Create user group allowing reader access to all mails #23648

2020-06-30 12:41:36 +02:00 · 2020-06-30 12:41:36 +02:00 · 998f04473c
parent 9171319411
commit 998f04473c
8 changed files with 104 additions and 1 deletions
--- a/src/pfwbged/policy/configure.zcml
+++ b/src/pfwbged/policy/configure.zcml
@ -84,4 +84,19 @@
        replacement=".monkey.patchedNamedBlobFileInit"
        />

+
+    <include package="borg.localrole" />
+
+    <adapter
+        for="collective.dms.mailcontent.dmsmail.IDmsIncomingMail"
+        provides="borg.localrole.interfaces.ILocalRoleProvider"
+        factory=".localrole.LocalRoleAdapter"
+        />
+
+    <adapter
+        for="collective.dms.mailcontent.dmsmail.IDmsOutgoingMail"
+        provides="borg.localrole.interfaces.ILocalRoleProvider"
+        factory=".localrole.LocalRoleAdapter"
+        />
+
 </configure>
--- a/src/pfwbged/policy/locales/fr/LC_MESSAGES/pfwbged.policy.po
+++ b/src/pfwbged/policy/locales/fr/LC_MESSAGES/pfwbged.policy.po
@ -176,10 +176,18 @@ msgstr "Dossiers"
 msgid "Installs the pfwbged.policy add-on."
 msgstr ""

+#: ../upgrades/registry.py:17
+msgid "Mail reader user group"
+msgstr "Groupe de lecture du courrier"
+
 #: ../menu.py:205
 msgid "Mark document as read"
 msgstr "Marquer le document comme lu"

+#: ../upgrades/registry.py:18
+msgid "Members of this group can read all incoming and outgoing mails on the platform."
+msgstr "Les membres de ce groupe ont un accès en lecture sur tous les courriers entrants et sortants"
+
 #: ../customize.py:42
 msgid "My Tasks"
 msgstr "Mes tâches"
--- a/src/pfwbged/policy/locales/pfwbged.policy.pot
+++ b/src/pfwbged/policy/locales/pfwbged.policy.pot
@ -178,10 +178,18 @@ msgstr ""
 msgid "Installs the pfwbged.policy add-on."
 msgstr ""

+#: ../upgrades/registry.py:17
+msgid "Mail reader user group"
+msgstr ""
+
 #: ../menu.py:205
 msgid "Mark document as read"
 msgstr ""

+#: ../upgrades/registry.py:18
+msgid "Members of this group can read all incoming and outgoing mails on the platform."
+msgstr ""
+
 #: ../customize.py:42
 msgid "My Tasks"
 msgstr ""
--- a/src/pfwbged/policy/localrole.py
+++ b/src/pfwbged/policy/localrole.py
@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+
+from borg.localrole.interfaces import ILocalRoleProvider
+from plone import api
+from zope.interface import implements
+
+
+class LocalRoleAdapter(object):
+    implements(ILocalRoleProvider)
+
+    def __init__(self, context):
+        self.context = context
+
+    @property
+    def accepted_group(self):
+        try:
+            return api.portal.get_registry_record('pfwbged.mail_reader_group')
+        except api.exc.InvalidParameterError:
+            return ''
+
+    def getRoles(self, principal):
+        """Grant permission for principal"""
+        if principal == self.accepted_group:
+            return ('Reader',)
+        else:
+            return ()
+
+    def getAllRoles(self):
+        """Grant permissions"""
+        return [(self.accepted_group, ('Reader',))]
--- a/src/pfwbged/policy/profiles/default/metadata.xml
+++ b/src/pfwbged/policy/profiles/default/metadata.xml
@ -1,6 +1,6 @@
 <?xml version="1.0"?>
 <metadata>
-  <version>7</version>
+  <version>8</version>
  <dependencies>
    <dependency>profile-collective.dms.basecontent:default</dependency>
    <dependency>profile-collective.dms.batchimport:default</dependency>
--- a/src/pfwbged/policy/profiles/default/registry.xml
+++ b/src/pfwbged/policy/profiles/default/registry.xml
@ -99,4 +99,12 @@
    </field>
    <value>False</value>
  </record>
+  <record name="pfwbged.mail_reader_group">
+    <field type="plone.registry.field.ASCIILine">
+      <title>Mail reader user group</title>
+      <description>Members of this group can read all incoming and outgoing mails on the platform.</description>
+      <required>False</required>
+    </field>
+    <value>lecture-courriers</value>
+  </record>
 </registry>
--- a/src/pfwbged/policy/upgrades/configure.zcml
+++ b/src/pfwbged/policy/upgrades/configure.zcml
@ -72,4 +72,13 @@
      handler=".types.remove_apf_content_types"
      />

+    <genericsetup:upgradeStep
+      title="Setup mail reader group"
+      description=""
+      source="7"
+      destination="8"
+      profile="pfwbged.policy:default"
+      handler=".registry.setup_mail_reader_group"
+      />
+
 </configure>
--- a/src/pfwbged/policy/upgrades/registry.py
+++ b/src/pfwbged/policy/upgrades/registry.py
@ -0,0 +1,25 @@
+from pfwbged.policy import _
+from plone.registry.interfaces import IRegistry
+from plone.registry import field
+from plone.registry import Record
+from plone import api
+from zope.component import getUtility
+
+
+def setup_mail_reader_group(context):
+    record_id = u'pfwbged.mail_reader_group'
+    group_id = "lecture-courriers"
+    group_name = u"Lecture courriers"
+
+    registry = getUtility(IRegistry)
+    if record_id not in registry.records:
+        group = field.ASCIILine(
+            title=_(u"Mail reader user group"),
+            description=_(u"Members of this group can read all incoming and outgoing mails on the platform."),
+            required=True,
+            default=group_id,
+        )
+        registry.records[record_id] = Record(group)
+
+    if not api.group.get(group_id):
+        api.group.create(group_id, group_name)