本文整理汇总了Python中pyramid.security.has_permission函数的典型用法代码示例。如果您正苦于以下问题:Python has_permission函数的具体用法?Python has_permission怎么用?Python has_permission使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了has_permission函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: table_view
def table_view(request):
can_i_edit = has_permission('edit', request.context, request)
can_i_edit = isinstance(can_i_edit, ACLAllowed)
user_id = authenticated_userid(request)
try:
model = table_by_name(request.matchdict['table'])
except KeyError:
return {'success': False, 'msg': 'Ошибка: отсутствует таблица с указанным именем'}
dbsession = DBSession()
try:
entity = dbsession.query(model).filter_by(id=request.matchdict['id']).one()
user = dbsession.query(User).filter_by(id=user_id).one() if can_i_edit else None
result = {'data': entity.as_json_dict(), 'success': True}
except NoResultFound:
result = {'success': False, 'msg': 'Результатов, соответствующих запросу, не найдено'}
if hasattr(entity, 'inserter'):
if isinstance(has_permission('admin', request.context, request), ACLAllowed):
is_editable = True
else:
is_editable = entity.inserter == user.person_id if user else False
else:
is_editable = True
result['editable'] = is_editable
dbsession.close()
return result
开发者ID:nextgis,项目名称:nextgisbio,代码行数:29,代码来源:__init__.py
示例2: get_profile_actions
def get_profile_actions(profile, request):
profile_url = request.resource_url(profile)
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', '%sadmin_edit_profile.html' % profile_url))
elif same_user:
actions.append(('Edit', '%sedit_profile.html' % profile_url))
if same_user:
actions.append(('Manage Communities', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', '%sadvanced.html' % profile_url))
if request.cookies.get('ux2') == 'true':
if same_user:
actions.append(('Deactivate My Account', 'javascript:deactivate()'))
if has_permission('administer', profile, request) and not same_user:
users = find_users(profile)
userid = profile.__name__
user = users.get_by_id(userid)
if user is not None:
is_active = True
else:
is_active = False
if is_active:
actions.append(('Deactivate This User', 'javascript:deactivate()'))
if not is_active:
actions.append(('Reactivate This User', 'javascript:reactivate()'))
return actions
开发者ID:hj91,项目名称:karl,代码行数:29,代码来源:people.py
示例3: table_view
def table_view(request):
can_i_edit = has_permission('edit', request.context, request)
can_i_edit = isinstance(can_i_edit, ACLAllowed)
user_id = authenticated_userid(request)
dbsession = DBSession()
card, user = None, None
try:
card = dbsession.query(Cards).filter_by(id=request.matchdict['id']).one()
user = dbsession.query(User).filter_by(id=user_id).one() if can_i_edit else None
result = card.as_json_dict()
except NoResultFound:
result = {'success': False, 'msg': 'Результатов, соответствующих запросу, не найдено'}
if not can_i_edit:
# обнулим координаты перед показом
result['lat'] = 0
result['lon'] = 0
if isinstance(has_permission('admin', request.context, request), ACLAllowed):
is_editable = True
else:
is_editable = card.inserter == user.person_id if user else False
dbsession.close()
return {'data': result, 'editable': is_editable, 'success': True}
开发者ID:nextgis,项目名称:nextgisbio,代码行数:26,代码来源:cards.py
示例4: do_approve
def do_approve(request):
APPROVE_THREDHOLD = 10
user_id = request.matchdict['user_id']
try:
user = models.User.objects.with_id(user_id)
except Exception as e:
return HTTPFound(location=request.route_path('manager.users.approve'))
approver = models.Approver(user=request.user,
ip_address=request.environ.get('REMOTE_ADDR'))
user.approvers.append(approver)
user.save()
if len(user.approvers) >= APPROVE_THREDHOLD \
or has_permission('admin', request.context, request)\
or has_permission('moderator', request.context, request):
user.status = 'activate'
role = user.get_role('anonymous')
user.roles.remove(role)
role = models.Role.objects(name='member').first()
user.roles.append(role)
user.save()
return HTTPFound(location=request.route_path('manager.users.approve'))
开发者ID:nolifelover,项目名称:pumbaa,代码行数:27,代码来源:users.py
示例5: navbar
def navbar(context, request):
def nav_item(name, url, icon=None):
from phoenix.utils import root_path
active = root_path(request.current_route_path()) == root_path(url)
return dict(name=name, url=url, active=active, icon=icon)
items = []
if has_permission("edit", request.context, request):
items.append(nav_item("Processes", request.route_path("processes")))
if has_permission("submit", request.context, request):
items.append(nav_item("Wizard", request.route_path("wizard")))
items.append(nav_item("Monitor", request.route_path("monitor")))
subitems = []
if has_permission("edit", request.context, request):
subitems.append(nav_item("Profile", request.route_path("profile", tab="account"), icon="fa fa-user"))
subitems.append(nav_item("Dashboard", request.route_path("dashboard", tab="jobs"), icon="fa fa-dashboard"))
if has_permission("admin", request.context, request):
subitems.append(nav_item("Settings", request.route_path("settings"), icon="fa fa-wrench"))
login = "login" in request.current_route_url()
username = None
try:
user = get_user(request)
if user:
username = user.get("name")
except:
logger.exception("could not get username")
return dict(title="Phoenix", items=items, subitems=subitems, username=username, login=login)
开发者ID:KatiRG,项目名称:pyramid-phoenix,代码行数:32,代码来源:__init__.py
示例6: show_collection
def show_collection(request):
user = get_user(request)
collection_id = request.matchdict['collection_id']
collection = DBSession.query(Collection).get(collection_id)
assets = collection.assets
page_assets, page_screenshots = [], {}
for asset in assets:
derivatives = asset.derivatives
transcode_matches = [d.path for d in derivatives if d.derivative_type == 'transcode.480.mp4']
screenshot_matches = [d.path for d in derivatives if d.derivative_type == 'screenshot.180.gif']
thumbnail_matches = [d.path for d in derivatives if d.derivative_type == 'thumbnail.180.png']
if transcode_matches and screenshot_matches and thumbnail_matches:
transcode = transcode_matches[0]
screenshot = screenshot_matches[0]
thumbnail = thumbnail_matches[0]
page_assets.append(asset)
asset.screenshot = screenshot
asset.thumbnail = thumbnail
grant = DBSession.query(CollectionGrant).filter(CollectionGrant.collection_id==collection_id).filter(CollectionGrant.user_id==user.id).first()
if user.superuser:
admin_collections = DBSession.query(Collection).filter(Collection.active==True).all()
else:
admin_collections = DBSession.query(Collection).join(CollectionGrant).filter(CollectionGrant.user_id==user.id).filter(CollectionGrant.grant_type=='admin').filter(Collection.active==True).all()
admin_collections = [c for c in admin_collections if c.id != collection_id]
return {
'collection' : collection,
'page_assets' : page_assets,
'base_media_url' : Config.BASE_MEDIA_URL,
'user' : user,
'show_admin_link' : has_permission('admin', request.context, request),
'show_asset_checkboxes' : has_permission('admin', request.context, request),
'admin_collections' : admin_collections,
}
开发者ID:drassi,项目名称:damnation,代码行数:33,代码来源:views.py
示例7: list_collections
def list_collections(request):
user = get_user(request)
if user.superuser:
collections = DBSession.query(Collection, func.count(Asset.id)) \
.outerjoin(Asset) \
.group_by(Collection.id) \
.order_by(Collection.name) \
.filter(Collection.active==True) \
.all()
collections = [(collection, count, True) for collection, count in collections]
else:
collections = DBSession.query(Collection, func.count(Asset.id), func.max(CollectionGrant.grant_type)) \
