[CMF-checkins] CVS: CMF/DCWorkflow - DCWorkflow.py:1.29
States.py:1.12 WorkflowUIMixin.py:1.6 utils.py:1.5
Shane Hathaway
shane at zope.com
Thu Jan 15 11:15:34 EST 2004
Update of /cvs-repository/CMF/DCWorkflow
In directory cvs.zope.org:/tmp/cvs-serv9798
Modified Files:
DCWorkflow.py States.py WorkflowUIMixin.py utils.py
Log Message:
Management of group/role mappings is now functional.
=== CMF/DCWorkflow/DCWorkflow.py 1.28 => 1.29 ===
--- CMF/DCWorkflow/DCWorkflow.py:1.28 Wed Jan 14 17:39:22 2004
+++ CMF/DCWorkflow/DCWorkflow.py Thu Jan 15 11:15:03 2004
@@ -37,7 +37,7 @@
from Products.CMFCore.WorkflowTool import addWorkflowFactory
# DCWorkflow
-from utils import _dtmldir, modifyRolesForPermission
+from utils import _dtmldir, modifyRolesForPermission, modifyRolesForGroup
from WorkflowUIMixin import WorkflowUIMixin
from Transitions import TRIGGER_AUTOMATIC, TRIGGER_USER_ACTION, \
TRIGGER_WORKFLOW_METHOD
@@ -74,7 +74,7 @@
scripts = None
permissions = ()
- groups = () # The group IDs managed by this workflow.
+ groups = () # Security monikers of groups managed by this workflow.
roles = None # The role names managed by this workflow.
# If roles is None, listRoles() provides a default.
@@ -406,12 +406,25 @@
'''
changed = 0
sdef = self._getWorkflowStateOf(ob)
- if sdef is not None and self.permissions:
+ if sdef is None:
+ return 0
+ # Update the role -> permission map.
+ if self.permissions:
for p in self.permissions:
roles = []
if sdef.permission_roles is not None:
roles = sdef.permission_roles.get(p, roles)
if modifyRolesForPermission(ob, p, roles):
+ changed = 1
+ # Update the group -> role map.
+ groups = self.getGroups()
+ managed_roles = self.getRoles()
+ if groups and managed_roles:
+ for group in groups:
+ roles = ()
+ if sdef.group_roles is not None:
+ roles = sdef.group_roles.get(group, ())
+ if modifyRolesForGroup(ob, group, roles, managed_roles):
changed = 1
return changed
=== CMF/DCWorkflow/States.py 1.11 => 1.12 ===
--- CMF/DCWorkflow/States.py:1.11 Wed Jan 14 17:39:22 2004
+++ CMF/DCWorkflow/States.py Thu Jan 15 11:15:03 2004
@@ -49,7 +49,7 @@
description = ''
transitions = () # The ids of possible transitions.
permission_roles = None # { permission: [role] or (role,) }
- group_roles = None # { gid : (role,) }
+ group_roles = None # { group moniker : (role,) }
var_values = None # PersistentMapping if set. Overrides transition exprs.
security = ClassSecurityInfo()
@@ -101,11 +101,11 @@
acq = 1
return {'acquired':acq, 'roles':list(roles)}
- def getGroupInfo(self, gid):
+ def getGroupInfo(self, group):
"""Returns the list of roles to be assigned to a group.
"""
if self.group_roles:
- return self.group_roles.get(gid, ())
+ return self.group_roles.get(group, ())
return ()
_properties_form = DTMLFile('state_properties', _dtmldir)
@@ -205,6 +205,7 @@
pr = self.permission_roles
if pr is None:
self.permission_roles = pr = PersistentMapping()
+ pr.clear()
for p in self.getManagedPermissions():
roles = []
acquired = REQUEST.get('acquire_' + p, 0)
@@ -236,22 +237,20 @@
map = self.group_roles
if map is None:
self.group_roles = map = PersistentMapping()
+ map.clear()
all_roles = self.getWorkflow().getRoles()
for group in self.getWorkflow().getGroups():
- gid = group.getId()
roles = []
- for r in all_roles:
- if REQUEST.get('%s|%s' % (gid, r), 0):
- roles.append(r)
+ for role in all_roles:
+ if REQUEST.get('%s|%s' % (group, role), 0):
+ roles.append(role)
roles.sort()
roles = tuple(roles)
- map[gid] = roles
+ map[group] = roles
if RESPONSE is not None:
RESPONSE.redirect(
"%s/manage_groups?manage_tabs_message=Groups+changed."
