[saem-devel] [PATCH sherpa V2] [views] custom security view

Philippe Pepiot philippe.pepiot at logilab.fr
Wed Feb 22 10:09:34 CET 2017


# HG changeset patch
# User Philippe Pepiot <philippe.pepiot at logilab.fr>
# Date 1487343827 -3600
#      Fri Feb 17 16:03:47 2017 +0100
# Node ID c49fd149b097132e10b3dfd7574cf9e85f35dc48
# Parent  f3d5feaf0c2665977750bd665e728d6c662d1e4f
# Available At https://hg.logilab.org/review/cubes/sherpa
#              hg pull https://hg.logilab.org/review/cubes/sherpa -r c49fd149b097
[views] custom security view

Override cubicweb security view to remove permissions table.
Use a relation widget for 'owned_by' relation.
Since there is only 'owned_by' edition on this view, add a selector to ensure
user has 'add' permission on 'owned_by' for this entity.

Closes extranet #16684489

diff --git a/__pkginfo__.py b/__pkginfo__.py
--- a/__pkginfo__.py
+++ b/__pkginfo__.py
@@ -23,6 +23,7 @@ web = 'http://www.cubicweb.org/project/%
     'cubicweb-seda': None,
     'cubicweb-registration': None,
     'cubicweb-rememberme': None,
+    'cubicweb-relationwidget': None,
     'jinja2': None,
 }
 
diff --git a/views/management.py b/views/management.py
new file mode 100644
--- /dev/null
+++ b/views/management.py
@@ -0,0 +1,58 @@
+# copyright 2017 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
+# contact http://www.logilab.fr -- mailto:contact at logilab.fr
+#
+# This program is free software: you can redistribute it and/or modify it under
+# the terms of the GNU Lesser General Public License as published by the Free
+# Software Foundation, either version 2.1 of the License, or (at your option)
+# any later version.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+from logilab.mtconverter import xml_escape
+
+from cubicweb.predicates import relation_possible
+from cubicweb.web import formwidgets
+from cubicweb.web.formfields import guess_field
+from cubicweb.web.views.management import SecurityManagementView
+
+from cubes.relationwidget.views import RelationFacetWidget
+
+
+class SherpaSecurityManagementView(SecurityManagementView):
+    """Security view overriden to hide permissions definitions and using a
+    RelationFacetWidget to edit owner"""
+    __select__ = (SecurityManagementView.__select__ &
+                  relation_possible('owned_by', action='add'))
+
+    def entity_call(self, entity):
+        w = self.w
+        w(u'<h1><span class="etype">%s</span> <a href="%s">%s</a></h1>'
+          % (entity.dc_type().capitalize(),
+             xml_escape(entity.absolute_url()),
+             xml_escape(entity.dc_title())))
+        w('<h2>%s</h2>' % self._cw.__('Manage security'))
+        msg = self._cw.__('ownerships have been changed')
+        form = self._cw.vreg['forms'].select(
+            'base', self._cw, entity=entity,
+            form_renderer_id='onerowtable', submitmsg=msg,
+            form_buttons=[formwidgets.SubmitButton()],
+            domid='ownership%s' % entity.eid,
+            __redirectvid='security',
+            __redirectpath=entity.rest_path())
+        field = guess_field(entity.e_schema,
+                            self._cw.vreg.schema['owned_by'],
+                            req=self._cw,
+                            widget=RelationFacetWidget())
+        form.append_field(field)
+        form.render(w=w, display_progress_div=False)
+
+
+def registration_callback(vreg):
+    vreg.register_all(globals().values(), __name__)
+    vreg.unregister(SecurityManagementView)



More information about the saem-devel mailing list