本文整理汇总了Python中repoze.what.predicates.has_permission函数的典型用法代码示例。如果您正苦于以下问题:Python has_permission函数的具体用法?Python has_permission怎么用?Python has_permission使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了has_permission函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: __actions__
def __actions__(self, obj):
"""Override this function to define how action links should be displayed for the given record."""
bool_ultimo = obj.bool_ultimo
primary_fields = self.__provider__.get_primary_fields(self.__entity__)
pklist = '/'.join(map(lambda x: str(getattr(obj, x)), primary_fields))
if bool_ultimo == 1:
cod_item = obj.cod_item
value = '<div>'
if has_permission('editar_item'):
value = value + '<div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a></div>'
if has_permission('eliminar_relacion'):
value = value + '<div><form method="POST" action="'+pklist+'" class="button-to"><input type="hidden" name="_method" value="DELETE" /><input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/></form></div>'
value = value + '<div><a class="relacion_link" href="../relacions/?iid='+pklist+'">Relaciones </a><br/><a class="versiones_link" href="./?codi='+cod_item+'">Revertir</a></div></div>'
else:
id_item_rev = DBSession.query(Item).filter_by(cod_item = obj.cod_item, bool_ultimo = 1).one().id_item
ids = str(pklist) + "-" + str(id_item_rev)
href = "./revertir/?ids=" + ids
value = '<div><div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a>'\
'</div><div>'\
'<form method="POST" action="'+pklist+'" class="button-to">'\
'<input type="hidden" name="_method" value="DELETE" />'\
'<input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" '\
'style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/>'\
'</form>'\
'<a class="relacion_link" href="../relacions/?iid='+pklist+'">Relaciones </a>'\
'<a class="volver_link" href="'+href+'">Volver a</a>'\
'</div></div>'
return value
开发者ID:ggimenez,项目名称:IS2-IMPLEMENTACION,代码行数:31,代码来源:item_controlador.py
示例2: index
def index(self, **kw):
feegrouups = DBSession.query(FeeGroup).filter(FeeGroup.active == 0).order_by(FeeGroup.order)
companies = DBSession.query(Company, Currency).filter(and_(Company.active == 0,
Currency.active == 0,
Company.currency_id == Currency.id,
)).order_by(Company.name)
result = {
'feegroups' : feegrouups,
'companies' : companies,
'is_fin' : has_permission('FIN_VIEW_ALL'),
}
if has_permission('FIN_VIEW_ALL'): # if FIN team
teams = DBSession.query(LogicTeam).filter(LogicTeam.active == 0).order_by(LogicTeam.order).all()
else:
# get the user's belonging team
teams = []
try:
mp = DBSession.query(Permission).filter(Permission.permission_name == 'MANAGER_VIEW').one()
for g in request.identity["user"].groups:
if mp in g.permissions and g.logicteams:
teams.extend(g.logicteams)
except:
traceback.print_exc()
pass
result['teams'] = teams
return result
开发者ID:LamCiuLoeng,项目名称:budget,代码行数:28,代码来源:fee.py
示例3: __actions__
def __actions__(self, obj):
"""Override this function to define how action links should be displayed for the given record."""
primary_fields = self.__provider__.get_primary_fields(self.__entity__)
pklist = '/'.join(map(lambda x: str(getattr(obj, x)), primary_fields))
value = '<div>'
if has_permission('editar_fase'):
value = value + '<div><a class="edit_link" href="'+pklist+'/edit" style="text-decoration:none">edit</a></div>'
if has_permission('eliminar_fase'):
value = value + '<div><form method="POST" action="'+pklist+'" class="button-to"><input type="hidden" name="_method" value="DELETE" /><input class="delete-button" onclick="return confirm(\'Are you sure?\');" value="delete" type="submit" style="background-color: transparent; float:left; border:0; color: #286571; display: inline; margin: 0; padding: 0;"/></form></div>'
value = value + '<div><a class="itmes_link" href="../items/?fid='+pklist+'">Items</a><br/><a class="lineas_link" href="../lineabases/?fid='+pklist+'">Linea Base</a></div></div>'
return value
开发者ID:ggimenez,项目名称:IS2-IMPLEMENTACION,代码行数:13,代码来源:fase_controlador.py
示例4: check_fase_permiso
def check_fase_permiso(self, id_fase, permiso_name,nuleable=False):
"""
Controla si el usuario que actualmente se encuentra logeado posee
el deteminado permiso sobre una fase.
