本文整理汇总了Python中repoze.bfg.security.has_permission函数的典型用法代码示例。如果您正苦于以下问题:Python has_permission函数的具体用法?Python has_permission怎么用?Python has_permission使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了has_permission函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: show_forum_view
def show_forum_view(context, request):
page_title = context.title
api = request.api
actions = []
if has_permission('create', context, request):
actions.append(('Add Forum Topic', 'add_forum_topic.html'))
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
profiles = find_profiles(context)
appdates = getUtility(IAppDates)
topic_batch = get_topic_batch(context, request)
topic_entries = topic_batch['entries']
topics = []
for topic in topic_entries:
D = {}
profile = profiles.get(topic.creator)
posted_by = getattr(profile, 'title', None)
date = appdates(topic.created, 'longform')
D['url'] = model_url(topic, request)
D['title'] = topic.title
D['posted_by'] = posted_by
D['date'] = date
D['number_of_comments'] = len(topic['comments'])
topics.append(D)
# In the intranet side, the backlinks should go to the show_forums
# view (the default)
forums = context.__parent__
backto = {
'href': model_url(forums, request),
'title': forums.title,
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
return render_template_to_response(
'templates/show_forum.pt',
api = api,
actions = actions,
title = context.title,
topics = topics,
batch_info = topic_batch,
backto=backto,
layout=layout,
)
开发者ID:amarandon,项目名称:opencore,代码行数:54,代码来源:forum.py
示例2: show_forum_topic_view
def show_forum_topic_view(context, request):
post_url = model_url(context, request, "comments", "add_comment.html")
page_title = context.title
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
api = request.api
api.page_title = page_title
byline_info = getMultiAdapter((context, request), IBylineInfo)
forum = find_interface(context, IForum)
backto = {
'href': model_url(forum, request),
'title': forum.title,
}
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('community')
if support_attachments(context):
attachments = fetch_attachments(context['attachments'], request)
else:
attachments = ()
# enable imagedrawer for adding forum replies (comments)
api.karl_client_data['text'] = dict(
enable_imagedrawer_upload = True,
)
return render_template_to_response(
'templates/show_forum_topic.pt',
api=api,
actions=actions,
comments=comments_to_display(request),
attachments=attachments,
formfields=api.formfields,
post_url=post_url,
byline_info=byline_info,
head_data=convert_to_script(client_json_data),
backto=backto,
layout=layout,
comment_form={},
)
开发者ID:amarandon,项目名称:opencore,代码行数:53,代码来源:forum.py
示例3: reference_outline_view
def reference_outline_view(context, request):
# Look for moveUp or moveDown in QUERY_STRING, telling us to
# reorder something
status_message = None
subpath = request.params.get('subpath')
if subpath:
direction = request.params['direction']
status_message = move_subpath(context, subpath, direction)
backto = {
'href': model_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('intranet')
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request)
api.status_message = status_message
return render_template_to_response(
'templates/show_referencemanual.pt',
api=api,
actions=actions,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
layout=layout,
previous_entry=previous,
next_entry=next,
)
开发者ID:cguardia,项目名称:karl,代码行数:53,代码来源:references.py
示例4: get_profile_actions
def get_profile_actions(profile, request):
actions = []
same_user = authenticated_userid(request) == profile.__name__
if has_permission("administer", profile, request):
actions.append(("Edit", "admin_edit_profile.html"))
elif same_user:
actions.append(("Edit", "edit_profile.html"))
if same_user:
actions.append(("Manage Communities", "manage_communities.html"))
actions.append(("Manage Tags", "manage_tags.html"))
if has_permission("administer", profile, request):
actions.append(("Advanced", "advanced.html"))
return actions
开发者ID:reebalazs,项目名称:karl,代码行数:13,代码来源:people.py
示例5: show_newsitem_view
def show_newsitem_view(context, request):
backto = {
'href': model_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
previous, next = get_previous_next(context, request)
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Display photo
photo = context.get('photo')
if photo is not None:
photo = {
"url": thumb_url(photo, request, PHOTO_DISPLAY_SIZE),
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
return render_template_to_response(
'templates/show_newsitem.pt',
api=api,
actions=actions,
attachments=fetch_attachments(context['attachments'], request),
formfields=api.formfields,
head_data=convert_to_script(client_json_data),
backto=backto,
previous=previous,
next=next,
layout=layout,
photo=photo,
)
开发者ID:cguardia,项目名称:karl,代码行数:48,代码来源:newsitem.py
示例6: peopledirectory_view
def peopledirectory_view(context, request):
# show the first accessible tab
for section_id in context.order:
section = context[section_id]
if has_permission('view', section, request):
return section_view(section, request)
raise Forbidden("No accessible sections")
开发者ID:boothead,项目名称:karl,代码行数:7,代码来源:peopledirectory.py
示例7: menuitems
def menuitems(self):
ret = list()
count = 0
path = nodepath(self.model)
if path:
curpath = path[0]
else:
curpath = ''
