[Mpuls-commits] r5593 - base/trunk/mpulsweb/model

scm-commit@wald.intevation.org scm-commit at wald.intevation.org
Thu Nov 17 21:05:20 CET 2011


Author: bh
Date: 2011-11-17 21:05:18 +0100 (Thu, 17 Nov 2011)
New Revision: 5593

Modified:
   base/trunk/mpulsweb/model/case.py
Log:
Add new MpulsCase methods user_may_read and user_may_edit.
These methods can be used to determine whether a given user may read or
modify a case. These methods currently always return True, but may be
overwritten by derived applications to restrict access to a case. These
restrictions will implicitly be applied in addition to restrictions
already imposed by the database.

The new methods are not used yet. They are part of the more structured
approach to implementing the access permissions for cases for
mpuls/issue2367.


Modified: base/trunk/mpulsweb/model/case.py
===================================================================
--- base/trunk/mpulsweb/model/case.py	2011-11-16 16:33:51 UTC (rev 5592)
+++ base/trunk/mpulsweb/model/case.py	2011-11-17 20:05:18 UTC (rev 5593)
@@ -964,6 +964,37 @@
         """Returns true if the given user id is the id of the editor of the case"""
         return self.editor_id == uid
 
+    def user_may_read(self, user):
+        """Return whether the user may read the case data.
+        This default implementation always returns True. This assumes
+        that the database will not let the user see the case and its id
+        if the user does not have read permission on the case.
+
+        This default behavior may change in the future, but initially,
+        simply returning True is the most backwards compatible
+        implementation.
+
+        Derived classes may override this method if they wish to
+        restrict access at the web-application level.
+        """
+        return True
+
+    def user_may_edit(self, user):
+        """Return whether the user may edit the case data.
+
+        This default implementation always returns True. This assumes
+        that the database will not let the user modify the case if the
+        user does not have write permission on the case.
+
+        This default behavior may change in the future, but initially,
+        simply returning True is the most backwards compatible
+        implementation.
+
+        Derived classes may override this method if they wish to
+        restrict access at the web-application level.
+        """
+        return True
+
     def getEditor(self):
         """Returns the editor of the case"""
         return UserObject(self.editor)



More information about the Mpuls-commits mailing list