--- basket/basket.py 2006/04/05 17:26:19 1.7 +++ basket/basket.py 2006/04/06 16:49:14 1.8 @@ -38,6 +38,26 @@ class BasketBasis(OrderedFolder): """Basis class for BasketFolder and Baskets""" security=ClassSecurityInfo() + + def checkPermission(self,modus): + """check permission""" + if modus=='open': + return True + elif modus=='private': + return self.groupFolder.isMemberOf('admin') + elif modus=='admin': + return self.groupFolder.isMemberOf('admin') + elif modus=='edit': + return (self.groupFolder.isMemberOf('editor') or self.groupFolder.isMemberOf('admin')) + elif modus=='publish': + return self.groupFolder.isMemberOf('publish') + elif modus=='authorized': + if self.getActualUserName().lower() == "anonymous user": + return False + else: + return True + + def getNewId(self): """createIds""" last=getattr(self,'last',0) @@ -67,7 +87,7 @@ class BasketBasis(OrderedFolder): id=self.getNewId() manage_addBasketText(self,str(id),'','',RESPONSE=None) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+str(id)) def addBasketExternalLink(self,REQUEST=None): """add an external link""" @@ -75,7 +95,7 @@ class BasketBasis(OrderedFolder): manage_addBasketExternalLink(self,str(id),"","","","",RESPONSE=None) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+str(id)) def deleteObject(self,id,REQUEST=None): """delete object""" @@ -87,25 +107,25 @@ class BasketBasis(OrderedFolder): """move id one up""" self.moveObjectsUp([id], 1) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+id) def moveDown(self,id,REQUEST=None): """move id one up""" self.moveObjectsDown([id], 1) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+id) def moveTop(self,id,REQUEST=None): """move to top""" self.moveObjectsToTop([id]) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+id) def moveBottom(self,id,REQUEST=None): """move to top""" self.moveObjectsToBottom([id]) if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+id) security.declareProtected('View','getOwner') @@ -113,10 +133,7 @@ class BasketBasis(OrderedFolder): """get Owner as string""" return self.owner - def isAuthorized(self,role="read"): - """check whether actual user is authorized""" - #TODO replace occurences with checkPermission - return True + def getActualUserName(self): """get username of actual user""" @@ -149,11 +166,11 @@ class BasketFolder(BasketBasis): return ret elif mode=='open_intern': print "open_intern" - if self.groupFolder.isMemberOf('user'): + if self.checkPermission('authorized'): print "---public" for object in self.getObjects(): print object.getId(),object.publicationStatus - if object.publicationStatus=='open_intern': + if object.publicationStatus=='open_intern' or object.publicationStatus=='open': ret.append(object) return ret else: @@ -256,19 +273,16 @@ class Basket(BasketBasis): {'label':'manage main','action':'changeBasketForm'}, ) - def checkPermission(self,modus): - """check permission""" - if modus=='open': - return True - elif modus=='private': - return self.groupFolder.isMemberOf('admin') - elif modus=='admin': - return self.groupFolder.isMemberOf('admin') - elif modus=='edit': - return self.groupFolder.isMemberOf('edit') - elif modus=='publish': - return self.groupFolder.isMemberOf('publish') - + + def saveButton(self,actualId): + """return the save button""" + ret=""" + save - + + """%actualId + return ret + def manageUserRights_html(self): """manage user rights""" if hasattr(self,"Basket_manageUserRights_template"): @@ -386,7 +400,7 @@ class Basket(BasketBasis): def changeBasketComments(self,REQUEST): """Change comment of basket elements""" form=REQUEST.form - + for key in form.keys(): splitted=key.split("_") objects=self.ZopeFind(self,obj_ids=[splitted[0]]) @@ -395,7 +409,7 @@ class Basket(BasketBasis): if REQUEST: - REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket") + REQUEST.RESPONSE.redirect(self.absolute_url()+"/manageBasket#"+form.get('actualId','')) def selectThisBasketAsCurrent(self,REQUEST=None): @@ -430,9 +444,18 @@ class Basket(BasketBasis): manage_addBasketXRef(self,str(id),title,comment,xref) if REQUEST: - import random - rd=random.random() - REQUEST.RESPONSE.redirect(REQUEST['HTTP_REFERER']+'&-dummy='+str(rd)) + #import random + #rd=random.random() + urlSplit=REQUEST['HTTP_REFERER'].split("?") + if len(urlSplit)>1: + parsed=cgi.parse_qs(urlSplit[1]) + parsed['-link']=link + qs=urllib.urlencode(parsed,doseq=True) + + else: + qs="" + + REQUEST.RESPONSE.redirect(urlSplit[0]+"?"+qs) else: return True @@ -454,7 +477,7 @@ def manage_addBasket(self,id,title,comme if RESPONSE is not None: RESPONSE.redirect('manage_main') -class BasketBasis(SimpleItem): +class BasketObject(SimpleItem): """basic class for baskets""" #security=ClassSecurityInfo() @@ -506,7 +529,7 @@ class BasketBasis(SimpleItem): pt.content_type="text/html" return pt() -class BasketFile(BasketBasis,File): +class BasketFile(BasketObject,File): """class for fileupload""" meta_type="BasketFile" @@ -581,7 +604,7 @@ def manage_addBasketFile(self,id,title,c if REQUEST is not None: REQUEST['RESPONSE'].redirect(self.absolute_url()+'/manage_main') -class BasketXRef(BasketBasis): +class BasketXRef(BasketObject): """class for internal references based on xrefs""" #security=ClassSecurityInfo() @@ -634,7 +657,7 @@ def manage_addBasketXRef(self,id,title,c if RESPONSE is not None: RESPONSE.redirect('manage_main') -class BasketInternalLink(BasketBasis): +class BasketInternalLink(BasketObject): """class for internal referencens based on links""" #security=ClassSecurityInfo() @@ -690,7 +713,7 @@ def manage_addBasketInternalLink(self,id RESPONSE.redirect('manage_main') -class BasketExternalLink(BasketBasis): +class BasketExternalLink(BasketObject): """class for external links""" #security=ClassSecurityInfo() @@ -745,7 +768,7 @@ def manage_addBasketExternalLink(self,id RESPONSE.redirect('manage_main') -class BasketText(BasketBasis): +class BasketText(BasketObject): """class for text elements in baskets""" #security=ClassSecurityInfo()