cubicweb_sherpa/schema.py
author Philippe Pepiot <philippe.pepiot@logilab.fr>
Thu, 19 Oct 2017 14:44:15 +0200
changeset 296 3fedbeede3d9
parent 217 5a0cebef1a8e
permissions -rw-r--r--
[pkg] prepare 0.9.2

# copyright 2017 LOGILAB S.A. (Paris, FRANCE), all rights reserved.
# contact http://www.logilab.fr -- mailto:contact@logilab.fr
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation, either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
# details.
#
# You should have received a copy of the GNU Lesser General Public License along
# with this program. If not, see <http://www.gnu.org/licenses/>.

from cubicweb.schema import ERQLExpression

from cubes.skos.schema import ConceptScheme

ConceptScheme.__permissions__ = {
    'read': ('managers', 'users', 'guests'),
    'add': ('managers',),
    'update': ('managers',),
    'delete': ('managers',),
}


def post_build_callback(schema):
    from cubicweb_compound import CompositeGraph, utils
    graph = CompositeGraph(schema)
    utils.graph_set_etypes_update_permissions(schema, graph, 'ConceptScheme')
    utils.graph_set_write_rdefs_permissions(schema, graph, 'ConceptScheme')

    for action in ('update', 'delete'):
        schema['SEDAArchiveUnit'].set_action_permissions(
            action, ('managers',
                     ERQLExpression('U has_{action}_permission C, '
                                    'X container C'.format(action=action)),
                     ERQLExpression('NOT EXISTS(X container C), X owned_by U')))