# work with ``self.model.root.keys()``, ``values()`` propably not works
# due to the use of factory node.
root = self.model.root
# check for default child id if no curpath
if not curpath and root.properties.default_child:
curpath = root.properties.default_child
# check wether to render mainmenu item title
empty_title = root.properties.mainmenu_empty_title
for key in root.keys():
child = root[key]
if not has_permission('view', child, self.request):
continue
item = dict()
item['id'] = key
if empty_title:
item['title'] = ' '
item['description'] = child.metadata.title
else:
item['title'] = child.metadata.title
item['description'] = child.metadata.description
item['url'] = make_url(self.request, path=[key])
item['selected'] = curpath == key
item['first'] = count == 0
ret.append(item)
count += 1
return ret
开发者ID:attilaolah,项目名称:bda.bfg.app,代码行数:34,代码来源:layout.py
示例8: secured_execute
def secured_execute(self, context, request, transition_id):
state = getattr(context, self.state_attr, _marker)
if state is _marker:
state = self.initial_state
si = (state, transition_id)
sn = (state, None)
newstate = None
# exact state match?
if si in self.states:
newstate, transition_fn, kw = self.states[si]
# no exact match, how about a None (catch-all) match?
elif sn in self.states:
newstate, transition_fn, kw = self.states[sn]
if newstate is None:
raise StateMachineError(
'No transition from %r using transition %r'
% (state, transition_id))
permission = kw['permission']
if request is not None and permission is not None:
if not has_permission(permission, context, request):
raise StateMachineError(
'%s permission required for transition %r' % (
permission, transition_id)
)
self.before_transition(state, newstate, transition_id, context, **kw)
transition_fn(state, newstate, transition_id, context, **kw)
self.after_transition(state, newstate, transition_id, context, **kw)
setattr(context, self.state_attr, newstate)
开发者ID:cguardia,项目名称:karl,代码行数:28,代码来源:workflow.py
示例9: get_container_batch
def get_container_batch(
container,
request,
batch_start=0,
batch_size=20,
sort_index=None,
reverse=False,
permission="view",
filter_func=None,
interfaces=None,
):
if "batch_start" in request.params:
batch_start = int(request.params["batch_start"])
if "batch_size" in request.params:
batch_size = int(request.params["batch_size"])
if sort_index:
catalog = find_catalog(container)
index = catalog[sort_index]
# XXX this is not part of ICatalogIndex, but it happens to work
# for most indexes. It might be useful to expand ICatalogIndex.
sort_func = index.discriminator
else:
sort_func = None
entries = [] # [(sort key, name, item)]
for name, item in container.items():
if interfaces:
# item must provide at least one of the given interfaces
for iface in interfaces:
if iface.providedBy(item):
break
else:
continue
if permission:
if not has_permission(permission, item, request):
continue
if filter_func:
if not filter_func(name, item):
continue
if sort_func is not None:
sort_key = sort_func(item, None)
else:
sort_key = None
entries.append((sort_key, name, item))
entries.sort()
if reverse:
entries.reverse()
page_entries = entries[batch_start : batch_start + batch_size]
info = {
"entries": [item for _, _, item in page_entries],
"batch_start": batch_start,
"batch_size": batch_size,
"batch_end": batch_start + len(page_entries),
"total": len(entries),
}
_add_link_data(info, container, request)
return info
开发者ID:boothead,项目名称:karl,代码行数:60,代码来源:batch.py
示例10: upload_attachments
def upload_attachments(attachments, folder, creator, request):
""" This creates *and removes* attachments based on information
retrieved from a form"""
for attachment in attachments:
if attachment.filename:
mimetype = attachment.mimetype
filename = make_unique_name(
folder,
basename_of_filepath(attachment.filename)
)
folder[filename] = obj = create_content(
ICommunityFile,
title = filename,
stream = attachment.file,
mimetype = mimetype,
filename = filename,
creator = creator,
)
max_size = int(get_setting(folder, 'upload_limit', 0))
if max_size and obj.size > max_size:
msg = 'File size exceeds upload limit of %d.' % max_size
raise ValueError(msg)
else:
meta = attachment.metadata
if meta.get('remove') and meta.get('default'):
name = meta['default']
if name in folder:
ob = folder[name]
if has_permission('delete', ob, request):
del folder[name]
开发者ID:boothead,项目名称:karl,代码行数:30,代码来源:utils.py
示例11: _show_calendar_view
def _show_calendar_view(context, request, make_presenter):
year, month, day = _date_requested(context, request)
focus_datetime = datetime.datetime(year, month, day)
now_datetime = _now()
# make the calendar presenter for this view
url_for = _make_calendar_presenter_url_func(context, request)
calendar = make_presenter(focus_datetime,
now_datetime,
url_for)
# find events and paint them on the calendar
selected_layer = _calendar_filter(context, request)
events = _get_catalog_events(context, request,
first_moment=calendar.first_moment,
last_moment=calendar.last_moment,
layer_name=selected_layer)
calendar.paint_events(events)
layers = _get_calendar_layers(context)
setup_url = _calendar_setup_url(context, request)
# render
api = TemplateAPI(context, request, calendar.title)
return render_template_to_response(
calendar.template_filename,
api=api,
setup_url=setup_url,
calendar=calendar,
selected_layer = selected_layer,
layers = layers,
quote = quote,
may_create = has_permission(CREATE, context, request),
)
开发者ID:reebalazs,项目名称:karl,代码行数:35,代码来源:calendar_events.py
示例12: checkPermission
def checkPermission(self, info):
""" Does user have permission to author content in the given context?
Uses ACL security policy to test.
"""
users = find_users(self.context)
for target in info['targets']:
if 'error' in target:
continue
report_name = target.get('report')
if report_name is not None:
pd = find_peopledirectory(self.context)
context = find_model(pd, report_name.split('+'))
permission = "email"
else:
communities = find_communities(self.context)
community = communities[target['community']]
context = community[target['tool']]
permission = "create" # XXX In theory could depend on target
user = users.get_by_id(info['author'])
if user is not None:
user = dict(user)
user['repoze.who.userid'] = info['author']
