cco/loops
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

restrict attributes provided by the XML-RPC interface to plain TextField-s; bind the flash UI to the ManageConcepts permission

Browse source 
git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@1653 fd906abe-77d9-0310-91a1-e0d9ade77398
This commit is contained in:
helmutm 2007-03-18 14:50:21 +00:00
parent 1b83483e3f
commit 53810c1a19
5 changed files with 29 additions and 25 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
browser/flash/configure.zcml
View file

@ -12,7 +12,7 @@
for="loops.interfaces.ILoopsObject"
class="loops.browser.flash.flash.FlashView"
template="flash.pt"
permission="zope.ManageContent"
permission="loops.xmlrpc.ManageConcepts"
/>
<resource name="loops.swf" file="loops.swf" />

17
configure.zcml
View file

@ -7,6 +7,23 @@
<!-- security definitions -->
<permission
id="loops.xmlrpc.ManageConcepts"
title="[xmlrpc-manage-concepts-permission] Manage Concepts"
/>
<role
id="loops.xmlrpc.ConceptManager"
title="[xmlrpc-manage-concepts-role] loops: Concept Manager (XML-RPC)" />
<grant
permission="loops.xmlrpc.ManageConcepts"
role="loops.xmlrpc.ConceptManager" />
<!--<zope:grant
permission="loops.xmlrpc.ManageConcepts"
role="zope.ContentManager" />-->
<!-- event subscribers -->
<subscriber

4
xmlrpc/README.txt
View file

@ -65,8 +65,8 @@ domain concept (if present, otherwise the top-level type concept):
>>> xrf = LoopsMethods(loopsRoot, TestRequest())
>>> startObj = xrf.getStartObject()
>>> sorted(startObj.keys())
['children', 'description', 'id', 'name', 'options', 'parents', 'resources',
'title', 'type', 'typeInterface', 'viewName']
['children', 'description', 'id', 'name', 'parents', 'resources',
'title', 'type', 'viewName']
>>> startObj['id'], startObj['name'], startObj['title'], startObj['type']
('1', u'domain', u'Domain', '0')

14
xmlrpc/common.py
View file

@ -28,6 +28,7 @@ from zope.lifecycleevent import ObjectCreatedEvent, ObjectModifiedEvent
from zope.app.publisher.xmlrpc import XMLRPCView
from zope.app.publisher.xmlrpc import MethodPublisher
from zope.traversing.api import getName
from zope.schema.interfaces import ITextLine
from zope.security.proxy import removeSecurityProxy
from zope.cachedescriptors.property import Lazy
@ -134,6 +135,7 @@ class LoopsMethods(MethodPublisher):
ti = IType(obj).typeInterface
if ti is not None:
obj = ti(obj)
# TODO: provide conversion if necessary
setattr(obj, attr, toUnicode(value))
notify(ObjectModifiedEvent(obj))
return 'OK'
@ -147,15 +149,17 @@ def objectAsDict(obj):
ti = objType.typeInterface
if ti is not None:
adapter = ti(obj)
for attr in (list(adapter._adapterAttributes) + list(ti)):
#for attr in (list(adapter._adapterAttributes) + list(ti)):
for attr in list(ti):
if attr not in ('__parent__', 'context', 'id', 'name',
'title', 'description', 'type', 'data'):
value = getattr(adapter, attr)
# TODO: better selection and conversion
if value is None or type(value) in (str, unicode):
# TODO: provide conversion and schema information
#if value is None or type(value) in (str, unicode):
if ITextLine.providedBy(ti[attr]):
mapping[attr] = value or u''
elif type(value) is list:
mapping[attr] = ' | '.join(value)
#elif type(value) is list:
# mapping[attr] = ' | '.join(value)
return mapping
def formatRelations(rels, useSecond=True):

17
xmlrpc/configure.zcml
View file

@ -5,23 +5,6 @@
xmlns="http://namespaces.zope.org/xmlrpc"
i18n_domain="zope">
<zope:permission
id="loops.xmlrpc.ManageConcepts"
title="[xmlrpc-manage-concepts-permission] Manage Concepts"
/>
<zope:role
id="loops.xmlrpc.ConceptManager"
title="[xmlrpc-manage-concepts-role] loops: Concept Manager (XML-RPC)" />
<zope:grant
permission="loops.xmlrpc.ManageConcepts"
role="loops.xmlrpc.ConceptManager" />
<!--<zope:grant
permission="loops.xmlrpc.ManageConcepts"
role="zope.ContentManager" />-->
<view
name="xrf"
for="loops.interfaces.ILoops"