[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/Grants/Views/Browser - RolePermissionView.py:1.3 configure.zcml:1.3 manage_access.pt:1.5 manage_permissionForm.pt:1.2 manage_roleForm.pt:1.2

Florent Guillaume fg@nuxeo.com
Tue, 25 Jun 2002 06:30:25 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/Grants/Views/Browser
In directory cvs.zope.org:/tmp/cvs-serv18043

Modified Files:
	RolePermissionView.py configure.zcml manage_access.pt 
	manage_permissionForm.pt manage_roleForm.pt 
Log Message:
Fix RolePermissions and PermissionRoles views. Split and fix tests.

The Role/Permission management screen should now be useable (if
not pretty).


=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/RolePermissionView.py 1.2 => 1.3 ===
         return permissions
 
-    def availableSettings(self):
-        return [{'id': Unset.getName(), 'title': ' '},
-                {'id': Allow.getName(), 'title': '+'},
-                {'id': Deny.getName(), 'title': '-'},
+    def availableSettings(self, noacquire=0):
+        aq = {'id': Unset.getName(), 'shorttitle': ' ', 'title': 'Acquire'}
+        rest = [{'id': Allow.getName(), 'shorttitle': '+', 'title': 'Allow'},
+                {'id': Deny.getName(), 'shorttitle': '-', 'title': 'Deny'},
                 ]
+        if noacquire:
+            return rest
+        else:
+            return [aq]+rest
 
     def permissionRoles(self):
         context = self.context
@@ -100,33 +104,46 @@
                 )
 
     def update_permission(self, REQUEST, permission_id,
-                          roles=(), testing=None):
+                          settings=(), testing=None):
         prm = getAdapter(self.context, IRolePermissionManager)
-
-        for ir in [r.getId() for r in self.roles()]:
-            if ir in roles:
-                prm.grantPermissionToRole(permission_id, ir)
+        roles = self.roles()
+        rperm = permission_id
+        for ir in range(len(roles)):
+            rrole = roles[ir].getId()
+            setting = settings[ir]
+            if setting == Unset.getName():
+                prm.unsetPermissionFromRole(rperm, rrole)
+            elif setting == Allow.getName():
+                prm.grantPermissionToRole(rperm, rrole)
+            elif setting == Deny.getName():
+                prm.denyPermissionToRole(rperm, rrole)
             else:
-                prm.unsetPermissionFromRole(permission_id, ir)
+                raise ValueError("Incorrect setting: %s" % setting)
+
         if not testing:
             return self.index(REQUEST,
                               message="Settings changed at %s"
                                   % time.ctime(time.time())
                               )
 
-    def update_role(self, REQUEST, role_id,
-                    permissions=(), testing=None):
+    def update_role(self, REQUEST, role_id, testing=None):
         prm = getAdapter(self.context, IRolePermissionManager)
-
-        for ip in [p.getId() for p in self.permissions()]:
-            if ip in permissions:
-                prm.grantPermissionToRole(ip, role_id)
+        allowed = REQUEST.get(Allow.getName(), ())
+        denied = REQUEST.get(Deny.getName(), ())
+        for permission in self.permissions():
+            rperm = permission.getId()
+            if rperm in allowed and rperm in denied:
+                raise ValueError("Incorrect setting for %s" % rperm)
+            if rperm in allowed:
+                prm.grantPermissionToRole(rperm, role_id)
+            elif rperm in denied:
+                prm.denyPermissionToRole(rperm, role_id)
             else:
-                prm.unsetPermissionFromRole(ip, role_id)
+                prm.unsetPermissionFromRole(rperm, role_id)
+
         if not testing:
             return self.index(REQUEST,
                               message="Settings changed at %s"
                                   % time.ctime(time.time())
-                              )        
-        
-    
+                              )
+


=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/configure.zcml 1.2 => 1.3 ===
 
 <!-- Role-Permission management view -->
-  
+
   <browser:view for="Zope.App.OFS.Annotation.IAnnotatable."
                 permission="Zope.Security"
                 factory=".RolePermissionView.">
 
-    <browser:page name="AllRolePermissions.html" 
+    <browser:page name="AllRolePermissions.html"
                   attribute="index" />
-    <browser:page name="ChangeAllRolePermissions.html" 
+    <browser:page name="ChangeAllRolePermissions.html"
                   attribute="action" />
-    <browser:page name="RolePermissions.html" 
-                  attribute="manage_RoleForm" />
-    <browser:page name="ChangeRolePermissions.html" 
+    <browser:page name="RolePermissions.html"
+                  attribute="manage_roleForm" />
+    <browser:page name="ChangeRolePermissions.html"
                   attribute="update_role" />
-    <browser:page name="RolesWithPermission.html" 
+    <browser:page name="RolesWithPermission.html"
                   attribute="manage_permissionForm" />
-    <browser:page name="ChangeRolesWithPermission.html" 
+    <browser:page name="ChangeRolesWithPermission.html"
                   attribute="update_permission" />
   </browser:view>
 
@@ -35,5 +35,5 @@
       name="PrincipalPermissionsManagement"
       for="Zope.App.OFS.Annotation.IAnnotatable."
       factory=".PrincipalPermissionView." />
-  
+
 </zopeConfigure>