.outerjoin(Asset) \
.group_by(Collection.id) \
.order_by(Collection.name) \
.join(CollectionGrant) \
.filter(CollectionGrant.user_id==user.id) \
.filter(Collection.active==True) \
.all()
collections = [(collection, count, grant_type=='admin') for collection, count, grant_type in collections]
return {
'collections' : collections,
'user' : user,
'show_add_collection_link' : has_permission('admin', request.context, request),
'is_user_admin' : has_permission('admin', request.context, request),
}
开发者ID:drassi,项目名称:damnation,代码行数:26,代码来源:views.py
示例8: admin_menu
def admin_menu(context, request):
admin_settings = {}
site = find_site(context)
settings = request.registry.settings
syslog_view = get_setting(context, 'syslog_view', None)
admin_settings['syslog_view_enabled'] = syslog_view != None
admin_settings['has_logs'] = not not get_setting(context, 'logs_view', None)
admin_settings['redislog'] = asbool(settings.get('redislog', 'False'))
admin_settings['can_administer'] = has_permission('administer', site, request)
admin_settings['can_email'] = has_permission('email', site, request)
statistics_folder = get_setting(context, 'statistics_folder', None)
if statistics_folder is not None and os.path.exists(statistics_folder):
csv_files = [fn for fn in os.listdir(statistics_folder)
if fn.endswith('.csv')]
admin_settings['statistics_view_enabled'] = not not csv_files
else:
admin_settings['statistics_view_enabled'] = False
admin_settings['quarantine_url'] = ('%s/po_quarantine.html' %
request.application_url)
site = find_site(context)
if 'offices' in site:
admin_settings['offices_url'] = resource_url(site['offices'], request)
else:
admin_settings['offices_url'] = None
admin_settings['has_mailin'] = (
get_setting(context, 'zodbconn.uri.postoffice') and
get_setting(context, 'postoffice.queue'))
return admin_settings
开发者ID:mindreframer,项目名称:python-pyramid-stuff,代码行数:28,代码来源:panels.py
示例9: models
def models(self, **kwargs):
"""Models index page"""
request = self.request
models = {}
if isinstance(request.models, list):
for model in request.models:
if has_permission('view', model, request):
key = model.__name__
models[key] = request.fa_url(key, request.format)
else:
for key, obj in request.models.__dict__.iteritems():
if not key.startswith('_'):
if Document is not None:
try:
if issubclass(obj, Document):
if has_permission('view', obj, request):
models[key] = request.fa_url(key, request.format)
continue
except:
pass
try:
class_mapper(obj)
except:
continue
if not isinstance(obj, type):
continue
if has_permission('view', obj, request):
models[key] = request.fa_url(key, request.format)
if kwargs.get('json'):
return models
return self.render(models=models)
开发者ID:bbinet,项目名称:pyramid_formalchemy,代码行数:31,代码来源:views.py
示例10: get_admin_menus
def get_admin_menus(request):
"""
Build the admin menu
"""
menu = Menu()
if has_permission("admin", request.context, request):
href = request.route_path("admin_index")
menu.add_item(u"Configuration", icon="fa fa-cogs", href=href)
documents = DropDown(label=u"Documents")
href = request.route_path("invoices")
documents.add_item(u"Factures", icon="fa fa-file", href=href)
href = request.route_path('expenses')
documents.add_item(u'Notes de frais', icon='fa fa-file-o', href=href)
menu.add(documents)
if has_permission("admin", request.context, request):
treasury = DropDown(label=u"Comptabilité")
href = request.route_path("sage_invoice_export")
treasury.add_item(
u"Export des factures",
icon="fa fa-edit",
href=href
)
href = request.route_path("sage_expense_export")
treasury.add_item(
u"Export des notes de frais",
icon="fa fa-credit-card",
href=href
)
href = request.route_path("admin_treasury_all")
treasury.add_item(
u"Bulletins de salaire",
icon="fa fa-send-o",
href=href
)
menu.add(treasury)
