|
1
|
|
|
# -*- coding: utf-8 -*- |
|
2
|
|
|
# |
|
3
|
|
|
# This file is part of SENAITE.CORE |
|
4
|
|
|
# |
|
5
|
|
|
# Copyright 2018 by it's authors. |
|
6
|
|
|
# Some rights reserved. See LICENSE.rst, CONTRIBUTORS.rst. |
|
7
|
|
|
|
|
8
|
|
|
""" |
|
9
|
|
|
This file has two parts, the first one contains pseudoconstants to get |
|
10
|
|
|
permissions titles in other places. |
|
11
|
|
|
|
|
12
|
|
|
The second part is a function to set up permissions for some general objects. |
|
13
|
|
|
|
|
14
|
|
|
All the available permissions are defined in permissions.zcml. |
|
15
|
|
|
Each permission has two attributes: a short ID and a long title. The ID |
|
16
|
|
|
will be used for zope3-like permissions such as ZCML configuration |
|
17
|
|
|
files. The long title will be used for zope2-like |
|
18
|
|
|
permissions such as sm.checkPermission. |
|
19
|
|
|
|
|
20
|
|
|
In order to avoid typo errors, we will use pseudoconstants instead of |
|
21
|
|
|
permission string values. these constants are defined in ins this file. |
|
22
|
|
|
|
|
23
|
|
|
The two files (permissions.py and permissions.zcml) must be kept in sync. |
|
24
|
|
|
|
|
25
|
|
|
bika.lims.__init__ imports * from this file, so |
|
26
|
|
|
bika.lims.PermName or bika.lims.permissions.PermName are |
|
27
|
|
|
both valid. |
|
28
|
|
|
""" |
|
29
|
|
|
|
|
30
|
|
|
# Add Permissions |
|
31
|
|
|
# =============== |
|
32
|
|
|
# For "Add" permissions, keep the name of the variable as "Add<portal_type>". |
|
33
|
|
|
# When the module gets initialized (bika.lims.__init__), the function initialize |
|
34
|
|
|
# will look through these Add permissions attributes when registering types and |
|
35
|
|
|
# will automatically associate them with their types. |
|
36
|
|
|
AddAnalysis = "senaite.core: Add Analysis" |
|
37
|
|
|
AddAnalysisCategory = "senaite.core: Add AnalysisCategory" |
|
38
|
|
|
AddAnalysisProfile = "senaite.core: Add AnalysisProfile" |
|
39
|
|
|
AddAnalysisRequest = "senaite.core: Add AnalysisRequest" |
|
40
|
|
|
AddAnalysisService = "senaite.core: Add AnalysisService" |
|
41
|
|
|
AddAnalysisSpec = "senaite.core: Add AnalysisSpec" |
|
42
|
|
|
AddARTemplate = "senaite.core: Add ARTemplate" |
|
43
|
|
|
AddAttachment = "senaite.core: Add Attachment" |
|
44
|
|
|
AddAttachmentType = "senaite.core: Add AttachmentType" |
|
45
|
|
|
AddBatch = "senaite.core: Add Batch" |
|
46
|
|
|
AddBatchLabel = "senaite.core: Add BatchLabel" |
|
47
|
|
|
AddCalculation = "senaite.core: Add Calculation" |
|
48
|
|
|
AddClient = "senaite.core: Add Client" |
|
49
|
|
|
AddContainer = "senaite.core: Add Container" |
|
50
|
|
|
AddContainerType = "senaite.core: Add ContainerType" |
|
51
|
|
|
AddDepartment = "senaite.core: Add Department" |
|
52
|
|
|
AddIdentifierType = "senaite.core: Add IdentifierType" |
|
53
|
|
|
AddInstrument = "senaite.core: Add Instrument" |
|
54
|
|
|
AddInstrumentLocation = "senaite.core: Add InstrumentLocation" |
|
55
|
|
|
AddInstrumentType = "senaite.core: Add InstrumentType" |
|
56
|
|
|
AddInvoice = "senaite.core: Add Invoice" |
|
57
|
|
|
AddLabContact = "senaite.core: Add LabContact" |
|
58
|
|
|
AddLabProduct = "senaite.core: Add LabProduct" |
|
59
|
|
|
AddManufacturer = "senaite.core: Add Manufacturer" |
|
60
|
|
|
AddMethod = "senaite.core: Add Method" |
|
61
|
|
|
AddMultifile = "senaite.core: Add Multifile" |
|
62
|
|
|
AddPreservation = "senaite.core: Add Preservation" |
|
63
|
|
|
AddPricelist = "senaite.core: Add Pricelist" |
|
64
|
|
|
AddReferenceDefinition = "senaite.core: Add ReferenceDefinition" |
|
65
|
|
|
AddReflexRule = "senaite.core: Add ReflexRule" |
|
66
|
|
|
AddSampleCondition = "senaite.core: Add SampleCondition" |
|
67
|
|
|
AddSampleMatrix = "senaite.core: Add SampleMatrix" |
