Hi again,
Following the previous email (since in my site users need to login to
be able to submit a document) I was asked to remove from the list the
doctypes for which the logged-in user has no 'submit' permission.
It is not a absurd request, especially if you have dozens of available
doctypes... Furthermore, it is nice if you're in the process of
creating a new doctype and don't want to make it 'available' to all
the users! (superadmin should still see them all)
The first problem is that again I'm using the good-old
acc_find_possible_actions_user in the getCatalogueBranch function, so
I'm not taking into account the FireRole permissions :)
The other problem is that one needs to change the number of parameters
for getCatalogueBranch and
makeCataloguesTable to include uid="". Also it's a very poor
implementation because it displays the major doctype categories
regardless of whether they have branches or not...
So to wrap things up (I'm not providing one diff file, because I have
a lot of comments/debug code etc and you'll probably find a better way
to implement it):
< from invenio.access_control_admin import acc_is_role
---
from invenio.access_control_admin import acc_is_role,
acc_get_action_id, acc_find_possible_actions_user
=========
< from invenio.webuser import getUid, get_email, collect_user_info
---
from invenio.webuser import getUid, get_email, collect_user_info,
isUserSubmitter, isUserSuperAdmin
=========
< catalogues = makeCataloguesTable(ln)
< )
---
catalogues = makeCataloguesTable(ln, uid)
)
=========
< def makeCataloguesTable(ln=CFG_SITE_LANG):
---
def makeCataloguesTable(ln=CFG_SITE_LANG, uid=""):
=========
< catalogues.append(getCatalogueBranch(child_collctn[0], 1))
---
catalogues.append(getCatalogueBranch(child_collctn[0], 1, uid))
=========
(In the beginning of getCalogueBranch, after the comments)
id_action= acc_get_action_id('submit')
mylist= acc_find_possible_actions_user(uid,id_action)
user_info={} #
user_info['uid']=uid # Python newbie :)
=========
< elem['docs'].append(getDoctypeBranch(child_doctype[0]))
---
allowedToSubmit=False
for mylist_item in mylist:
if (mylist_item[3]==child_doctype[0] and not allowedToSubmit):
allowedToSubmit=True
if (allowedToSubmit or isUserSuperAdmin(user_info)):
elem['docs'].append(getDoctypeBranch(child_doctype[0]))
I should probably do something similar for 2nd-level doctypes
('sons'), but I don't have an example to test, so I'll leave it as it
is. Probably something like:
elem['sons'].append(getCatalogueBranch(child_collctn[0], level + 1,
uid)) should be sufficient (?)
In any case, I'm not using isUserSubmitter anywhere because, as it is
now, the function checks if the user's email exists in the
sbmSUBMISSIONS table. In most cases works OK, but ie. for a NEW user,
the function will return False...