accompagnement = DropDown(label=u"Accompagnement")
href = request.route_path('activities')
accompagnement.add_item(u"Rendez-vous", href=href, icon="fa fa-calendar")
href = request.route_path('workshops')
accompagnement.add_item(u"Ateliers", href=href, icon="fa fa-slideshare")
menu.add(accompagnement)
href = request.route_path('userdatas')
menu.add_item(u"Gestion sociale", href=href, icon="fa fa-users")
href = request.route_path("holidays")
menu.add_item(u"Congés", icon="fa fa-space-shuttle", href=href)
return menu
开发者ID:yledoare,项目名称:autonomie,代码行数:59,代码来源:menu.py
示例11: dyn_ticket_uwiz_update
def dyn_ticket_uwiz_update(params, request):
tid = int(params['ticketid'])
del params['ticketid']
sess = DBSession()
model = ExtModel(Ticket)
ticket = sess.query(Ticket).get(tid)
if ticket is None:
raise KeyError('Invalid ticket ID')
for param in ('tstid', 'toid', 'name', 'descr'):
if param in params:
del params[param]
# TODO: ENTITIES_LIST
if not has_permission('TICKETS_CHANGE_STATE', request.context, request):
if 'ttrid' in params:
del params['ttrid']
if not has_permission('TICKETS_CHANGE_FLAGS', request.context, request):
if 'flags' in params:
del params['flags']
# TODO: USERS_LIST
# TODO: GROUPS_LIST
sess.execute(SetVariable('ticketid', ticket.id))
if 'ttrid' in params:
ttr_id = params['ttrid']
if ttr_id:
ttr_id = int(ttr_id)
trans = sess.query(TicketStateTransition).get(ttr_id)
if trans:
sess.execute(SetVariable('ttrid', trans.id))
trans.apply(ticket)
del params['ttrid']
if 'show_client' in params:
show_cl = params['show_client'].lower()
if show_cl in {'true', '1', 'on'}:
show_cl = True
else:
show_cl = False
del params['show_client']
else:
show_cl = False
sess.execute(SetVariable('show_client', npbool(show_cl)))
if ('comments' in params) and has_permission('TICKETS_COMMENT', request.context, request):
sess.execute(SetVariable('comments', params['comments']))
del params['comments']
else:
sess.execute(SetVariable('comments', None))
model.set_values(ticket, params, request)
sess.flush()
sess.execute(SetVariable('tcid', None))
return {
'success' : True,
'action' : {
'do' : 'close',
'redraw' : []
}
}
开发者ID:hermes-jr,项目名称:npui,代码行数:58,代码来源:views.py
示例12: show_forum_view
def show_forum_view(context, request):
page_title = context.title
api = TemplateAPI(context, request, page_title)
actions = []
if has_permission('create', context, request):
actions.append(('Add Forum Topic', 'add_forum_topic.html'))
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
profiles = find_profiles(context)
karldates = getUtility(IKarlDates)
topic_batch = get_topic_batch(context, request)
topic_entries = topic_batch['entries']
topics = []
for topic in topic_entries:
D = {}
profile = profiles.get(topic.creator)
posted_by = getattr(profile, 'title', None)
date = karldates(topic.created, 'longform')
D['url'] = resource_url(topic, request)
D['title'] = topic.title
D['posted_by'] = posted_by
D['date'] = date
D['number_of_comments'] = len(topic['comments'])
topics.append(D)
# In the intranet side, the backlinks should go to the show_forums
# view (the default)
forums = context.__parent__
backto = {
'href': resource_url(forums, request),
'title': forums.title,
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = "none"
return render_to_response(
'templates/show_forum.pt',
dict(api = api,
actions = actions,
title = context.title,
topics = topics,
batch_info = topic_batch,
backto=backto,
old_layout=layout),
request=request,
)
开发者ID:hj91,项目名称:karl,代码行数:58,代码来源:forum.py
示例13: reference_outline_view
def reference_outline_view(context, request):
# Look for moveUp or moveDown in QUERY_STRING, telling us to
# reorder something
status_message = None
subpath = request.params.get('subpath')
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
user_can_edit = False
actions = []
