From 386a65ad61e01670c7d3127ae66aff56f12ab7c0 Mon Sep 17 00:00:00 2001 From: helmutm Date: Mon, 24 Jan 2011 18:39:47 +0000 Subject: [PATCH] block propagation of principal role settings across workspaces git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@4155 fd906abe-77d9-0310-91a1-e0d9ade77398 --- security/common.py | 1 + security/interfaces.py | 3 +++ security/setter.py | 6 ++++-- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/security/common.py b/security/common.py index 615496c..fbb6a16 100644 --- a/security/common.py +++ b/security/common.py @@ -189,6 +189,7 @@ class WorkspaceInformation(Persistent): __name__ = u'workspace_information' propagateRolePermissions = 'workspace' + propagateParentSecurity = False allocationPredicateNames = allocationPredicateNames workspaceGroupsFolderName = workspaceGroupsFolderName diff --git a/security/interfaces.py b/security/interfaces.py index 5b325f9..ef4876e 100644 --- a/security/interfaces.py +++ b/security/interfaces.py @@ -73,3 +73,6 @@ class IWorkspaceInformation(Interface): propagateRolePermissions = Attribute('Whose role permissions should be ' 'propagated to children (workspace_informaton or parent)?') + propagateParentSecurity = Attribute('Should the security settings of ' + 'the workspace parent be propagated to children?') + diff --git a/security/setter.py b/security/setter.py index 74d67bc..2992f88 100644 --- a/security/setter.py +++ b/security/setter.py @@ -151,9 +151,11 @@ class ConceptSecuritySetter(LoopsObjectSecuritySetter): setter = ISecuritySetter(adapted(relation.second)) setter.setDefaultRolePermissions() setter.acquireRolePermissions() - setter.copyPrincipalRoles(self, revert) wi = baseObject(self.context).workspaceInformation - if wi: + if wi and not wi.propagateParentSecurity: + return + setter.copyPrincipalRoles(self, revert) + if wi: setter.copyPrincipalRoles(ISecuritySetter(wi), revert) setter.propagateSecurity(revert, updated)