wuttaweb.views.roles

Views for roles

class wuttaweb.views.roles.PermissionView(request, context=None)[source]

Master view for permissions.

Default route prefix is permissions.

Notable URLs provided by this class:

  • /permissions/

  • /permissions/XXX

  • /permissions/XXX/delete

model_class

alias of Permission

class wuttaweb.views.roles.RoleView(request, context=None)[source]

Master view for roles.

Default route prefix is roles.

Notable URLs provided by this class:

  • /roles/

  • /roles/new

  • /roles/XXX

  • /roles/XXX/edit

  • /roles/XXX/delete

get_available_permissions()[source]

Returns all “available” permissions. This is used when viewing or editing a role; the result is passed into the Permissions field schema.

The app itself must be made aware of each permission, in order for them to found by this method. This is done via add_permission_group() and add_permission().

When in “view” (readonly) mode, this method will return the full set of known permissions.

However in “edit” mode, it will prune the set to remove any permissions which the current user does not also have. The idea here is to allow “many” users to manage roles, but ensure they cannot “break out” of their own role by assigning extra permissions to it.

The permissions returned will also be grouped, and each single permission is also represented as a simple dict, e.g.:

{
    'books': {
        'key': 'books',
        'label': "Books",
        'perms': {
            'books.list': {
                'key': 'books.list',
                'label': "Browse / search Books",
            },
            'books.view': {
                'key': 'books.view',
                'label': "View Book",
            },
        },
    },
    'widgets': {
        'key': 'widgets',
        'label': "Widgets",
        'perms': {
            'widgets.list': {
                'key': 'widgets.list',
                'label': "Browse / search Widgets",
            },
            'widgets.view': {
                'key': 'widgets.view',
                'label': "View Widget",
            },
        },
    },
}
make_users_grid(role)[source]

Make and return the grid for the Users field.

This grid is shown for the Users field when viewing a Role.

Returns:

Fully configured Grid instance.

merge_execute(removing, keeping)[source]

The logic to merge 2 roles is extended as follows:

Any users belonging to the “removing” role will be added to the “keeping” role (if not already present).

Any permissions belonging to the “removing” role will be added to the “keeping” role (if not already present).

See also parent method: merge_execute()

merge_why_not(removing, keeping)[source]

This checks to ensure the “removing” role is not one of the special built-in roles (Administrator, Authenticated, Anonymous).

See also parent method: merge_why_not()

model_class

alias of Role