/
local_roles.py
62 lines (53 loc) · 2.26 KB
/
local_roles.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# -*- coding: utf-8 -*-
from AccessControl.interfaces import IRoleManager
from plone.restapi.deserializer import json_body
from plone.restapi.interfaces import IDeserializeFromJson
from Products.CMFCore.interfaces import ICatalogAware
from zope.component import adapter
from zope.component import getMultiAdapter
from zope.event import notify
from zope.interface import implementer
from zope.interface import Interface
try:
from plone.app.workflow.events import LocalrolesModifiedEvent
LOCALROLES_MODIFIED_EVENT_AVAILABLE = True
except ImportError:
# Plone < 4.3.4
LOCALROLES_MODIFIED_EVENT_AVAILABLE = False
marker = object()
@implementer(IDeserializeFromJson)
@adapter(IRoleManager, Interface)
class DeserializeFromJson(object):
"""JSON deserializer for local roles
"""
def __init__(self, context, request):
self.context = context
self.request = request
def __call__(self):
data = json_body(self.request)
sharing_view = getMultiAdapter((self.context, self.request),
name='sharing')
# inherit roles
inherit_reindex = False
# block can be None, so we might get False or None, so we test
# for a marker.
inherit = data.get('inherit', marker)
if inherit is not marker:
inherit_reindex = sharing_view.update_inherit(status=inherit,
reindex=False)
# roles
roles_reindex = False
new_roles = data.get('entries', None)
if new_roles is not None:
# the roles are converted into a FrozenSet so we have to filter
# the data structure we get.
for user in new_roles:
roles_list = [key for key in user['roles'] if
user['roles'][key]]
user['roles'] = roles_list
roles_reindex = sharing_view.update_role_settings(new_roles,
reindex=False)
if ICatalogAware(self.context) and (inherit_reindex or roles_reindex):
self.context.reindexObjectSecurity()
if LOCALROLES_MODIFIED_EVENT_AVAILABLE:
notify(LocalrolesModifiedEvent(self.context, self.request))