@type id_fase : Integer
@param id_fase : Identificador de la fase
@type permiso_name : String
@param permiso_name : Nombre del permiso
@type nuleable : Boolean
@param nuleable : Variable de control del valor de retorno.
Si es True y el usuario no posee permisos
retorna None
@rtype : Predicates
@return : retorna las credenciales del usuario
"""
current_user = self.get_current_user()
#Se obtiene la fase actual
fase = DBSession.query(Fase).get(id_fase)
#se recupera el rol del lider del proyecto
rol = util.get_rol_by_codigo('lider_' + str(fase.proyecto))
#si el usuario es lider del proyecto se salta los controles
if util.usuario_has_rol(current_user.usuario_id, rol) :
return predicates.has_permission(permiso_name)
usuario_permiso_fase = DBSession.query(UsuarioPermisoFase).\
filter(UsuarioPermisoFase.usuario_id ==
RolUsuario.usuario_id).\
filter(UsuarioPermisoFase.fase_id ==
id_fase).\
filter(Permiso.permiso_id ==
UsuarioPermisoFase.permiso_id).\
filter(Permiso.nombre ==
permiso_name).\
filter(RolUsuario.usuario_id ==
current_user.usuario_id).\
all()
if (len(usuario_permiso_fase) != 0):
return predicates.has_permission(permiso_name)
elif nuleable == False:
#return predicates.has_permission(permiso_name+' '+str(id_proyecto))
return predicates.has_permission('Sin permiso')
else:
return None
开发者ID:mbaez,项目名称:SAP,代码行数:49,代码来源:checker.py
示例5: permission_met
def permission_met(menu):
"""
This is one of the more complicated methods. It works recursively.
When called, it is given the root of the controller hierarchy. It looks
for the path to the menu entry, and checks everything that it can along
the way: allow_only on all controllers, and the (optional) permission on
the method itself (which must be given to the @menu decorator or
menu_append, see the README for details why and a workaround).
"""
global rootcon
retval = True
if not rootcon:
pname = '%s.controllers.root' % (config['package'].__name__)
__import__(pname)
rootcon = sys.modules[pname].RootController
# Check to see if specific menu permission has been set
permission = menu._permission
if type(permission) is str:
try:
has_permission(permission).check_authorization(request.environ)
return True
except NotAuthorizedError:
return False
elif permission is not None:
try:
permission.check_authorization(request.environ)
return True
except:
return False
else:
# No specific menu permission has been set, walk the tree
lpath = menu._url.split('/')[1:]
currcon = rootcon
for component in lpath:
if hasattr(currcon, 'allow_only'):
try:
getattr(currcon, 'allow_only').check_authorization(request.environ)
except:
return False
if hasattr(currcon, component):
currcon = getattr(currcon, component)
else:
break
return True
开发者ID:bkahlerventer,项目名称:tgext.menu,代码行数:48,代码来源:util.py
示例6: index
def index( self , **kw ):
ws = [OrderHeader.active == 0]
if kw.get( "no", False ) : ws.append( OrderHeader.no.op( "ilike" )( "%%%s%%" % kw["no"] ) )
if kw.get( "customerpo", False ) : ws.append( OrderHeader.customerpo.op( "ilike" )( "%%%s%%" % kw["customerpo"] ) )
if kw.get( "vendorpo", False ) : ws.append( OrderHeader.vendorpo.op( "ilike" )( "%%%s%%" % kw["vendorpo"] ) )
if kw.get( "status", False ) : ws.append( OrderHeader.status == kw["status"] )
if kw.get( "printShopId", False ) : ws.append( OrderHeader.printShopId == kw["printShopId"] )
if kw.get( "create_time_from", False ) : ws.append( OrderHeader.createTime >= kw["create_time_from"] )
if kw.get( "create_time_to", False ) : ws.append( OrderHeader.createTime <= kw["create_time_from"] )
if kw.get( "divisionId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.divisionId == kw['divisionId']] )
if kw.get( "brandId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.brandId == kw['brandId']] )
if kw.get( "categoryId", False ) : ws.extend( [OrderHeader.id == OrderDetail.headerId, OrderDetail.active == ACTIVE, OrderDetail.categoryId == kw['categoryId']] )
if not has_permission( "MAIN_ORDERING_CHECKING_ALL" ): ws.append( OrderHeader.createById == request.identity["user"].user_id )
