Added more custom permissions

quintagroup · Feb 24, 2014 · 677a985 · 677a985
1 parent eaa3748
commit 677a985
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 5 deletions.
diff --git a/collective/easyform/actions.py b/collective/easyform/actions.py
@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 
+from AccessControl import getSecurityManager
 from BTrees.IOBTree import IOBTree
 try:
     from BTrees.LOBTree import LOBTree
@@ -28,9 +29,11 @@
 from time import time
 from types import StringTypes
 from zope.contenttype import guess_content_type
+from zope.component import queryUtility
 from zope.interface import implements
 from zope.schema import Bool
 from zope.schema import getFieldsInOrder
+from zope.security.interfaces import IPermission
 
 from collective.easyform import easyformMessageFactory as _
 from collective.easyform.api import DollarVarReplacer
@@ -53,12 +56,21 @@ class ActionFactory(object):
 
     title = u''
 
-    def __init__(self, fieldcls, title, *args, **kw):
+    def __init__(self, fieldcls, title, permission, *args, **kw):
         self.fieldcls = fieldcls
         self.title = title
+        self.permission = permission
         self.args = args
         self.kw = kw
 
+    def available(self, context):
+        """ field is addable in the current context """
+        securityManager = getSecurityManager()
+        permission = queryUtility(IPermission, name=self.permission)
+        if permission is None:
+            return True
+        return bool(securityManager.checkPermission(permission.title, context))
+
     def editable(self, field):
         """ test whether a given instance of a field is editable """
         return True
@@ -637,11 +649,11 @@ def onSuccess(self, fields, request):
 
 
 MailerAction = ActionFactory(
-    Mailer, _(u'label_mailer_action', default=u'Mailer'))
+    Mailer, _(u'label_mailer_action', default=u'Mailer'), 'collective.easyform.AddMailers')
 CustomScriptAction = ActionFactory(
-    CustomScript, _(u'label_customscript_action', default=u'Custom Script'))
+    CustomScript, _(u'label_customscript_action', default=u'Custom Script'), 'collective.easyform.AddCustomScripts')
 SaveDataAction = ActionFactory(
-    SaveData, _(u'label_savedata_action', default=u'Save Data'))
+    SaveData, _(u'label_savedata_action', default=u'Save Data'), 'collective.easyform.AddDataSavers')
 
 MailerHandler = BaseHandler(Mailer)
 CustomScriptHandler = BaseHandler(CustomScript)

diff --git a/collective/easyform/permissions.zcml b/collective/easyform/permissions.zcml
@@ -1,6 +1,29 @@
 <configure
     xmlns="http://namespaces.zope.org/zope"
     i18n_domain="collective.easyform">
+    <permission id="collective.easyform.AddContent"
+                title="collective.easyform: Add Content">
+        <role name="Manager"/>
+        <role name="Owner"/>
+        <role name="Contributor"/>
+        <role name="Site Administrator"/>
+    </permission>
+    <permission id="collective.easyform.AddMailers"
+                title="collective.easyform: Add Mailers">
+        <role name="Manager"/>
+        <role name="Owner"/>
+        <role name="Site Administrator"/>
+    </permission>
+    <permission id="collective.easyform.AddDataSavers"
+                title="collective.easyform: Add Data Savers">
+        <role name="Manager"/>
+        <role name="Owner"/>
+        <role name="Site Administrator"/>
+    </permission>
+    <permission id="collective.easyform.AddCustomScripts"
+                title="collective.easyform: Add Custom Scripts">
+        <role name="Manager"/>
+    </permission>
     <permission id="collective.easyform.EditTALESFields"
                 title="collective.easyform: Edit TALES Fields">
         <role name="Manager"/>

diff --git a/collective/easyform/profiles/default/types/EasyForm.xml b/collective/easyform/profiles/default/types/EasyForm.xml
@@ -11,7 +11,7 @@
   <property name="model_source"></property>
   <property name="model_file"></property>
   <property name="klass">collective.easyform.content.EasyForm</property>
-  <property name="add_permission">cmf.AddPortalContent</property>
+  <property name="add_permission">collective.easyform.AddContent</property>
   <property name="behaviors">
     <element value="plone.app.content.interfaces.INameFromTitle"/>
     <element value="plone.app.dexterity.behaviors.discussion.IAllowDiscussion"/>

diff --git a/collective/easyform/vocabularies.py b/collective/easyform/vocabularies.py
@@ -127,6 +127,7 @@ def EasyFormActionsVocabularyFactory(context):
         SimpleVocabulary.createTerm(
             factory, translate(factory.title), factory.title)
         for (id, factory) in getUtilitiesFor(IActionFactory)
+        if factory.available(context)
     ])