Source

bloodhound-trac / tracopt / perm / config_perm_provider.py

Full commit
# -*- coding: utf-8 -*-
#
# Copyright (C) 2009 Edgewall Software
# All rights reserved.
#
# This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms
# are also available at http://trac.edgewall.org/wiki/TracLicense.
#
# This software consists of voluntary contributions made by many
# individuals. For the exact contribution history, see the revision
# history and logs, available at http://trac.edgewall.org/log/.

from trac.core import *
from trac.config import ConfigSection
from trac.perm import IPermissionRequestor


class ExtraPermissionsProvider(Component):
    """Extra permission provider."""

    implements(IPermissionRequestor)

    extra_permissions_section = ConfigSection('extra-permissions',
        doc="""This section provides a way to add arbitrary permissions to a
        Trac environment. This can be useful for adding new permissions to use
        for workflow actions, for example.

        To add new permissions, create a new section `[extra-permissions]` in
        your `trac.ini`. Every entry in that section defines a meta-permission
        and a comma-separated list of permissions. For example:
        {{{
        [extra-permissions]
        extra_admin = extra_view, extra_modify, extra_delete
        }}}
        This entry will define three new permissions `EXTRA_VIEW`,
        `EXTRA_MODIFY` and `EXTRA_DELETE`, as well as a meta-permissions
        `EXTRA_ADMIN` that grants all three permissions.

        If you don't want a meta-permission, start the meta-name with an
        underscore (`_`):
        {{{
        [extra-permissions]
        _perms = extra_view, extra_modify
        }}}
        """)

    def get_permission_actions(self):
        permissions = {}
        for meta, perms in self.extra_permissions_section.options():
            perms = [each.strip().upper() for each in perms.split(',')]
            for perm in perms:
                permissions.setdefault(perm, [])
            meta = meta.strip().upper()
            if meta and not meta.startswith('_'):
                permissions.setdefault(meta, []).extend(perms)
        return [(k, v) if v else k for k, v in permissions.iteritems()]