|
68
|
|
|
AddSamplePoint = "senaite.core: Add SamplePoint" |
|
69
|
|
|
AddSampleType = "senaite.core: Add SampleType" |
|
70
|
|
|
AddSamplingDeviation = "senaite.core: Add SamplingDeviation" |
|
71
|
|
|
AddSamplingRound = "senaite.core: Add SamplingRound" |
|
72
|
|
|
AddSRTemplate = "senaite.core: Add SRTemplate" |
|
73
|
|
|
AddStorageLocation = "senaite.core: Add StorageLocation" |
|
74
|
|
|
AddSubGroup = "senaite.core: Add SubGroup" |
|
75
|
|
|
AddSupplier = "senaite.core: Add Supplier" |
|
76
|
|
|
AddSupplyOrder = "senaite.core: Add SupplyOrder" |
|
77
|
|
|
AddWorksheetTemplate = "senaite.core: Add WorksheetTemplate" |
|
78
|
|
|
|
|
79
|
|
|
# Transition permissions |
|
80
|
|
|
# ====================== |
|
81
|
|
|
TransitionDeactivate = "senaite.core: Transition: Deactivate" |
|
82
|
|
|
TransitionActivate = "senaite.core: Transition: Activate" |
|
83
|
|
|
TransitionCancel = "senaite.core: Transition: Cancel" |
|
84
|
|
|
TransitionReinstate = "senaite.core: Transition: Reinstate" |
|
85
|
|
|
TransitionClose = "senaite.core: Transition: Close" |
|
86
|
|
|
TransitionReopen = "senaite.core: Transition: Reopen" |
|
87
|
|
|
|
|
88
|
|
|
# Transition permissions (Analysis and alike) |
|
89
|
|
|
TransitionRetract = "senaite.core: Transition: Retract" |
|
90
|
|
|
TransitionVerify = "senaite.core: Transition: Verify" |
|
91
|
|
|
TransitionAssignAnalysis = "senaite.core: Transition: Assign Analysis" |
|
92
|
|
|
TransitionUnassignAnalysis = "senaite.core: Transition: Unassign Analysis" |
|
93
|
|
|
|
|
94
|
|
|
# Transition permissions (Analysis Request) |
|
95
|
|
|
TransitionCancelAnalysisRequest = "senaite.core: Transition: Cancel Analysis Request" |
|
96
|
|
|
TransitionReinstateAnalysisRequest = "senaite.core: Transition: Reinstate Analysis Request" |
|
97
|
|
|
TransitionInvalidate = "senaite.core: Transition Invalidate" |
|
98
|
|
|
TransitionPreserveSample = "senaite.core: Transition: Preserve Sample" |
|
99
|
|
|
TransitionPublishResults = "senaite.core: Transition: Publish Results" |
|
100
|
|
|
TransitionReceiveSample = "senaite.core: Transition: Receive Sample" |
|
101
|
|
|
TransitionRejectSample = "senaite.core: Transition: Reject Sample" |
|
102
|
|
|
TransitionSampleSample = "senaite.core: Transition: Sample Sample" |
|
103
|
|
|
TransitionScheduleSampling = "senaite.core: Transition: Schedule Sampling" |
|
104
|
|
|
|
|
105
|
|
|
# Transition permissions (Supply Order) |
|
106
|
|
|
TransitionDispatchOrder = "senaite.core: Transition: Dispatch Order" |
|
107
|
|
|
|
|
108
|
|
|
# Transition permissions (Sampling Round) |
|
109
|
|
|
TransitionCloseSamplingRound = "senaite.core: Transition: Close Sampling Round" |
|
110
|
|
|
TransitionReopenSamplingRound = "senaite.core: Transition: Reopen Sampling Round" |
|
111
|
|
|
|
|
112
|
|
|
# Transition permissions (Worksheet) |
|
113
|
|
|
TransitionRejectWorksheet = "senaite.core: Transition: Reject Worksheet" |
|
114
|
|
|
|
|
115
|
|
|
|
|
116
|
|
|
# Field Permissions |
|
117
|
|
|
# ================= |
|
118
|
|
|
# Field permissions (Analysis Request) |
|
119
|
|
|
FieldEditBatch = "senaite.core: Field: Edit Batch" |
|
120
|
|
|
FieldEditClient = "senaite.core: Field: Edit Client" |
|
121
|
|
|
FieldEditClientOrderNumber = "senaite.core: Field: Edit Client Order Number" |
|
122
|
|
|
FieldEditClientReference = "senaite.core: Field: Edit Client Reference" |
|
123
|
|
|
FieldEditClientSampleID = "senaite.core: Field: Edit Client Sample ID" |
|
124
|
|
|
FieldEditComposite = "senaite.core: Field: Edit Composite" |
|
125
|
|
|
FieldEditContact = "senaite.core: Field: Edit Contact" |
|
126
|
|
|
FieldEditContainer = "senaite.core: Field: Edit Container" |
|
127
|
|
|
