Back to index

plone3  3.1.7
checker.py
Go to the documentation of this file.
00001 from zope.interface import implements
00002 from zope.component import adapts
00003 
00004 from plone.portlets.interfaces import IPortletAssignmentMapping
00005 
00006 from plone.app.portlets.interfaces import IUserPortletAssignmentMapping
00007 from plone.app.portlets.interfaces import IPortletPermissionChecker
00008 
00009 from AccessControl import getSecurityManager, Unauthorized
00010 from Acquisition import aq_inner
00011 
00012 class DefaultPortletPermissionChecker(object):
00013     implements(IPortletPermissionChecker)
00014     adapts(IPortletAssignmentMapping)
00015     
00016     def __init__(self, context):
00017         self.context = context
00018     
00019     def __call__(self):
00020         sm = getSecurityManager()
00021         context = aq_inner(self.context)
00022 
00023         # If the user has the global Manage Portlets permission, let them
00024         # run wild
00025         if not sm.checkPermission("Portlets: Manage portlets", context):
00026             raise Unauthorized("You are not allowed to manage portlets")
00027             
00028 class UserPortletPermissionChecker(object):
00029     implements(IPortletPermissionChecker)
00030     adapts(IUserPortletAssignmentMapping)
00031     
00032     def __init__(self, context):
00033         self.context = context
00034     
00035     def __call__(self):
00036         sm = getSecurityManager()
00037         context = aq_inner(self.context)
00038 
00039         # If the user has the global Manage Portlets permission, let them
00040         # run wild
00041         if not sm.checkPermission("Portlets: Manage own portlets", context):
00042             raise Unauthorized("You are not allowed to manage portlets")
00043             
00044         user_id = sm.getUser().getId()
00045         
00046         if context.__name__ != user_id:
00047             raise Unauthorized("You are only allowed to manage your own portlets")