Enable to set prinrole and roleperm

plone · Jan 27, 2017 · 84bdb5b · 84bdb5b
1 parent d76afaf
commit 84bdb5b
Showing 1 changed file with 14 additions and 5 deletions.
diff --git a/src/plone.server/plone/server/api/content.py b/src/plone.server/plone/server/api/content.py
@@ -31,6 +31,7 @@
 
 from zope.securitypolicy.interfaces import IPrincipalPermissionMap
 from zope.securitypolicy.interfaces import IPrincipalRoleManager
+from zope.securitypolicy.interfaces import IRolePermissionManager
 from zope.securitypolicy.interfaces import IPrincipalRoleMap
 from zope.securitypolicy.interfaces import IRolePermissionMap
 
@@ -200,12 +201,20 @@ async def sharing_get(context, request):
                    name='@sharing')
 async def sharing_post(context, request):
     data = await request.json()
+    roleperm = IRolePermissionManager(context)
     prinrole = IPrincipalRoleManager(context)
-    if 'prinrole' not in data:
-        raise HTTPNotFound('prinrole missing')
-    for user, roles in data['prinrole'].items():
-        for role in roles:
-            prinrole.assignRoleToPrincipal(role, user)
+    if 'prinrole' not in data and 'roleperm' not in data:
+        raise AttributeError('prinrole or roleperm missing')
+
+    if 'prinrole' in data:
+        for user, roles in data['prinrole'].items():
+            for role in roles:
+                prinrole.assignRoleToPrincipal(role, user)
+
+    if 'roleperm' in data:
+        for role, perms in data['roleperm'].items():
+            for perm in perms:
+                roleperm.grantPermissionToRole(perm, role)
     await notify(ObjectPermissionsModifiedEvent(context))