if has_permission('create', context, request):
addables = get_folder_addables(context, request)
if addables is not None:
actions.extend(addables())
if has_permission('edit', context, request):
user_can_edit = True
actions.append(('Edit', 'edit.html'))
if subpath:
direction = request.params['direction']
status_message = move_subpath(context, subpath, direction)
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider()
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox=get_tags_client_data(context, request),
)
previous, next = get_previous_next(context, request)
api.status_message = status_message
return render_to_response(
'templates/show_referencemanual.pt',
dict(api=api,
actions=actions,
user_can_edit=user_can_edit,
head_data=convert_to_script(client_json_data),
tree=getTree(context, request, api),
backto=backto,
layout=layout,
previous_entry=previous,
next_entry=next),
request=request,
)
开发者ID:lslaz1,项目名称:karl,代码行数:57,代码来源:references.py
示例14: has_permissions
def has_permissions(self, permissions):
""" String or List Allowed """
if isinstance(permissions, list):
for permission in permissions:
if has_permission(permission, self, self.request):
return True
return False
else:
return has_permission(permissions, self, self.request)
开发者ID:polklibrary,项目名称:quizsmith,代码行数:9,代码来源:security.py
示例15: __init__
def __init__(self, context, request, page_title=None):
self.settings = dict(get_settings(context))
self.settings.update(self.config_settings)
self.site = site = find_site(context)
self.context = context
self.request = request
self.userid = authenticated_userid(request)
self.app_url = app_url = request.application_url
self.profile_url = app_url + "/profiles/%s" % self.userid
self.here_url = self.context_url = resource_url(context, request)
self.view_url = resource_url(context, request, request.view_name)
self.read_only = not is_normal_mode(request.registry)
self.static_url = get_static_url(request)
self.resource_devel_mode = is_resource_devel_mode()
self.browser_upgrade_url = request.registry.settings.get("browser_upgrade_url", "")
# this data will be provided for the client javascript
self.karl_client_data = {}
# Provide a setting in the INI to fully control the entire URL
# to the static. This is when the proxy runs a different port
# number, or to "pipeline" resources on a different URL path.
full_static_path = self.settings.get("full_static_path", False)
if full_static_path:
if "%d" in full_static_path:
# XXX XXX note self._start_time is needed... and not _start_time
# XXX XXX since this was a trivial bug, there is chance that
# XXX XXX this actually never runs! TODO testing???
full_static_path = full_static_path % self._start_time
self.static_url = full_static_path
self.page_title = page_title
self.system_name = self.title = self.settings.get("title", "KARL")
self.user_is_admin = "group.KarlAdmin" in effective_principals(request)
self.can_administer = has_permission("administer", site, request)
self.can_email = has_permission("email", site, request)
self.admin_url = resource_url(site, request, "admin.html")
date_format = get_user_date_format(context, request)
self.karl_client_data["date_format"] = date_format
# XXX XXX XXX This will never work from peoples formish templates
# XXX XXX XXX (edit_profile and derivates) because, in those form
# XXX XXX XXX controllers, the api is instantiated from __init__,
# XXX XXX XXX where request.form is still unset!!! (From all other
# XXX XXX XXX formcontrollers the api is instantiated from __call__,
# XXX XXX XXX which is why this works. A chicken-and-egg problem, really.
if hasattr(request, "form") and getattr(request.form, "errors", False):
# This is a failed form submission request, specify an error message
self.error_message = u"Please correct the indicated errors."