% self.absolute_url())
-
-
Globals.InitializeClass(StateDefinition)
=== CMF/DCWorkflow/WorkflowUIMixin.py 1.5 => 1.6 ===
--- CMF/DCWorkflow/WorkflowUIMixin.py:1.5 Wed Jan 14 17:39:22 2004
+++ CMF/DCWorkflow/WorkflowUIMixin.py Thu Jan 15 11:15:03 2004
@@ -105,16 +105,13 @@
security.declareProtected(ManagePortal, 'getGroups')
def getGroups(self):
- """Returns the groups managed by this workflow.
+ """Returns the group security monikers managed by this workflow.
"""
- gf = self._getGroupFolder()
- if gf is None:
- return ()
- return [gf.getGroupById(gid) for gid in self.groups]
+ return tuple(self.groups)
security.declareProtected(ManagePortal, 'getAvailableGroups')
def getAvailableGroups(self):
- """Returns a list of group objects.
+ """Returns a list of available group security monikers.
"""
gf = self._getGroupFolder()
if gf is None:
@@ -122,27 +119,27 @@
r = []
r.extend(gf.getDynamicGroups())
r.extend(gf.getStaticGroups())
- return r
+ return [g.getSecurityMoniker() for g in r]
security.declareProtected(ManagePortal, 'addGroup')
- def addGroup(self, gid, RESPONSE=None):
- """Adds a group by id.
+ def addGroup(self, group, RESPONSE=None):
+ """Adds a group by moniker.
"""
gf = self._getGroupFolder()
- group = gf.getGroupById(gid)
- if group is None:
- raise ValueError(gid)
- self.groups = self.groups + (gid,)
+ g = gf.getPrincipalByMoniker(group)
+ if g is None:
+ raise ValueError(group)
+ self.groups = self.groups + (group,)
if RESPONSE is not None:
RESPONSE.redirect(
"%s/manage_groups?manage_tabs_message=Added+group."
% self.absolute_url())
security.declareProtected(ManagePortal, 'delGroups')
- def delGroups(self, gids, RESPONSE=None):
- """Removes groups by id.
+ def delGroups(self, groups, RESPONSE=None):
+ """Removes groups by moniker.
"""
- self.groups = tuple([gid for gid in self.groups if gid not in gids])
+ self.groups = tuple([g for g in self.groups if g not in groups])
if RESPONSE is not None:
RESPONSE.redirect(
"%s/manage_groups?manage_tabs_message=Groups+removed."
=== CMF/DCWorkflow/utils.py 1.4 => 1.5 ===
--- CMF/DCWorkflow/utils.py:1.4 Thu Aug 1 15:05:14 2002
+++ CMF/DCWorkflow/utils.py Thu Jan 15 11:15:03 2004
@@ -58,3 +58,39 @@
p.setRoles(roles)
return 1
return 0
+
+def modifyRolesForGroup(ob, group, grant_roles, managed_roles):
+ """Modifies local roles for one group.
+ """
+ local_roles = getattr(ob, '__ac_local_roles__', None)
+ if local_roles is None:
+ local_roles = {}
+ roles = local_roles.get(group)
+ if not roles:
+ if not grant_roles:
+ # No roles exist and no grants requested. Leave unchanged.
+ return 0
+ else:
+ # Add new roles for this group.
+ local_roles[group] = tuple(grant_roles)
+ ob.__ac_local_roles__ = local_roles
+ return 1
+ roles = list(roles)
+ changed = 0
+ for role in managed_roles:
+ if role in grant_roles and role not in roles:
+ # Add one role for this group.
+ roles.append(role)
+ changed = 1
+ elif role not in grant_roles and role in roles:
+ # Remove one role for this group.
+ roles.remove(role)
+ changed = 1
+ if changed:
+ if not roles and local_roles.has_key(group):
+ del local_roles[group]
+ else:
+ local_roles[group] = tuple(roles)
+ ob.__ac_local_roles__ = local_roles
+ return changed
+
More information about the CMF-checkins
mailing list