Overhaul how available permissions are registered in app config.
Permissions must now be regsistered just like routes and views. This should make things much nicer going forward.
This commit is contained in:
Lance Edgar
parent
412ac6e12f
commit
9cfbc918e7
4 changed files with 76 additions and 30 deletions
|
|
@ -441,28 +441,42 @@ class MasterView(View):
|
|||
url_prefix = cls.get_url_prefix()
|
||||
permission_prefix = cls.get_permission_prefix()
|
||||
model_key = cls.get_model_key()
|
||||
model_title = cls.get_model_title()
|
||||
model_title_plural = cls.get_model_title_plural()
|
||||
|
||||
config.add_tailbone_permission_group(permission_prefix, model_title_plural)
|
||||
|
||||
# list/search
|
||||
config.add_route(route_prefix, '{0}/'.format(url_prefix))
|
||||
config.add_view(cls, attr='index', route_name=route_prefix,
|
||||
permission='{0}.list'.format(permission_prefix))
|
||||
config.add_tailbone_permission(permission_prefix, '{0}.list'.format(permission_prefix),
|
||||
"List/Search {0}".format(model_title_plural))
|
||||
|
||||
# create
|
||||
config.add_route('{0}.create'.format(route_prefix), '{0}/new'.format(url_prefix))
|
||||
config.add_view(cls, attr='create', route_name='{0}.create'.format(route_prefix),
|
||||
permission='{0}.create'.format(permission_prefix))
|
||||
config.add_tailbone_permission(permission_prefix, '{0}.create'.format(permission_prefix),
|
||||
"Create new {0}".format(model_title_plural))
|
||||
|
||||
# view
|
||||
config.add_route('{0}.view'.format(route_prefix), '{0}/{{{1}}}'.format(url_prefix, model_key))
|
||||
config.add_view(cls, attr='view', route_name='{0}.view'.format(route_prefix),
|
||||
permission='{0}.view'.format(permission_prefix))
|
||||
config.add_tailbone_permission(permission_prefix, '{0}.view'.format(permission_prefix),
|
||||
"View {0} Details".format(model_title))
|
||||
|
||||
# edit
|
||||
config.add_route('{0}.edit'.format(route_prefix), '{0}/{{{1}}}/edit'.format(url_prefix, model_key))
|
||||
config.add_view(cls, attr='edit', route_name='{0}.edit'.format(route_prefix),
|
||||
permission='{0}.edit'.format(permission_prefix))
|
||||
config.add_tailbone_permission(permission_prefix, '{0}.edit'.format(permission_prefix),
|
||||
"Edit {0}".format(model_title_plural))
|
||||
|
||||
# delete
|
||||
config.add_route('{0}.delete'.format(route_prefix), '{0}/{{{1}}}/delete'.format(url_prefix, model_key))
|
||||
config.add_view(cls, attr='delete', route_name='{0}.delete'.format(route_prefix),
|
||||
permission='{0}.delete'.format(permission_prefix))
|
||||
config.add_tailbone_permission(permission_prefix, '{0}.delete'.format(permission_prefix),
|
||||
"Delete {0}".format(model_title_plural))
|
||||
|
|
|
|||
|
|
@ -49,14 +49,10 @@ class PermissionsField(formalchemy.Field):
|
|||
role.permissions = self.renderer.deserialize()
|
||||
|
||||
|
||||
def OldPermissionsFieldRenderer(permissions, *args, **kwargs):
|
||||
def PermissionsFieldRenderer(permissions, *args, **kwargs):
|
||||
|
||||
perms = permissions
|
||||
|
||||
class PermissionsFieldRenderer(formalchemy.FieldRenderer):
|
||||
|
||||
permissions = perms
|
||||
|
||||
def deserialize(self):
|
||||
perms = []
|
||||
i = len(self.name) + 1
|
||||
|
|
@ -75,17 +71,18 @@ def OldPermissionsFieldRenderer(permissions, *args, **kwargs):
|
|||
html += tags.hidden(self.name, value='') # ugly hack..or good idea?
|
||||
else:
|
||||
html = ''
|
||||
for group, perms in self.permissions:
|
||||
inner = HTML.tag('p', c=group)
|
||||
for perm, title in perms:
|
||||
checked = has_permission(
|
||||
Session(), role, perm, include_guest=False)
|
||||
for groupkey in sorted(permissions, key=lambda k: permissions[k]['label']):
|
||||
inner = HTML.tag('p', c=permissions[groupkey]['label'])
|
||||
perms = permissions[groupkey]['perms']
|
||||
for key in sorted(perms, key=lambda p: perms[p]['label']):
|
||||
checked = has_permission(Session(), role, key, include_guest=False)
|
||||
label = perms[key]['label']
|
||||
if readonly:
|
||||
span = HTML.tag('span', c="[X]" if checked else "[ ]")
|
||||
inner += HTML.tag('p', class_='perm', c=span + ' ' + title)
|
||||
inner += HTML.tag('p', class_='perm', c=span + ' ' + label)
|
||||
else:
|
||||
inner += tags.checkbox(self.name + '-' + perm,
|
||||
checked=checked, label=title)
|
||||
inner += tags.checkbox(self.name + '-' + key,
|
||||
checked=checked, label=label)
|
||||
html += HTML.tag('div', class_='group', c=inner)
|
||||
return html
|
||||
|
||||
|
|
@ -116,7 +113,8 @@ class RolesView(MasterView):
|
|||
|
||||
def configure_fieldset(self, fs):
|
||||
fs.append(PermissionsField('permissions'))
|
||||
fs.permissions.set(renderer=OldPermissionsFieldRenderer(self.old_permissions))
|
||||
permissions = self.request.registry.settings.get('tailbone_permissions', {})
|
||||
fs.permissions.set(renderer=PermissionsFieldRenderer(permissions))
|
||||
fs.configure(
|
||||
include=[
|
||||
fs.name,
|
||||
|
|
@ -159,15 +157,9 @@ class RoleVersionView(VersionView):
|
|||
View which shows version history for a role.
|
||||
"""
|
||||
parent_class = model.Role
|
||||
route_model_view = 'role.read'
|
||||
route_model_view = 'roles.view'
|
||||
|
||||
|
||||
def includeme(config):
|
||||
|
||||
# TODO: This can finally be removed once all CRUD/index views have been
|
||||
# converted to use the new master view etc.
|
||||
settings = config.get_settings()
|
||||
RolesView.old_permissions = settings.get('edbob.permissions')
|
||||
|
||||
RolesView.defaults(config)
|
||||
version_defaults(config, RoleVersionView, 'role')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue