diff --git a/roundup/security.py b/roundup/security.py
index 0d50318d524cc635e20ae5abab68f8aad54a2b48..0526b4eb8c66e3e0730d550fc42744a7229d4cce 100644 (file)
--- a/roundup/security.py
+++ b/roundup/security.py
description="User may register through the email")
# initialise the permissions and roles needed for the UIs
- from roundup import cgi_client, mailgw
- cgi_client.initialiseSecurity(self)
+ from roundup.cgi import client
+ client.initialiseSecurity(self)
+ from roundup import mailgw
mailgw.initialiseSecurity(self)
def getPermission(self, permission, classname=None):
'''
if not self.permission.has_key(permission):
raise ValueError, 'No permission "%s" defined'%permission
+
+ # look through all the permissions of the given name
for perm in self.permission[permission]:
+ # if we're passed a classname, the permission must match
if perm.klass is not None and perm.klass == classname:
return perm
+ # otherwise the permission klass must be unset
elif not perm.klass and not classname:
return perm
raise ValueError, 'No permission "%s" defined for "%s"'%(permission,
if roles is None:
return 0
for rolename in roles.split(','):
- if not rolename:
+ if not rolename or not self.role.has_key(rolename):
continue
+ # for each of the user's Roles, check the permissions
for perm in self.role[rolename].permissions:
- if perm.klass is None or perm.klass == classname:
- return 1
+ # permission name match?
+ if perm.name == permission:
+ # permission klass match?
+ if perm.klass is None or perm.klass == classname:
+ # we have a winner
+ return 1
return 0
def hasNodePermission(self, classname, nodeid, **propspec):
role = self.role[rolename]
role.permissions.append(permission)
+# vim: set filetype=python ts=4 sw=4 et si