Back to index

plone3  3.1.7
Public Member Functions | Public Attributes | Static Public Attributes | Private Attributes
PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager Class Reference
Inheritance diagram for PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager:
Inheritance graph
[legend]
Collaboration diagram for PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def __init__
def manage_afterAdd
def getRolesForPrincipal
def enumerateRoles
def doAssignRoleToPrincipal
def doRemoveRoleFromPrincipal
def listRoleIds
def listRoleInfo
def getRoleInfo
def addRole
def updateRole
def removeRole
def listAvailablePrincipals
def listAssignedPrincipals
def assignRoleToPrincipal
def removeRoleFromPrincipal
def manage_addRole
def manage_updateRole
def manage_removeRoles
def manage_assignRoleToPrincipals
def manage_removeRoleFromPrincipals

Public Attributes

 id
 title

Static Public Attributes

string meta_type = 'ZODB Role Manager'
tuple security = ClassSecurityInfo()
tuple removeRole = postonly(removeRole)
tuple assignRoleToPrincipal = postonly(assignRoleToPrincipal)
tuple removeRoleFromPrincipal = postonly(removeRoleFromPrincipal)
tuple manage_options
tuple manage_roles
tuple manage_twoLists
tuple manage_removeRoles = postonly(manage_removeRoles)
tuple manage_assignRoleToPrincipals = postonly(manage_assignRoleToPrincipals)
tuple manage_removeRoleFromPrincipals = postonly(manage_removeRoleFromPrincipals)

Private Attributes

 _id
 _roles
 _principal_roles

Detailed Description

PAS plugin for managing roles in the ZODB.

Definition at line 60 of file ZODBRoleManager.py.


Constructor & Destructor Documentation

Definition at line 68 of file ZODBRoleManager.py.

00068 
00069     def __init__(self, id, title=None):
00070 
00071         self._id = self.id = id
00072         self.title = title
00073 
00074         self._roles = OOBTree()
00075         self._principal_roles = OOBTree()


Member Function Documentation

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.addRole (   self,
  role_id,
  title = '',
  description = '' 
)
Add 'role_id' to the list of roles managed by this object.

o Raise KeyError on duplicate.

Definition at line 191 of file ZODBRoleManager.py.

00191 
00192     def addRole( self, role_id, title='', description='' ):
00193 
00194         """ Add 'role_id' to the list of roles managed by this object.
00195 
00196         o Raise KeyError on duplicate.
00197         """
00198         if self._roles.get( role_id ) is not None:
00199             raise KeyError, 'Duplicate role: %s' % role_id
00200 
00201         self._roles[ role_id ] = { 'id' : role_id
00202                                  , 'title' : title
00203                                  , 'description' : description
00204                                  }

Here is the caller graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.assignRoleToPrincipal (   self,
  role_id,
  principal_id,
  REQUEST = None 
)
Assign a role to a principal (user or group).

o Return a boolean indicating whether a new assignment was created.

o Raise KeyError if 'role_id' is unknown.

Definition at line 284 of file ZODBRoleManager.py.

00284 
00285     def assignRoleToPrincipal( self, role_id, principal_id, REQUEST=None ):
00286 
00287         """ Assign a role to a principal (user or group).
00288 
00289         o Return a boolean indicating whether a new assignment was created.
00290 
00291         o Raise KeyError if 'role_id' is unknown.
00292         """
00293         role_info = self._roles[ role_id ] # raise KeyError if unknown!
00294 
00295         current = self._principal_roles.get( principal_id, () )
00296         already = role_id in current
00297 
00298         if not already:
00299             new = current + ( role_id, )
00300             self._principal_roles[ principal_id ] = new
00301 
        return not already

Definition at line 159 of file ZODBRoleManager.py.

00159 
00160     def doAssignRoleToPrincipal( self, principal_id, role ):
00161         return self.assignRoleToPrincipal( role, principal_id )

Definition at line 163 of file ZODBRoleManager.py.

00163 
00164     def doRemoveRoleFromPrincipal( self, principal_id, role ):
00165         return self.removeRoleFromPrincipal( role, principal_id )

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.enumerateRoles (   self,
  id = None,
  exact_match = False,
  sort_by = None,
  max_results = None,
  kw 
)
See IRoleEnumerationPlugin.

Definition at line 115 of file ZODBRoleManager.py.