FieldEditDatePreserved = "senaite.core: Field: Edit Date Preserved" |
|
128
|
|
|
FieldEditDateReceived = "senaite.core: Field: Edit Date Received" |
|
129
|
|
|
FieldEditDateSampled = "senaite.core: Field: Edit Date Sampled" |
|
130
|
|
|
FieldEditEnvironmentalConditions = "senaite.core: Field: Edit Environmental Conditions" |
|
131
|
|
|
FieldEditInvoiceExclude = "senaite.core: Field: Edit Invoice Exclude" |
|
132
|
|
|
FieldEditMemberDiscount = "senaite.core: Field: Edit Member Discount" |
|
133
|
|
|
FieldEditPreservation = "senaite.core: Field: Edit Preservation" |
|
134
|
|
|
FieldEditPreserver = "senaite.core: Field: Edit Preserver" |
|
135
|
|
|
FieldEditPriority = "senaite.core: Field: Edit Priority" |
|
136
|
|
|
FieldEditProfiles = "senaite.core: Field: Edit Profiles" |
|
137
|
|
|
FieldEditPublicationSpecifications = "senaite.core: Field: Edit Publication Specification" |
|
138
|
|
|
FieldEditRejectionReasons = "senaite.core: Field: Edit Rejection Reasons" |
|
139
|
|
|
FieldEditRemarks = "senaite.core: Field: Edit Remarks" |
|
140
|
|
|
FieldEditResultsInterpretation = "senaite.core: Field: Edit Results Interpretation" |
|
141
|
|
|
FieldEditSampleCondition = "senaite.core: Field: Edit Sample Condition" |
|
142
|
|
|
FieldEditSamplePoint = "senaite.core: Field: Edit Sample Point" |
|
143
|
|
|
FieldEditSampleType = "senaite.core: Field: Edit Sample Type" |
|
144
|
|
|
FieldEditSampler = "senaite.core: Field: Edit Sampler" |
|
145
|
|
|
FieldEditSamplingDate = "senaite.core: Field: Edit Sampling Date" |
|
146
|
|
|
FieldEditSamplingDeviation = "senaite.core: Field: Edit Sampling Deviation" |
|
147
|
|
|
FieldEditSamplingRound = "senaite.core: Field: Edit Sampling Round" |
|
148
|
|
|
FieldEditScheduledSampler = "senaite.core: Field: Edit Scheduled Sampler" |
|
149
|
|
|
FieldEditSpecification = "senaite.core: Field: Edit Specification" |
|
150
|
|
|
FieldEditStorageLocation = "senaite.core: Field: Edit Storage Location" |
|
151
|
|
|
FieldEditTemplate = "senaite.core: Field: Edit Template" |
|
152
|
|
|
|
|
153
|
|
|
# Field permissions (Analysis and alike) |
|
154
|
|
|
FieldEditAnalysisHidden = "senaite.core: Field: Edit Analysis Hidden" |
|
155
|
|
|
FieldEditAnalysisResult = "senaite.core: Field: Edit Analysis Result" |
|
156
|
|
|
FieldEditAnalysisRemarks = "senaite.core: Field: Edit Analysis Remarks" |
|
157
|
|
|
|
|
158
|
|
|
|
|
159
|
|
|
# Behavioral permissions |
|
160
|
|
|
# ====================== |
|
161
|
|
|
# TODO Security Review these "behavioral" permissions |
|
162
|
|
|
AccessJSONAPI = "senaite.core: Access JSON API" |
|
163
|
|
|
EditFieldResults = "senaite.core: Edit Field Results" |
|
164
|
|
|
EditResults = "senaite.core: Edit Results" |
|
165
|
|
|
EditWorksheet = "senaite.core: Edit Worksheet" |
|
166
|
|
|
ManageBika = "senaite.core: Manage Bika" |
|
167
|
|
|
ManageAnalysisRequests = "senaite.core: Manage Analysis Requests" |
|
168
|
|
|
ManageARImport = "senaite.core: Manage ARImport" |
|
169
|
|
|
ManageInvoices = "senaite.core: Manage Invoices" |
|
170
|
|
|
ManageLoginDetails = "senaite.core: Manage Login Details" |
|
171
|
|
|
ManageReference = "senaite.core: Manage Reference" |
|
172
|
|
|
ManageWorksheets = "senaite.core: Manage Worksheets" |
|
173
|
|
|
ViewResults = "senaite.core: View Results" |
|
174
|
|
|
|
|
175
|
|
|
|
|
176
|
|
|
# View/Action permissions |
|
177
|
|
|
# ======================= |
|
178
|
|
|
# TODO Security Review these "view/action" permissions |
|
179
|
|
|
ImportInstrumentResults = "senaite.core: Import Instrument Results" |
|
180
|
|
|
ViewRetractedAnalyses = "senaite.core: View Retracted Analyses" |
|
181
|
|
|
ViewLogTab = "senaite.core: View Log Tab" |
|
182
|
|
|
|
senaite /
senaite.core