result = qry( OrderHeader ).filter( and_( *ws ) ).order_by( desc( OrderHeader.createTime ) ).all()
ps = qry( PrintShop ).filter( and_( PrintShop.active == 0 ) ).order_by( PrintShop.name )
is_admin = False
for g in request.identity["user"].groups :
if g.flag == 'ADMIN' :
is_admin = True
break
return { "result" : result , "values" : kw, "widget" : order_search_form , "printshops" : ps , "is_admin" : is_admin}
开发者ID:LamCiuLoeng,项目名称:aeo,代码行数:26,代码来源:ordering.py
示例7: __init__
def __init__(self, *args, **kw):
# /event/url/submissions
self.event = kw.get('event', None)
# /event/url/lesson/id/submissions
self.lesson = kw.get('lesson', None)
# /event/url/sheet/id/assignment/id/submissions
self.assignment = kw.get('assignment', None)
# /event/url/sheet/id/submissions
self.sheet = kw.get('sheet', None)
if self.event:
pass
elif self.lesson:
self.event = self.lesson.event
elif self.assignment:
self.event = self.assignment.sheet.event
elif self.sheet:
self.event = self.sheet.event
else:
log.warn('SubmissionController without any filter')
flash('You can not view Submissions without any constraint.', 'error')
abort(400)
# Allow access for event teacher and lesson teacher
self.allow_only = Any(
has('teachers', self.event),
has('tutors', self.lesson),
# has_teacher(self.event),
# has_teachers(self.event),
# has_teacher(self.lesson),
has_permission('manage'),
msg=u'You have no permission to manage this Lesson'
)
self.table = SubmissionTable(DBSession)
self.table_filler = SubmissionTableFiller(DBSession, lesson=self.lesson)
开发者ID:samsemilia7,项目名称:SAUCE,代码行数:35,代码来源:lessons.py
示例8: protect_obj_modify
def protect_obj_modify(protected_obj=None):
p = protected_obj
if p:
if not Any(is_user(p.user.user_name),
has_permission('dmirr_admin'),
in_group(p.group.group_name)):
raise NotAuthorizedError
开发者ID:jness,项目名称:dmirr,代码行数:7,代码来源:helpers.py
示例9: get_failures
def get_failures(self):
"""
Retourne la liste (au format JSON) des collecteurs Vigilo en panne.
Déclenche un appel à la méthode flash si cette liste est non vide.
"""
# On vérifie que l'utilisateurs dispose des permissions appropriées
All(
not_anonymous(msg=_("You need to be authenticated")),
Any(
config.is_manager,
has_permission('%s-access' % config.app_name.lower()),
msg=_("You don't have access to %s") % config.app_name
)
).check_authorization(request.environ)
# On récupère la liste des connecteurs en panne
failures = self.check_connectors_freshness()
# Si cette liste n'est pas vide, on affiche un message à l'utilisateur
if failures:
flash(_(
'Vigilo has detected a breakdown on the following '
'collector(s): %(list)s'
) % {'list': ', '.join(failures)},
'error'
)
# Dans les 2 cas (liste vide ou non), on la retourne au format JSON
return dict(failures=failures)
开发者ID:vigilo,项目名称:turbogears,代码行数:30,代码来源:selfmonitoring.py
示例10: index
def index(self, **kw):
companies = DBSession.query(Company, Currency).filter(and_(Company.active == 0,
Currency.active == 0,
Company.currency_id == Currency.id,
)).order_by(Company.name)
subline = DBSession.query(Subline).filter(and_(Subline.active == 0)).order_by(Subline.label)
saletype = DBSession.query(SaleType).filter(and_(SaleType.active == 0)).order_by(SaleType.label)
result = {
'companies' : companies,
'subline' : subline,
'saletype' : saletype,
}
if has_permission('FIN_VIEW_ALL'): # if FIN team
teams = DBSession.query(LogicTeam).filter(and_(LogicTeam.active == 0, LogicTeam.for_sale == 0)).order_by(LogicTeam.order).all()
result['is_fin'] = True
else:
# get the user's belonging team
result['is_fin'] = False
teams = []
try:
mp = DBSession.query(Permission).filter(Permission.permission_name == 'MANAGER_VIEW').one()
for g in request.identity["user"].groups:
if mp in g.permissions and g.logicteams:
teams.extend(g.logicteams)
except:
traceback.print_exc()
pass
result['teams'] = teams
return result
开发者ID:LamCiuLoeng,项目名称:budget,代码行数:32,代码来源:erpfee.py
示例11: admin
def admin(self,id=None,page=1):
def asort(sort,querystr):
feilds ={'1':'Invoice.id',
'2':'Invoice.customer_id',
'3':'Invoice.date_time',
'4':'Invoice.total_price',
'5':'Invoice.Description',}
if sort != '':
