wuttaweb.views.roles

Views for roles

class wuttaweb.views.roles.PermissionView(request, context=None)[source]

Master view for permissions.

Default route prefix is permissions.

Notable URLs provided by this class:

  • /permissions/

  • /permissions/XXX

  • /permissions/XXX/delete

model_class

alias of Permission

class wuttaweb.views.roles.RoleView(request, context=None)[source]

Master view for roles.

Default route prefix is roles.

Notable URLs provided by this class:

  • /roles/

  • /roles/new

  • /roles/XXX

  • /roles/XXX/edit

  • /roles/XXX/delete

get_available_permissions()[source]

Returns all “available” permissions. This is used when viewing or editing a role; the result is passed into the Permissions field schema.

The app itself must be made aware of each permission, in order for them to found by this method. This is done via add_permission_group() and add_permission().

When in “view” (readonly) mode, this method will return the full set of known permissions.

However in “edit” mode, it will prune the set to remove any permissions which the current user does not also have. The idea here is to allow “many” users to manage roles, but ensure they cannot “break out” of their own role by assigning extra permissions to it.

The permissions returned will also be grouped, and each single permission is also represented as a simple dict, e.g.:

{
    'books': {
        'key': 'books',
        'label': "Books",
        'perms': {
            'books.list': {
                'key': 'books.list',
                'label': "Browse / search Books",
            },
            'books.view': {
                'key': 'books.view',
                'label': "View Book",
            },
        },
    },
    'widgets': {
        'key': 'widgets',
        'label': "Widgets",
        'perms': {
            'widgets.list': {
                'key': 'widgets.list',
                'label': "Browse / search Widgets",
            },
            'widgets.view': {
                'key': 'widgets.view',
                'label': "View Widget",
            },
        },
    },
}
model_class

alias of Role