00115 
00116                       ):
00117 
00118         """ See IRoleEnumerationPlugin.
00119         """
00120         role_info = []
00121         role_ids = []
00122         plugin_id = self.getId()
00123 
00124         if isinstance( id, str ):
00125             id = [ id ]
00126 
00127         if exact_match and ( id ):
00128             role_ids.extend( id )
00129 
00130         if role_ids:
00131             role_filter = None
00132 
00133         else:   # Searching
00134             role_ids = self.listRoleIds()
00135             role_filter = _ZODBRoleFilter( id, **kw )
00136 
00137         for role_id in role_ids:
00138 
00139             if self._roles.get( role_id ):
00140                 e_url = '%s/manage_roles' % self.getId()
00141                 p_qs = 'role_id=%s' % role_id
00142                 m_qs = 'role_id=%s&assign=1' % role_id
00143 
00144                 info = {}
00145                 info.update( self._roles[ role_id ] )
00146 
00147                 info[ 'pluginid' ] = plugin_id
00148                 info[ 'properties_url'  ] = '%s?%s' % (e_url, p_qs)
00149                 info[ 'members_url'  ] = '%s?%s' % (e_url, m_qs)
00150 
00151                 if not role_filter or role_filter( info ):
00152                     role_info.append( info )
00153 
00154         return tuple( role_info )

Here is the caller graph for this function:

Return a role mapping.

Definition at line 184 of file ZODBRoleManager.py.

00184 
00185     def getRoleInfo( self, role_id ):
00186 
00187         """ Return a role mapping.
00188         """
00189         return self._roles[ role_id ]

See IRolesPlugin.

Definition at line 94 of file ZODBRoleManager.py.

00094 
00095     def getRolesForPrincipal( self, principal, request=None ):
00096 
00097         """ See IRolesPlugin.
00098         """
00099         result = list( self._principal_roles.get( principal.getId(), () ) )
00100 
00101         getGroups = getattr( principal, 'getGroups', lambda x: () )
00102         for group_id in getGroups():
00103             result.extend( self._principal_roles.get( group_id, () ) )
00104 
00105         return tuple( result )

Here is the call graph for this function:

Return a list of principal IDs to whom a role is assigned.

Definition at line 262 of file ZODBRoleManager.py.

00262 
00263     def listAssignedPrincipals( self, role_id ):
00264 
00265         """ Return a list of principal IDs to whom a role is assigned.
00266         """
00267         result = []
00268 
00269         for k, v in self._principal_roles.items():
00270             if role_id in v:
00271                 # should be at most one and only one mapping to 'k'
00272 
00273                 parent = aq_parent( self )
00274                 info = parent.searchPrincipals( id=k, exact_match=True )
00275                 assert( len( info ) in ( 0, 1 ) )
00276                 if len( info ) == 0:
00277                     title = '<%s: not found>' % k
00278                 else:
00279                     title = info[0].get( 'title', k )
00280                 result.append( ( k, title ) )
00281 
00282         return result

Here is the call graph for this function:

Return a list of principal IDs to whom a role can be assigned.

o If supplied, 'search_id' constrains the principal IDs;  if not,
  return empty list.

o Omit principals with existing assignments.

Definition at line 233 of file ZODBRoleManager.py.

00233 
00234     def listAvailablePrincipals( self, role_id, search_id ):
00235 
00236         """ Return a list of principal IDs to whom a role can be assigned.
00237 
00238         o If supplied, 'search_id' constrains the principal IDs;  if not,
00239           return empty list.
00240 
00241         o Omit principals with existing assignments.
00242         """
00243         result = []
00244 
00245         if search_id:  # don't bother searching if no criteria
00246 
00247             parent = aq_parent( self )
00248 
00249             for info in parent.searchPrincipals( max_results=20
00250                                                , sort_by='id'
00251                                                , id=search_id
00252                                                , exact_match=False
00253                                                ):
00254                 id = info[ 'id' ]
00255                 title = info.get( 'title', id )
00256                 if ( role_id not in self._principal_roles.get( id, () )
00257                  and role_id != id ):
00258                     result.append( ( id, title ) )
00259 
00260         return result

Return a list of the role IDs managed by this object.

Definition at line 170 of file ZODBRoleManager.py.

