org.security

Functions

`get_roles_setting`(→ dict[str, ...)	Returns the default roles available to onegov.org applications.
`has_export_permission_not_logged_in`(→ bool)
`has_export_permissions_logged_in`(→ bool)
`has_permission_ticket`(→ bool)
`has_permission_ticket_collection`(→ bool)
`has_permission_payments`(→ bool)
`has_permission_directory_submission_action`(→ bool)

Module Contents

org.security.get_roles_setting() → dict[str, set[type[onegov.core.security.roles.Intent]]][source]

Returns the default roles available to onegov.org applications.

Applications building on onegov.org may add more roles and permissions, or replace the existing ones entirely, though it’s not something that one should do carelessly.

The default roles are:

admin: Has access to everything
editor: Has access to most things
supporter: Has access to the ticket (and payment) system
member: Has access their own data
anonymous: Has access to public things

org.security.has_export_permission_not_logged_in(app: onegov.org.app.OrgApp, identity: None, model: onegov.org.models.Export, permission: object) → bool[source]

org.security.has_export_permissions_logged_in(app: onegov.org.app.OrgApp, identity: morepath.authentication.Identity, model: onegov.org.models.Export, permission: object) → bool[source]

org.security.has_permission_ticket(app: onegov.org.app.OrgApp, identity: morepath.authentication.Identity, model: onegov.ticket.Ticket, permission: object) → bool[source]

org.security.has_permission_ticket_collection(app: onegov.org.app.OrgApp, identity: morepath.authentication.Identity, model: onegov.ticket.TicketCollection | onegov.ticket.collection.ArchivedTicketCollection, permission: object) → bool[source]

org.security.has_permission_payments(app: onegov.org.app.OrgApp, identity: morepath.authentication.Identity, model: onegov.pay.Payment | onegov.pay.PaymentCollection, permission: object) → bool[source]

org.security.has_permission_directory_submission_action(app: onegov.org.app.OrgApp, identity: morepath.authentication.Identity, model: onegov.org.views.directory.DirectorySubmissionAction, permission: object) → bool[source]