=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/manage_access.pt 1.4 => 1.5 ===
   <td align="center" tal:repeat="role view/roles">
     <div class="list-item">
-      <a href="manage_roleForm.pt"
+      <a href="RolePermissions.html"
         tal:attributes="
-        href string:manage_roleForm?role_to_manage=${role/getId}" 
+        href string:RolePermissions.html?role_to_manage=${role/getId}" 
         tal:content="role/getTitle">Anonymous</a>
       <input type="hidden" name="r0" value=""
         tal:attributes="
@@ -226,10 +226,9 @@
     >
   <td align="left" nowrap>
     <div class="list-item">
-       <a
-       href="manage_permissionForm.pt"
+       <a href="RolesWithPermission.html"
        tal:attributes="
-         href string:manage_permissionForm?permission_to_manage=${perm/getId}"
+         href string:RolesWithPermission.html?permission_to_manage=${perm/getId}"
        tal:content="perm/getTitle"
        >Access Transient Objects</a>
        <input type="hidden" name="r0" value=""
@@ -245,7 +244,7 @@
            tal:repeat="option view/availableSettings"
            tal:attributes="value option/id;
                            selected python:setting == option['id']"
-           tal:content="option/title">+</option>
+           tal:content="option/shorttitle">+</option>
     </select>
   </td>
 </tr>


=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/manage_permissionForm.pt 1.1 => 1.2 ===
 <head>
-<style metal:fill-slot="headers" type="text/css" ></style>
+<style metal:fill-slot="headers" type="text/css">
+<!--
+.row-normal {
+  background-color: #ffffff;
+  border: none;
+}
+
+.row-hilite {
+  background-color: #efefef;
+  border: none;
+}
+-->
+</style>
 </head>
 <body bgcolor="#ffffff" link="#000099" alink="#000099" vlink="#000099">
 <div metal:fill-slot="body">
@@ -16,17 +28,45 @@
 </p>
 
 
-<form action="update_permission" method="post">
+<form action="ChangeRolesWithPermission.html" method="post">
 <input type="hidden" name="permission_id" value="Permission Name"
     tal:attributes="value perm/getId" />
 <div class="form-element">
-<select name="roles:list" multiple size="10">
-<option tal:repeat="role perm/rolesInfo"
-        tal:content="role/title"
-        tal:attributes="selected role/checked;
-                        value role/id"
-        >Sample</option>
-</select>
+
+<table width="100%" cellspacing="0" cellpadding="2" border="0" nowrap>
+<tr class="list-header">
+  <td align="left" valign="top">
+    <div class="form-label">
+      <strong>Role</strong>
+    </div>
+  </td>
+  <td align="left">
+    <div class="form-label">
+      <strong>Setting</strong>
+    </div>
+  </td>
+</tr>
+
+<tr class="row-normal"
+    tal:repeat="setting perm/roleSettings"
+    tal:attributes="class python:path('repeat/setting/even') and 'row-normal' or 'row-hilite'">
+  <td align="left" valign="top"
+      tal:define="ir repeat/setting/index"
+      tal:content="python:path('view/roles')[ir].getId()">
+    Manager
+  </td>
+  <td>
+    <select name="settings:list">
+        <option value="Unset"
+           tal:repeat="option view/availableSettings"
+           tal:attributes="value option/id;
+                           selected python:setting == option['id']"
+           tal:content="option/shorttitle">+</option>
+    </select>
+  </td>
+</tr>
+</table>
+
 </div>
 
 <div class="form-element">


=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/manage_roleForm.pt 1.1 => 1.2 ===
 
 
-<form action="update_role" method="get">
+<form action="ChangeRolePermissions.html" method="get">
 <input type="hidden" name="role_id" value="Role ID"
     tal:attributes="value role/getId" />
-<div class="form-element">
-<select name="permissions:list" multiple size="20">
-<option tal:repeat="permission role/permissionsInfo"
-        tal:content="permission/title"
-        tal:attributes="selected permission/checked;
-                        value permission/id"
-        >Sample Permission</option>
-</select>
-</div>
+
+<table width="100%" cellspacing="0" cellpadding="2" border="0" nowrap
+       tal:define="availableSettings python:view.availableSettings(noacquire=1)">
+<tr class="list-header">
+  <td align="left" valign="top"
+      tal:repeat="setting availableSettings">
+    <div class="form-label">
+      <strong tal:content="setting/title">Allow</strong>
+    </div>
+  </td>
+</tr>
+
+<tr>
+  <td align="left" valign="top"
+      tal:repeat="settinginfo availableSettings">
+    <div class="form-element">
+      <select name="Unset:list" multiple size="20"
+              tal:define="setting settinginfo/id"
+              tal:attributes="name string:${setting}:list">
+      <option tal:repeat="permissioninfo role/permissionsInfo"
+              tal:content="permissioninfo/title"
+              tal:attributes="selected python:path('permissioninfo/setting') == setting;
+                              value permissioninfo/id"
+              >Sample Permission</option>
+      </select>
+    </div>
+  </td>
+</tr>
+</table>
 
 <div class="form-element">
 <input class="form-element" type="submit" name="submit" value="Save Changes" />