00170 
00171     def listRoleIds( self ):
00172 
00173         """ Return a list of the role IDs managed by this object.
00174         """
00175         return self._roles.keys()

Here is the caller graph for this function:

Return a list of the role mappings.

Definition at line 177 of file ZODBRoleManager.py.

00177 
00178     def listRoleInfo( self ):
00179 
00180         """ Return a list of the role mappings.
00181         """
00182         return self._roles.values()

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.manage_addRole (   self,
  role_id,
  title,
  description,
  RESPONSE 
)
Add a role via the ZMI.

Definition at line 356 of file ZODBRoleManager.py.

00356 
00357                       ):
00358         """ Add a role via the ZMI.
00359         """
00360         self.addRole( role_id, title, description )
00361 
00362         message = 'Role+added'
00363 
00364         RESPONSE.redirect( '%s/manage_roles?manage_tabs_message=%s'
00365                          % ( self.absolute_url(), message )
00366                          )

Here is the call graph for this function:

Definition at line 76 of file ZODBRoleManager.py.

00076 
00077     def manage_afterAdd( self, item, container ):
00078 
00079         if item is self:
00080             role_holder = aq_parent( aq_inner( container ) )
00081             for role in getattr( role_holder, '__ac_roles__', () ):
00082                 try:
00083                     if role not in ('Anonymous', 'Authenticated'):
00084                         self.addRole( role )
00085                 except KeyError:
00086                     pass
00087 
00088         if 'Manager' not in self._roles:
00089             self.addRole( 'Manager' )

Here is the call graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.manage_assignRoleToPrincipals (   self,
  role_id,
  principal_ids,
  RESPONSE,
  REQUEST = None 
)
Assign a role to one or more principals via the ZMI.

Definition at line 415 of file ZODBRoleManager.py.

00415 
00416                                      ):
00417         """ Assign a role to one or more principals via the ZMI.
00418         """
00419         assigned = []
00420 
00421         for principal_id in principal_ids:
00422             if self.assignRoleToPrincipal( role_id, principal_id ):
00423                 assigned.append( principal_id )
00424 
00425         if not assigned:
00426             message = 'Role+%s+already+assigned+to+all+principals' % role_id
00427         else:
00428             message = 'Role+%s+assigned+to+%s' % ( role_id
00429                                                  , '+'.join( assigned )
00430                                                  )
00431 
00432         RESPONSE.redirect( ( '%s/manage_roles?role_id=%s&assign=1'
00433                            + '&manage_tabs_message=%s'
00434                            ) % ( self.absolute_url(), role_id, message )
                         )

Here is the call graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.manage_removeRoleFromPrincipals (   self,
  role_id,
  principal_ids,
  RESPONSE,
  REQUEST = None 
)
Remove a role from one or more principals via the ZMI.

Definition at line 443 of file ZODBRoleManager.py.

00443 
00444                                        ):
00445         """ Remove a role from one or more principals via the ZMI.
00446         """
00447         removed = []
00448 
00449         for principal_id in principal_ids:
00450             if self.removeRoleFromPrincipal( role_id, principal_id ):
00451                 removed.append( principal_id )
00452 
00453         if not removed:
00454             message = 'Role+%s+alread+removed+from+all+principals' % role_id
00455         else:
00456             message = 'Role+%s+removed+from+%s' % ( role_id
00457                                                   , '+'.join( removed )
00458                                                   )
00459 
00460         RESPONSE.redirect( ( '%s/manage_roles?role_id=%s&assign=1'
00461                            + '&manage_tabs_message=%s'
00462                            ) % ( self.absolute_url(), role_id, message )
                         )

Here is the call graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.manage_removeRoles (   self,
  role_ids,
  RESPONSE,
  REQUEST = None 
)
Remove one or more roles via the ZMI.

Definition at line 389 of file ZODBRoleManager.py.

00389 
00390                           ):
00391         """ Remove one or more roles via the ZMI.
00392         """
00393         role_ids = filter( None, role_ids )
00394 
00395         if not role_ids:
00396             message = 'no+roles+selected'
00397 
00398         else:
00399 
00400             for role_id in role_ids:
00401                 self.removeRole( role_id )
00402 
00403             message = 'Roles+removed'
00404 
00405         RESPONSE.redirect( '%s/manage_roles?manage_tabs_message=%s'
00406                          % ( self.absolute_url(), message )
                         )

Here is the call graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.manage_updateRole (   self,
  role_id,
  title,
  description,
  RESPONSE 
)
Update a role via the ZMI.

