rattail/appypod-rattail
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[gen] When raising Unauthorized, give more explanations.

Browse source
This commit is contained in:
Gaetan Delannay 2012-06-21 11:31:27 +02:00
parent 188fdc9761
commit b680a5ddcb
2 changed files with 12 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

17
gen/__init__.py
View file

@ -1993,33 +1993,36 @@ class Ref(Type):
def mayAdd(self, obj): def mayAdd(self, obj):
'''May the user create a new referred object from p_obj via this Ref?''' '''May the user create a new referred object from p_obj via this Ref?'''
# We can't (yet) do that on back references. # We can't (yet) do that on back references.
if self.isBack: return if self.isBack: return No('is_back')
# Check if this Ref is addable # Check if this Ref is addable
if callable(self.add): if callable(self.add):
add = self.callMethod(obj, self.add) add = self.callMethod(obj, self.add)
else: else:
add = self.add add = self.add
if not add: return if not add: return No('no_add')
# Have we reached the maximum number of referred elements? # Have we reached the maximum number of referred elements?
if self.multiplicity[1] != None: if self.multiplicity[1] != None:
refCount = len(getattr(obj, self.name, ())) refCount = len(getattr(obj, self.name, ()))
if refCount >= self.multiplicity[1]: return if refCount >= self.multiplicity[1]: return No('max_reached')
# May the user edit this Ref field? # May the user edit this Ref field?
if not obj.allows(self.writePermission): return if not obj.allows(self.writePermission): return No('no_write_perm')
# Have the user the correct add permission? # Have the user the correct add permission?
tool = obj.getTool() tool = obj.getTool()
addPermission = '%s: Add %s' % (tool.getAppName(), addPermission = '%s: Add %s' % (tool.getAppName(),
tool.getPortalType(self.klass)) tool.getPortalType(self.klass))
folder = obj.getCreateFolder() folder = obj.getCreateFolder()
if not obj.getUser().has_permission(addPermission, folder): return if not obj.getUser().has_permission(addPermission, folder):
return No('no_add_perm')
return True return True
def checkAdd(self, obj): def checkAdd(self, obj):
'''Compute m_mayAdd above, and raise an Unauthorized exception if '''Compute m_mayAdd above, and raise an Unauthorized exception if
m_mayAdd returns False.''' m_mayAdd returns False.'''
if not self.mayAdd(obj): may = self.mayAdd(obj)
if not may:
from AccessControl import Unauthorized from AccessControl import Unauthorized
raise Unauthorized("User can't write Ref field '%s'." % self.name) raise Unauthorized("User can't write Ref field '%s' (%s)." % \
(self.name, may.msg))
class Computed(Type): class Computed(Type):
def __init__(self, validator=None, multiplicity=(0,1), index=None, def __init__(self, validator=None, multiplicity=(0,1), index=None,

4
gen/ui/appy.css
View file

@ -102,8 +102,8 @@ img { border: 0; vertical-align: middle}
.section2 { font-size: 110%; font-style: italic; margin: 0.45em 0em 0.2em 0; .section2 { font-size: 110%; font-style: italic; margin: 0.45em 0em 0.2em 0;
border-bottom: 2px solid grey; } border-bottom: 2px solid grey; }
.section3 { font-size: 100%; font-style: italic; font-weight: bold; .section3 { font-size: 100%; font-style: italic; font-weight: bold;
margin: 0.45em 0em 0.1em 0; background-color: #F4F5F6; margin: 0.45em 0em 0.1em 0; background-color: #95a1b3;
text-align: center; color: grey; } text-align: center; color: white; }
.odd { background-color: white; } .odd { background-color: white; }
.even { background-color: #F4F5F6; } .even { background-color: #F4F5F6; }
.summary {margin-bottom: 5px;} .summary {margin-bottom: 5px;}