if session['invoice_sort_togle'][sort]:
session['invoice_sort_togle'][sort] = False
direction = '.desc()'
else:
session['invoice_sort_togle'][sort] = True
direction = '.asc()'
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
session['invoice_sort'] = sort
session['invoice_sort_direction']=direction
session.save()
elif 'invoice_sort' in session:
sort = session['invoice_sort']
direction = session['invoice_sort_direction']
querystr += ".order_by(%s%s)"%(feilds[sort],direction)
return querystr
came_from = str(request.GET.get('came_from', ''))
identity = request.environ.get('repoze.who.identity')
c.menu_items = h.top_menu(self.menu_items,_('Shop online'))
if came_from == 'removeproduct':
h.flash('To delete a product find it in the table and press on the Delete link')
elif came_from == 'editproduct':
h.flash('To Edit a product details find it in the table below and press on the Edit link')
sort = str(request.GET.get('sort',''))
if 'invoice_sort_togle' not in session:
session['invoice_sort_togle']={'1':True,
'2':True,
'3':True,
'4':True,
'5':True,}
session.save()
querystr=''
if is_met(has_permission('view_invoice')):
Uc = aliased(User)
Us = aliased(User)
if 'invoice_querystr' in session:
querystr = asort(sort,querystr)
invoices = eval(session['invoice_querystr']+querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
html = render('/derived/invoice/staff/index.html')
return htmlfill.render(html, defaults=session['invoice_search_values'], errors={})
else:
querystr = "Session.query(Invoice).filter(Invoice.deleted==False)"
querystr = asort(sort,querystr)
invoices = eval(querystr)
c.paginator = paginate.Page(invoices,
page=int(request.params.get('page', page)),
items_per_page = 10)
return render('/derived/invoice/staff/index.html')
开发者ID:vickyi,项目名称:PylonsSimpleCMS,代码行数:60,代码来源:invoice.py
示例12: _cal
def _cal(self, context, done_rs, notdone_rs):
# handle the cal fields
updated_rs = {}
while len(notdone_rs) > 0:
ids_set = set(map(unicode, done_rs.keys()))
tmp = []
for obj in notdone_rs:
feeitem = getattr(obj, 'feeitem', DBSession.query(FeeItem).get(obj.feeitem_id))
args_list = map(lambda v: unicode(v.strip()), feeitem.args.split(","))
args_ids = filter(lambda a : a.isdigit(), args_list)
args_set = set(args_ids)
if not args_set.issubset(ids_set): # if not all the args is ready ,put it to the next round
tmp.append(obj)
continue
# if all the params is fulfill ,the cal the val
# 1. get the fomula
fun = eval(feeitem.expression.exp)
# 2, prepare the args value
attrs = ['actual_value', 'budget_value'] if has_permission('FIN_VIEW_ALL') else ['forecast_value']
for attr in attrs:
vals = []
for a in args_list:
if a.isdigit() : vals.append(float(getattr(done_rs[a], attr) or 0.0))
elif a.startswith('$') : vals.append(context[a[1:]])
# 3. run the exp and set the value
setattr(obj, attr, fin_helper.round2int(fun(*vals)))
done_rs[unicode(obj.feeitem_id)] = obj
updated_rs[unicode(obj.feeitem_id)] = obj
notdone_rs = tmp
return updated_rs
开发者ID:LamCiuLoeng,项目名称:budget,代码行数:33,代码来源:fee.py
示例13: protect_product_release_obj
def protect_product_release_obj(protected_obj=None):
p = protected_obj
if p:
if not Any(is_user(p.product.project.user.user_name),
has_permission('dmirr_admin'),
in_group(p.product.project.group.group_name)):
raise NotAuthorizedError
开发者ID:jness,项目名称:dmirr,代码行数:7,代码来源:helpers.py
示例14: index
def index(self):
admin=False
if predicates.not_anonymous():
if predicates.has_permission('admin'):
admin=True
osfamilies = DBSession.query(OSFamily).order_by('name')
return dict(osfamilies=osfamilies, num_items=osfamilies.count(),
admin=admin)
开发者ID:jonmasters,项目名称:equity,代码行数:8,代码来源:root.py
示例15: edit
def edit(self,id):
if is_met(has_permission(u'edit_invoice')):
return render_edit_form_admin(self.menu_items,id=id)
else:
#check to see if the user is the owner of the invoice and invoice is pending the show edit form
#check to see if staff is editing the form
h.flash(_('You don not have enough permission to edit invoice'))
return redirect(url(controller='invoice',action='index'))
