feriennet.security ================== .. py:module:: feriennet.security Functions --------- .. autoapisummary:: feriennet.security.get_roles_setting feriennet.security.is_owner feriennet.security.local_has_permission_logged_in feriennet.security.has_private_permission_logged_in feriennet.security.has_private_permission_site_collection feriennet.security.has_private_permission_image_collection feriennet.security.has_private_permission_activity_collections feriennet.security.has_private_permission_activities feriennet.security.has_private_permission_occasions feriennet.security.has_private_permission_notifications feriennet.security.has_private_permission_notification feriennet.security.has_public_permission_not_logged_in feriennet.security.has_public_permission_logged_in feriennet.security.has_personal_permission_booking feriennet.security.has_private_permission_occasion_attendee_collection Module Contents --------------- .. py:function:: get_roles_setting() -> dict[str, set[type[onegov.core.security.roles.Intent]]] .. py:function:: is_owner(username: str, activity: onegov.activity.Activity) -> bool Returns true if the given username is the owner of the given activity. .. py:function:: local_has_permission_logged_in(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: object, permission: object) -> bool .. py:function:: has_private_permission_logged_in(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: object, permission: type[onegov.core.security.Private]) -> bool Take away private permission for editors. For exceptions see the permission rules below. .. py:function:: has_private_permission_site_collection(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.org.models.SiteCollection, permission: type[onegov.core.security.Private]) -> bool Give editors the ability to access the site collection. .. py:function:: has_private_permission_image_collection(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.org.models.ImageFileCollection, permission: type[onegov.core.security.Private]) -> bool Give editors the ability to access the image file collection (but not the file collection!). .. py:function:: has_private_permission_activity_collections(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.activity.ActivityCollection[Any], permission: type[onegov.core.security.Private]) -> bool Give the editor private permission for activity collections (needed to create new activites). .. py:function:: has_private_permission_activities(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.activity.Activity, permission: type[onegov.core.security.Private]) -> bool Give the editor private permission for activities. .. py:function:: has_private_permission_occasions(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.activity.Occasion, permission: type[onegov.core.security.Private]) -> bool Give the editor private permission for occasions. .. py:function:: has_private_permission_notifications(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.feriennet.collections.NotificationTemplateCollection, permission: type[onegov.core.security.Private]) -> bool Give the editor private permission for notification templates. .. py:function:: has_private_permission_notification(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.feriennet.models.NotificationTemplate, permission: type[onegov.core.security.Private]) -> bool Give the editor private permission for notification templates. .. py:function:: has_public_permission_not_logged_in(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.NoIdentity | None, model: onegov.activity.Activity, permission: type[onegov.core.security.Public]) -> bool Only make activites anonymously accessible with certain states. .. py:function:: has_public_permission_logged_in(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.activity.Activity, permission: type[onegov.core.security.Public]) -> bool Only make activites accessible with certain states (or if owner). .. py:function:: has_personal_permission_booking(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.activity.Booking, permission: type[onegov.core.security.Personal]) -> bool Ensure that logged in users may only change their own bookings. .. py:function:: has_private_permission_occasion_attendee_collection(app: onegov.feriennet.FeriennetApp, identity: morepath.authentication.Identity, model: onegov.feriennet.collections.OccasionAttendeeCollection, permission: type[onegov.core.security.Private]) -> bool Ensure that organisators have access to the attendee collection.