diff --git a/security/common.py b/security/common.py index f87317a..064ea00 100644 --- a/security/common.py +++ b/security/common.py @@ -1,5 +1,5 @@ # -# Copyright (c) 2013 Helmut Merz helmutm@cy55.de +# Copyright (c) 2015 Helmut Merz helmutm@cy55.de # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -71,6 +71,8 @@ def getOption(obj, option, checkType=True): opts = component.queryAdapter(adapted(obj), IOptions) if opts is not None: opt = opts(option, None) + if opt is True: + return opt if opt: return opt[0] if not checkType: @@ -79,7 +81,9 @@ def getOption(obj, option, checkType=True): if typeMethod is not None: opts = component.queryAdapter(adapted(typeMethod()), IOptions) if opts is not None: - opt = opts(option, [None]) + opt = opts(option, None) + if opt is True: + return opt if opt: return opt[0] return None diff --git a/security/setter.py b/security/setter.py index 135db0e..6138269 100644 --- a/security/setter.py +++ b/security/setter.py @@ -1,5 +1,5 @@ # -# Copyright (c) 2013 Helmut Merz helmutm@cy55.de +# Copyright (c) 2015 Helmut Merz helmutm@cy55.de # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -39,6 +39,7 @@ from loops.interfaces import IConceptSchema, IBaseResourceSchema, ILoopsAdapter from loops.organize.util import getPrincipalFolder, getGroupsFolder, getGroupId from loops.security.common import overrides, setRolePermission, setPrincipalRole from loops.security.common import allRolesExceptOwner, acquiringPredicateNames +from loops.security.common import getOption from loops.security.interfaces import ISecuritySetter from loops.versioning.interfaces import IVersionable @@ -55,10 +56,18 @@ class BaseSecuritySetter(object): def baseObject(self): return baseObject(self.context) + @Lazy + def adapted(self): + return adapted(self.context) + @Lazy def conceptManager(self): return self.baseObject.getLoopsRoot().getConceptManager() + @Lazy + def options(self): + return IOptions(self.adapted) + @Lazy def typeOptions(self): type = self.baseObject.getType() @@ -133,9 +142,14 @@ class LoopsObjectSecuritySetter(BaseSecuritySetter): def acquireRolePermissions(self): settings = {} + rpm = self.rolePermissionManager + for p, r, s in rpm.getRolesAndPermissions(): + settings[(p, r)] = s for p in self.parents: if p == self.baseObject: continue + if getOption(p, 'security.no_propagate', checkType=False): + continue secProvider = p wi = p.workspaceInformation if wi: