[Zope] External management of roles and permissions
Jean Jordaan
jean at upfrontsystems.co.za
Wed Aug 20 10:13:35 EDT 2003
> Then I need to set the permissions for each
> security option/role programattically--the moral equivalent of going
> through and checking the boxes.
Does this help at all? 'setup' below is called from the
'manage_addMyApp' constructor.
def addRoles(obj, roles):
''' Create MyApp roles
'''
# First add roles
# (AccessControl.Role._addRole is awkward, so we Just Do It)
current_roles=list(obj.__ac_roles__)
for role in current_roles:
if role not in roles:
roles.append(role)
obj.__ac_roles__=tuple(roles)
def setPermissions(obj, permissions, acquire=0):
''' Set permissions for object
'''
roles_for_permissions = {}
for role, perms in permissions.items():
for perm in perms:
roles_for_permissions[perm] = roles_for_permissions.get(perm, [])
roles_for_permissions[perm].append(role)
for perm, roles in roles_for_permissions.items():
obj.manage_permission(perm, roles, acquire)
def setPermissionsForRoles(obj, permissions, roles):
for permission in permissions:
obj.manage_permission(permission, roles, 0)
def setup(myapp):
#
# Set permissions
#
addRoles(myapp, ['Member', 'Evaluator'])
setPermissions(myapp, myapp_permissions)
setPermissionsForRoles(
myapp.members, view_permissions, ['Manager', 'Member'])
setPermissionsForRoles(
myapp.downloads, view_permissions, ['Manager'])
view_permissions = ('Access Transient Objects', 'Access contents information',
'Access session data', 'Add portal member', 'Copy or Move', 'Mail forgotten
password', 'Query Vocabulary', 'Search ZCatalog', 'Use Database Methods',
'View', 'WebDAV access', )
...
myapp_permissions = {
'Anonymous': view_permissions,
'Authenticated': (),
'Manager': all_permissions,
'Owner': owner_permissions,
}
... etc
--
Jean Jordaan
http://www.upfrontsystems.co.za
More information about the Zope
mailing list