Definition at line 373 of file ZODBRoleManager.py.

00373 
00374                          ):
00375         """ Update a role via the ZMI.
00376         """
00377         self.updateRole( role_id, title, description )
00378 
00379         message = 'Role+updated'
00380 
00381         RESPONSE.redirect( '%s/manage_roles?role_id=%s&manage_tabs_message=%s'
00382                          % ( self.absolute_url(), role_id, message )
00383                          )

Here is the call graph for this function:

Here is the caller graph for this function:

def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.removeRole (   self,
  role_id,
  REQUEST = None 
)
Remove 'role_id' from the list of roles managed by this object.

o Raise KeyError if not found.

Definition at line 217 of file ZODBRoleManager.py.

00217 
00218     def removeRole( self, role_id, REQUEST=None ):
00219 
00220         """ Remove 'role_id' from the list of roles managed by this object.
00221 
00222         o Raise KeyError if not found.
00223         """
00224         for principal_id in self._principal_roles.keys():
00225             self.removeRoleFromPrincipal( role_id, principal_id )
00226 
        del self._roles[ role_id ]
def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.removeRoleFromPrincipal (   self,
  role_id,
  principal_id,
  REQUEST = None 
)
Remove a role from a principal (user or group).

o Return a boolean indicating whether the role was already present.

o Raise KeyError if 'role_id' is unknown.

o Ignore requests to remove a role not already assigned to the
  principal.

Definition at line 305 of file ZODBRoleManager.py.

00305 
00306     def removeRoleFromPrincipal( self, role_id, principal_id, REQUEST=None ):
00307 
00308         """ Remove a role from a principal (user or group).
00309 
00310         o Return a boolean indicating whether the role was already present.
00311 
00312         o Raise KeyError if 'role_id' is unknown.
00313 
00314         o Ignore requests to remove a role not already assigned to the
00315           principal.
00316         """
00317         role_info = self._roles[ role_id ] # raise KeyError if unknown!
00318 
00319         current = self._principal_roles.get( principal_id, () )
00320         new = tuple( [ x for x in current if x != role_id ] )
00321         already = current != new
00322 
00323         if already:
00324             self._principal_roles[ principal_id ] = new
00325 
        return already
def PluggableAuthService.plugins.ZODBRoleManager.ZODBRoleManager.updateRole (   self,
  role_id,
  title,
  description 
)
Update title and description for the role.

o Raise KeyError if not found.

Definition at line 206 of file ZODBRoleManager.py.

00206 
00207     def updateRole( self, role_id, title, description ):
00208 
00209         """ Update title and description for the role.
00210 
00211         o Raise KeyError if not found.
00212         """
00213         self._roles[ role_id ].update( { 'title' : title
00214                                        , 'description' : description
00215                                        } )

Here is the caller graph for this function:


Member Data Documentation

Definition at line 70 of file ZODBRoleManager.py.

Definition at line 74 of file ZODBRoleManager.py.

Definition at line 73 of file ZODBRoleManager.py.

Definition at line 302 of file ZODBRoleManager.py.

Definition at line 70 of file ZODBRoleManager.py.

Definition at line 435 of file ZODBRoleManager.py.

Initial value:
( ( { 'label': 'Roles', 
                           'action': 'manage_roles', }
                         ,
                       )
                     + BasePlugin.manage_options
                     )

Definition at line 331 of file ZODBRoleManager.py.

Definition at line 463 of file ZODBRoleManager.py.

Definition at line 407 of file ZODBRoleManager.py.

Initial value:
PageTemplateFile( 'www/zrRoles'
                                   , globals()
                                   , __name__='manage_roles'
                                   )

Definition at line 339 of file ZODBRoleManager.py.

Initial value:
PageTemplateFile( '../www/two_lists'
                                      , globals()
                                      , __name__='manage_twoLists'
                                      )

Definition at line 345 of file ZODBRoleManager.py.

Definition at line 64 of file ZODBRoleManager.py.

Definition at line 227 of file ZODBRoleManager.py.

Definition at line 326 of file ZODBRoleManager.py.

Definition at line 66 of file ZODBRoleManager.py.

Definition at line 71 of file ZODBRoleManager.py.


The documentation for this class was generated from the following file: