1.1 --- a/MoinForms.py Sun Jan 20 18:24:06 2013 +0100
1.2 +++ b/MoinForms.py Sun Jan 20 19:47:48 2013 +0100
1.3 @@ -10,8 +10,7 @@
1.4 from compiler.ast import Const, Dict, Discard, List, Module, Stmt
1.5 from MoinMoin.action import do_show
1.6 from MoinMoin.Page import Page
1.7 -from MoinMoin.security import parseACL
1.8 -from MoinMoin import wikiutil
1.9 +from MoinMoin import security, wikiutil
1.10 from MoinSupport import *
1.11 import re
1.12
1.13 @@ -107,17 +106,24 @@
1.14
1.15 user = self.request.user
1.16
1.17 - # Use the page permissions if no access definition is given.
1.18 + # Use the access definition if one is given.
1.19
1.20 - if not self.attributes.has_key("access"):
1.21 - return user and getattr(user.may, action)(self.pagename)
1.22 + if self.attributes.has_key("access"):
1.23 + access = self.attributes["access"]
1.24 + acl = security.AccessControlList(self.request.cfg, [access])
1.25 + policy = lambda request, pagename, username, action: acl.may(request, username, action)
1.26
1.27 - # Otherwise use the access definition.
1.28 + # Otherwise, use the page permissions.
1.29
1.30 else:
1.31 - access = self.attributes["access"]
1.32 - acl = parseACL(self.request, access)
1.33 - return user and acl.may(self.request, user.name, action)
1.34 + policy = security._check
1.35 +
1.36 + # The "read" action is only satisfied by the "admin" role.
1.37 +
1.38 + return user and (
1.39 + action != "read" and policy(self.request, self.pagename, user.name, action) or
1.40 + action == "read" and policy(self.request, self.pagename, user.name, "admin")
1.41 + )
1.42
1.43 def validateFields(self, fields, structure):
1.44
1.45 @@ -317,6 +323,15 @@
1.46
1.47 return self.handler.checkPermissions("write")
1.48
1.49 + def can_read(self):
1.50 +
1.51 + """
1.52 + Permit reading of form data using the form attributes or page
1.53 + permissions.
1.54 + """
1.55 +
1.56 + return self.handler.checkPermissions("read")
1.57 +
1.58 # Form and field information.
1.59
1.60 def getFormStructure(text, request, path=None, structure=None):