
--- CMF/CMFCore/PortalFolder.py:1.48 Mon Sep 1 10:44:11 2003
+++ CMF/CMFCore/PortalFolder.py Wed Sep 24 06:02:14 2003
@@ -26,6 +26,7 @@
from CMFCorePermissions import AddPortalContent
from CMFCorePermissions import AddPortalFolders
+from CMFCorePermissions import ChangeLocalRoles
from CMFCorePermissions import ListFolderContents
from CMFCorePermissions import ManagePortal
from CMFCorePermissions import ManageProperties
@@ -62,7 +63,7 @@
, 'name' : 'Local Roles'
, 'action':
'string:${object_url}/folder_localrole_form'
- , 'permissions' : (ManageProperties,)
+ , 'permissions' : (ChangeLocalRoles,)
, 'category' : 'folder'
}
)
=== CMF/CMFCore/__init__.py 1.23 => 1.24 ===
--- CMF/CMFCore/__init__.py:1.23 Thu Feb 13 03:31:01 2003
+++ CMF/CMFCore/__init__.py Wed Sep 24 06:02:14 2003
@@ -15,6 +15,8 @@
$Id$
"""
+from AccessControl import allow_module
+
import PortalObject, PortalContent, PortalFolder
import MembershipTool, WorkflowTool, CatalogTool, DiscussionTool
import ActionsTool, UndoTool, RegistrationTool, SkinsTool
@@ -29,6 +31,9 @@
import utils
from CMFCorePermissions import AddPortalFolders
+
+
+allow_module('Products.CMFCore.CMFCoreExceptions')
try:
import FSPageTemplate
More information about the CMF-checkins
mailing list