# BFG Security API always assumes http request, so we fabricate a
# fake request.
request = webob.Request.blank('/')
request.environ['repoze.who.identity'] = user
if not has_permission(permission, context, request):
target['error'] = 'Permission Denied'
开发者ID:reebalazs,项目名称:karl,代码行数:31,代码来源:mailin.py
示例13: show_page_view
def show_page_view(context, request):
backto = {
'href': model_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('create', context, request):
actions.append(
('Edit', 'edit.html')
)
if has_permission('delete', context, request):
actions.append(
('Delete', 'delete.html'),
)
page_title = context.title
api = TemplateAPI(context, request, page_title)
previous, next = get_previous_next(context, request)
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Get a layout
community = find_community(context)
layout_provider = get_layout_provider(context, request)
if community is not None:
layout = layout_provider('community')
else:
layout = layout_provider('generic')
return render_template_to_response(
'templates/show_page.pt',
api=api,
actions=actions,
attachments=fetch_attachments(context['attachments'], request),
formfields=api.formfields,
head_data=convert_to_script(client_json_data),
backto=backto,
previous=previous,
next=next,
layout=layout,
)
开发者ID:boothead,项目名称:karl,代码行数:47,代码来源:page.py
示例14: show_wikipage_view
def show_wikipage_view(context, request):
is_front_page = (context.__name__ == 'front_page')
if is_front_page:
community = find_interface(context, ICommunity)
page_title = '%s Community Wiki Page' % community.title
backto = False
else:
page_title = context.title
backto = {
'href': model_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request) and not is_front_page:
actions.append(('Delete', 'delete.html'))
repo = find_repo(context)
if repo is not None and has_permission('edit', context, request):
actions.append(('History', 'history.html'))
show_trash = True
else:
show_trash = False
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
api = TemplateAPI(context, request, page_title)
client_json_data = convert_to_script(dict(
tagbox = get_tags_client_data(context, request),
))
wiki = find_interface(context, IWiki)
feed_url = model_url(wiki, request, "atom.xml")
return dict(
api=api,
actions=actions,
head_data=client_json_data,
feed_url=feed_url,
backto=backto,
is_front_page=is_front_page,
show_trash=show_trash,
lock_info=lock.lock_info_for_view(context, request),
)
开发者ID:cguardia,项目名称:karl,代码行数:47,代码来源:wiki.py
示例15: show_comment_view
def show_comment_view(context, request):
page_title = "Comment on " + context.title
api = request.api
api.page_title = page_title
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
byline_info = getMultiAdapter((context, request), IBylineInfo)
container = find_supported_interface(context, api.supported_comment_interfaces())
if not container:
err_msg = 'unsupported interface for show_comment_view found for ' \
'context: %s' % context
log.warn(err_msg)
exception_response = ExceptionResponse(err_msg)
exception_response.status = '500 Internal Server Error'
return exception_response
backto = {
'href': model_url(container, request),
'title': container.title,
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('community')
if support_attachments(context):
attachments = fetch_attachments(context, request)
else:
attachments = ()
return render_template_to_response(
'templates/show_comment.pt',
api=api,
actions=actions,
byline_info=byline_info,
attachments=attachments,
backto=backto,
layout=layout,
)
开发者ID:amarandon,项目名称:opencore,代码行数:46,代码来源:commenting.py
示例16: __call__
def __call__(self):
context, request = self.context, self.request
api = AdminTemplateAPI(context, request, "Admin UI: Send Email")
admin_email = get_setting(context, "admin_email")
system_name = get_setting(context, "system_name")
profiles = find_profiles(context)
admin = profiles[authenticated_userid(request)]
from_emails = [
("self", "%s <%s>" % (admin.title, admin.email)),
("admin", "%s Administrator <%s>" % (system_name, admin_email)),
]
if "send_email" in request.params:
mailer = getUtility(IMailDelivery)
group = request.params["to_group"]
users = find_users(context)
search = ICatalogSearch(context)
count, docids, resolver = search(interfaces=[IProfile])
n = 0
for docid in docids:
profile = resolver(docid)
if getattr(profile, "security_state", None) == "inactive":
continue
userid = profile.__name__
if group and not users.member_of_group(userid, group):
continue
message = Message()
if request.params["from_email"] == "self":
message["From"] = from_emails[0][1]
message_from = admin.email
else:
message["From"] = from_emails[1][1]
message_from = admin_email
message["To"] = "%s <%s>" % (profile.title, profile.email)
message["Subject"] = request.params["subject"]
body = u"<html><body>%s</body></html>" % (request.params["text"])
message.set_payload(body.encode("UTF-8"), "UTF-8")
message.set_type("text/html")
mailer.send([profile.email], message)
n += 1
status_message = "Sent message to %d users." % n
if has_permission(ADMINISTER, context, request):
redirect_to = model_url(context, request, "admin.html", query=dict(status_message=status_message))
else:
redirect_to = model_url(
find_communities(context),
request,
"all_communities.html",
query=dict(status_message=status_message),
)
return HTTPFound(location=redirect_to)
return dict(api=api, menu=_menu_macro(), to_groups=self.to_groups, from_emails=from_emails)
开发者ID:reebalazs,项目名称:karl,代码行数:57,代码来源:admin.py
示例17: get_actions
def get_actions(context, request):
actions = []
profiles = find_profiles(context)
if has_permission('administer', profiles, request):
if request.view_name != 'admin.html':
#actions.append(('Admin', 'admin.html'))
pass # see LP #668489
actions.append(('Add User', model_url(profiles, request, 'add.html')))
return actions
开发者ID:cguardia,项目名称:karl,代码行数:9,代码来源:peopledirectory.py
示例18: reference_viewall_view
def reference_viewall_view(context, request):
backto = {
'href': model_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('intranet')
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request, 'view_all.html')
return render_template_to_response(
'templates/viewall_referencemanual.pt',
api=api,
actions=actions,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
layout=layout,
previous_entry=previous,
next_entry=next,
)
开发者ID:cguardia,项目名称:karl,代码行数:44,代码来源:references.py
示例19: show_community_view
def show_community_view(context, request):
assert ICommunity.providedBy(context), str(type(context))
user = authenticated_userid(request)
page_title = 'View Community ' + context.title
api = TemplateAPI(context, request, page_title)
# provide client data for rendering current tags in the tagbox
tagquery = getMultiAdapter((context, request), ITagQuery)
client_json_data = {'tagbox': {'docid': tagquery.docid,
'records': tagquery.tagswithcounts,
},
}
# Filter the actions based on permission
actions = []
if has_permission(MODERATE, context, request):
actions.append(('Edit', 'edit.html'))
# If user has permission to see this view then has permission to join.
if not(user in context.member_names or user in context.moderator_names):
actions.append(('Join', 'join.html'))
if has_permission(DELETE_COMMUNITY, context, request):
actions.append(('Delete', 'delete.html'))
if has_permission(ADMINISTER, context, request):
actions.append(('Advanced', 'advanced.html'))
recent_items = []
recent_items_batch = get_recent_items_batch(context, request)
for item in recent_items_batch["entries"]:
adapted = getMultiAdapter((item, request), IGridEntryInfo)
recent_items.append(adapted)
feed_url = model_url(context, request, "atom.xml")
return {'api': api,
'actions': actions,
'recent_items': recent_items,
'batch_info': recent_items_batch,
'head_data': convert_to_script(client_json_data),
'feed_url': feed_url,
}
开发者ID:cguardia,项目名称:karl,代码行数:44,代码来源:community.py
示例20: show_community_view
def show_community_view(context, request):
assert ICommunity.providedBy(context), str(type(context))
user = authenticated_userid(request)
page_title = 'View Community ' + context.title
api = TemplateAPI(context, request, page_title)
# provide client data for rendering current tags in the tagbox
tagquery = getMultiAdapter((context, request), ITagQuery)
client_json_data = dict(
tagbox = dict(
docid = tagquery.docid,
records = tagquery.tagswithcounts,
),
)
# Filter the actions based on permission
actions = []
if has_permission(MODERATE, context, request):
actions.append(('Edit', 'edit.html'))
# If user has permission to see this view then has permission to join.
if not(user in context.member_names or user in context.moderator_names):
actions.append(('Join', 'join.html'))
if has_permission(DELETE_COMMUNITY, context, request):
actions.append(('Delete', 'delete.html'))
recent_items = []
recent_items_batch = get_recent_items_batch(context, request)
for item in recent_items_batch["entries"]:
adapted = getMultiAdapter((item, request), IGridEntryInfo)
recent_items.append(adapted)
feed_url = model_url(context, request, "atom.xml")
return render_template_to_response(
'templates/community.pt',
api=api,
actions=actions,
recent_items=recent_items,
batch_info=recent_items_batch,
head_data=convert_to_script(client_json_data),
feed_url=feed_url,
)
开发者ID:boothead,项目名称:karl,代码行数:44,代码来源:community.py
注:本文中的repoze.bfg.security.has_permission函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论