self.site_announcements = getattr(self.site, "site_announcements", [])
profiles = find_profiles(self.site)
profile = profiles is not None and profiles.get(self.userid, None) or None
self.unseen_site_announcements = []
if profile is not None and hasattr(profile, "_seen_announcements") and hasattr(site, "site_announcements"):
for item in site.site_announcements:
if item["hash"] not in profile._seen_announcements:
self.unseen_site_announcements.append(item)
开发者ID:lslaz1,项目名称:karl,代码行数:56,代码来源:api.py
示例16: show_newsitem_view
def show_newsitem_view(context, request):
backto = {
'href': resource_url(context.__parent__, request),
'title': context.__parent__.title,
}
actions = []
if has_permission('edit', context, request):
actions.append(('Edit', 'edit.html'))
if has_permission('delete', context, request):
actions.append(('Delete', 'delete.html'))
if has_permission('administer', context, request):
actions.append(('Advanced', 'advanced.html'))
page_title = context.title
api = TemplateAPI(context, request, page_title)
previous, next = get_previous_next(context, request)
# provide client data for rendering current tags in the tagbox
client_json_data = dict(
tagbox = get_tags_client_data(context, request),
)
# Display photo
photo = context.get('photo')
if photo is not None:
photo = {
"url": thumb_url(photo, request, PHOTO_DISPLAY_SIZE),
}
# Get a layout
layout_provider = get_layout_provider(context, request)
layout = layout_provider('generic')
ux2_layout = request.layout_manager.layout
ux2_layout.section_style = None
return render_to_response(
'templates/show_newsitem.pt',
dict(api=api,
actions=actions,
attachments=fetch_attachments(context['attachments'], request),
formfields=api.formfields,
head_data=convert_to_script(client_json_data),
backto=backto,
previous=previous,
next=next,
old_layout=layout,
photo=photo),
request=request,
)
开发者ID:mindreframer,项目名称:python-pyramid-stuff,代码行数:52,代码来源:newsitem.py
示例17: GetSaleItems
def GetSaleItems(request):
print "SaleItems requested!"
can_create = False
try:
items = DBSession().query(SaleItem).all()
except DBAPIError:
return Response(conn_err_msg, content_type='text/plain', status_int=500)
print has_permission("create_items", request.context, request)
if (isinstance(has_permission("create_items", request.context, request),ACLAllowed)):
print "Can create new items: true"
can_create = True
return {"items" : items, "can_create": can_create}
开发者ID:amente,项目名称:posweb,代码行数:13,代码来源:SaleItem.py
示例18: get_profile_actions
def get_profile_actions(profile, request):
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', 'admin_edit_profile.html'))
elif same_user:
actions.append(('Edit', 'edit_profile.html'))
if same_user:
actions.append(('Manage Communities', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', 'advanced.html'))
return actions
开发者ID:claytron,项目名称:karl,代码行数:13,代码来源:people.py
示例19: users_manager
def users_manager(request):
if not security.has_permission('admin', request.context, request):
raise exc.HTTPForbidden()
session = DBSession()
users = session.query(User).options(joinedload('person')).all()
session.close()
return {
'title': u'Управление пользователями',
'users': users,
'is_auth': security.authenticated_userid(request),
'is_admin': security.has_permission('admin', request.context, request)
}
开发者ID:nextgis,项目名称:nextgisbio,代码行数:14,代码来源:views.py
示例20: get_profile_actions
def get_profile_actions(profile, request):
profile_url = request.resource_url(profile)
actions = []
same_user = (authenticated_userid(request) == profile.__name__)
if has_permission('administer', profile, request):
actions.append(('Edit', '%sadmin_edit_profile.html' % profile_url))
elif same_user:
actions.append(('Edit', '%sedit_profile.html' % profile_url))
if same_user:
actions.append(('Community Alerts and Memberships', 'manage_communities.html'))
actions.append(('Manage Tags', 'manage_tags.html'))
if has_permission('administer', profile, request):
actions.append(('Advanced', '%sadvanced.html' % profile_url))
return actions
开发者ID:lslaz1,项目名称:karl,代码行数:14,代码来源:people.py
注:本文中的pyramid.security.has_permission函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论