wuttaweb.views.roles
¶
Views for roles
- class wuttaweb.views.roles.PermissionView(request, context=None)[source]¶
Master view for permissions.
Default route prefix is
permissions
.Notable URLs provided by this class:
/permissions/
/permissions/XXX
/permissions/XXX/delete
- model_class¶
alias of
Permission
- class wuttaweb.views.roles.RoleView(request, context=None)[source]¶
Master view for roles.
Default route prefix is
roles
.Notable URLs provided by this class:
/roles/
/roles/new
/roles/XXX
/roles/XXX/edit
/roles/XXX/delete
- get_available_permissions()[source]¶
Returns all “available” permissions. This is used when viewing or editing a role; the result is passed into the
Permissions
field schema.The app itself must be made aware of each permission, in order for them to found by this method. This is done via
add_permission_group()
andadd_permission()
.When in “view” (readonly) mode, this method will return the full set of known permissions.
However in “edit” mode, it will prune the set to remove any permissions which the current user does not also have. The idea here is to allow “many” users to manage roles, but ensure they cannot “break out” of their own role by assigning extra permissions to it.
The permissions returned will also be grouped, and each single permission is also represented as a simple dict, e.g.:
{ 'books': { 'key': 'books', 'label': "Books", 'perms': { 'books.list': { 'key': 'books.list', 'label': "Browse / search Books", }, 'books.view': { 'key': 'books.view', 'label': "View Book", }, }, }, 'widgets': { 'key': 'widgets', 'label': "Widgets", 'perms': { 'widgets.list': { 'key': 'widgets.list', 'label': "Browse / search Widgets", }, 'widgets.view': { 'key': 'widgets.view', 'label': "View Widget", }, }, }, }