block propagation of principal role settings across workspaces

git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@4155 fd906abe-77d9-0310-91a1-e0d9ade77398
2011-01-24 18:39:47 +00:00 · 2011-01-24 18:39:47 +00:00 · 386a65ad61
commit 386a65ad61
parent 11de9a8e1f
3 changed files with 8 additions and 2 deletions
--- a/security/common.py
+++ b/security/common.py
@ -189,6 +189,7 @@ class WorkspaceInformation(Persistent):
    __name__ = u'workspace_information'

    propagateRolePermissions = 'workspace'
+    propagateParentSecurity = False
    allocationPredicateNames = allocationPredicateNames
    workspaceGroupsFolderName = workspaceGroupsFolderName

--- a/security/interfaces.py
+++ b/security/interfaces.py
@ -73,3 +73,6 @@ class IWorkspaceInformation(Interface):
    propagateRolePermissions = Attribute('Whose role permissions should be '
                    'propagated to children (workspace_informaton or parent)?')

+    propagateParentSecurity = Attribute('Should the security settings of '
+                    'the workspace parent be propagated to children?')
+
--- a/security/setter.py
+++ b/security/setter.py
@ -151,9 +151,11 @@ class ConceptSecuritySetter(LoopsObjectSecuritySetter):
        setter = ISecuritySetter(adapted(relation.second))
        setter.setDefaultRolePermissions()
        setter.acquireRolePermissions()
-        setter.copyPrincipalRoles(self, revert)
        wi = baseObject(self.context).workspaceInformation
-        if wi:
+        if wi and not wi.propagateParentSecurity:
+             return
+        setter.copyPrincipalRoles(self, revert)
+        if wi: 
            setter.copyPrincipalRoles(ISecuritySetter(wi), revert)
        setter.propagateSecurity(revert, updated)