开发者ID:vickyi,项目名称:PylonsSimpleCMS,代码行数:8,代码来源:invoice.py
示例16: default
def default(self, *args):
admin=False
if predicates.not_anonymous():
if predicates.has_permission('admin'):
admin=True
license_name = args[0]
license = License.by_license_name(license_name)
return dict(license=license,
admin=admin)
开发者ID:jonmasters,项目名称:equity,代码行数:9,代码来源:root.py
示例17: listado
def listado(self,page=1):
"""Metodo para listar todos los Proyectos existentes de la base de datos"""
try:
proyectos=[]
if predicates.has_permission('administracion'):
proyectos = DBSession.query(Proyecto).order_by(Proyecto.id_proyecto)
elif predicates.has_permission('lider_proyecto'):
usuario = DBSession.query(Usuario).filter_by(nombre_usuario=request.identity['repoze.who.userid']).first()
proyectos = usuario.proyectos
currentPage = paginate.Page(proyectos, page, items_per_page=10)
except SQLAlchemyError:
flash(_("No se pudo acceder a Proyectos! SQLAlchemyError..."), 'error')
redirect("/admin")
except (AttributeError, NameError):
flash(_("No se pudo acceder a Proyectos! Hay Problemas con el servidor..."), 'error')
redirect("/admin")
return dict(proyectos=currentPage.items, page='listado_proyecto', currentPage=currentPage)
开发者ID:albertgarcpy,项目名称:IS2SAP,代码行数:18,代码来源:proyecto_controlador.py
示例18: new
def new(self):
if is_met(has_permission("add_user")):
return render_form(self.menu_items, action="create", add_number_of_emails=1)
if is_met(is_anonymous()):
c.menu_items = h.top_menu(self.menu_items, _("Customers"))
c.came_from = str(request.GET.get("came_from", "")) or url(controller="home", action="index")
if request.GET.get("came_from", None):
h.flash(_("After filling the from you will be sent back to your shopping cart"))
return render("/derived/user/new.html")
开发者ID:vickyi,项目名称:PylonsSimpleCMS,代码行数:9,代码来源:user.py
示例19: __init__
def __init__(self, event):
self.event = event
self.allow_only = Any(
user_is_in('teachers', self.event),
user_is_in('tutors', self.event),
has_permission('manage'),
msg=u'You have no permission to manage Lessons for this Event'
)
开发者ID:Ayutac,项目名称:SAUCE,代码行数:9,代码来源:lessons.py
示例20: _expose_wrapper
def _expose_wrapper(f, template, request_method=None, permission=None):
"""Returns a function that will render the passed in function according
to the passed in template"""
f.exposed = True
# Shortcut for simple expose of strings
if template == 'string' and not request_method and not permission:
return f
if request_method:
request_method = request_method.upper()
def wrapped_f(*args, **kwargs):
if request_method and request_method != request.method:
raise HTTPMethodNotAllowed().exception
result = f(*args, **kwargs)
tmpl = template
if hasattr(request, 'override_template'):
tmpl = request.override_template
if tmpl == 'string':
return result
if tmpl == 'json':
if isinstance(result, (list, tuple)):
msg = ("JSON responses with Array envelopes are susceptible "
"to cross-site data leak attacks, see "
"http://wiki.pylonshq.com/display/pylonsfaq/Warnings")
if config['debug']:
raise TypeError(msg)
warnings.warn(msg, Warning, 2)
log.warning(msg)
response.headers['Content-Type'] = 'application/json'
return simplejson.dumps(result)
if request.environ.get('paste.testing', False):
# Make the vars passed from action to template accessible to tests
request.environ['paste.testing_variables']['tmpl_vars'] = result
# Serve application/xhtml+xml instead of text/html during testing.
# This allows us to query the response xhtml as ElementTree XML
# instead of BeautifulSoup HTML.
# NOTE: We do not serve true xhtml to all clients that support it
# because of a bug in Mootools Swiff as of v1.2.4:
# https://mootools.lighthouseapp.com/projects/2706/tickets/758
if response.content_type == 'text/html':
response.content_type = 'application/xhtml+xml'
return render(tmpl, tmpl_vars=result, method='auto')
if permission:
wrapped_f = ActionProtector(has_permission(permission))(wrapped_f)
return wrapped_f
开发者ID:greentv,项目名称:mediacore,代码行数:56,代码来源:decorators.py
注:本文中的repoze.what.predicates.has_permission函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论