class documentation

class AccessableObject(object): (source)

Known subclasses: zms._accessmanager.AccessableContainer

View In Hierarchy

Mixin providing access-control helpers for ZMS objects.

Method getUserLangs Resolve effective language permissions for a user on this object.
Method getUserRoles Resolve effective user roles for this object.
Method getUsers Return all users with effective roles and languages on this object.
Method hasAccess Check whether the authenticated user can view this object.
Method hasPublicAccess Return whether public access is effectively allowed for this object.
Method hasRestrictedAccess Return whether this object is explicitly marked as restricted.
Method manage_user Update properties of the currently authenticated user.
Method synchronizePublicAccess Synchronize public-access permissions with the current restriction flags.
Method zmi_page_request Preprocess ZMI page requests and enforce access restrictions.
Class Variable manage_userForm Undocumented
def getUserLangs(self, userObj, aq_parent=1): (source)

Resolve effective language permissions for a user on this object.

Parameters
userObjUser object or identifier
aq_parent:boolWhether to inspect parent nodes
Returns
listAllowed language ids
def getUserRoles(self, userObj, aq_parent=True, resolve=True): (source)

Resolve effective user roles for this object.

Parameters
userObjUser object or identifier
aq_parent:boolWhether to inspect parent nodes
resolve:boolWhether to resolve security roles recursively
Returns
listEffective role ids
def getUsers(self, REQUEST=None): (source)

Return all users with effective roles and languages on this object.

Parameters
REQUESTOptional request object
Returns
dictMapping of user ids to access information
def hasAccess(self, REQUEST): (source)

Check whether the authenticated user can view this object.

Parameters
REQUESTZope request object
Returns
boolTrue if access is granted
def hasPublicAccess(self): (source)

Return whether public access is effectively allowed for this object.

def hasRestrictedAccess(self): (source)

Return whether this object is explicitly marked as restricted.

def manage_user(self, btn, lang, REQUEST, RESPONSE): (source)

Update properties of the currently authenticated user.

Parameters
btn:strAction button id
lang:strUI language id
REQUESTZope request object
RESPONSEZope response object
def synchronizePublicAccess(self): (source)

Synchronize public-access permissions with the current restriction flags.

def zmi_page_request(self, *args, **kwargs): (source)

Preprocess ZMI page requests and enforce access restrictions.

Returns
Redirect response for registration flows when applicable
manage_userForm = (source)

Undocumented