Mercurial > p > roundup > code
diff roundup/cgi/templating.py @ 3184:6cd2cbb47fb0 maint-0.8
merge OLD changes from HEAD
| author | Richard Jones <richard@users.sourceforge.net> |
|---|---|
| date | Tue, 15 Feb 2005 22:48:14 +0000 |
| parents | 2ac85e66e9bb |
| children | 79bcf944ceb8 |
line wrap: on
line diff
--- a/roundup/cgi/templating.py Tue Feb 15 00:28:03 2005 +0000 +++ b/roundup/cgi/templating.py Tue Feb 15 22:48:14 2005 +0000 @@ -560,10 +560,16 @@ ''' # get the list and sort it nicely l = self._klass.list() - sortfunc = make_sort_function(self._db, self.classname, sort_on) + sortfunc = make_sort_function(self._db, self._classname, sort_on) l.sort(sortfunc) - l = [HTMLItem(self._client, self.classname, x) for x in l] + # check perms + check = self._client.db.security.hasPermission + userid = self._client.userid + + l = [HTMLItem(self._client, self._classname, id) for id in l + if check('View', userid, self._classname, itemid=id)] + return l def csv(self): @@ -604,8 +610,13 @@ filterspec = request.filterspec sort = request.sort group = request.group + + check = self._db.security.hasPermission + userid = self._client.userid + l = [HTMLItem(self._client, self.classname, x) - for x in self._klass.filter(None, filterspec, sort, group)] + for id in self._klass.filter(None, filterspec, sort, group) + if check('View', userid, self.classname, itemid=id)] return l def classhelp(self, properties=None, label=''"(list)", width='500', @@ -1676,6 +1687,27 @@ return '\n'.join(l) # def checklist(self, ...) +class MultilinkIterator: + def __init__(self, classname, client, values): + self.classname = classname + self.client = client + self.values = values + self.id = -1 + def next(self): + '''Return the next item, but skip inaccessible items.''' + check = self.client.db.security.hasPermission + userid = self.client.userid + while 1: + self.id += 1 + if self.id >= len(self.values): + raise StopIteration + value = self.values[self.id] + if check('View', userid, self.classname, itemid=value): + return HTMLItem(self.client, self.classname, value) + def __iter__(self): + return self + + class MultilinkHTMLProperty(HTMLProperty): ''' Multilink HTMLProperty @@ -1698,16 +1730,22 @@ ''' no extended attribute accesses make sense here ''' raise AttributeError, attr - def __getitem__(self, num): + def __iter__(self): ''' iterate and return a new HTMLItem ''' - #print 'Multi.getitem', (self, num) - value = self._value[num] - return HTMLItem(self._client, self._prop.classname, value) + return MultilinkIterator(self._prop.classname, self._client, + self._value) + + def reverse(self): + ''' return the list in reverse order + ''' + l = self._value[:] + l.reverse() + return MultilinkIterator(self._prop.classname, self._client, l) def sorted(self, property): ''' Return this multilink sorted by the given property ''' - value = list(self._value[num]) + value = list(self.__iter__()) value.sort(lambda a,b:cmp(a[property], b[property])) return value @@ -1721,14 +1759,6 @@ '''Is my _value not []?''' return self._value != [] - def reverse(self): - ''' return the list in reverse order - ''' - l = self._value[:] - l.reverse() - return [HTMLItem(self._client, self._prop.classname, value) - for value in l] - def plain(self, escape=0): ''' Render a "plain" representation of the property ''' @@ -1766,7 +1796,7 @@ def menu(self, size=None, height=None, showid=0, additional=[], sort_on=None, **conditions): - ''' Render a form select list for this property + ''' Render a form <select> list for this property. "size" is used to limit the length of the list labels "height" is used to set the <select> tag's "size" attribute @@ -2183,7 +2213,12 @@ re.findall(r'\b\w{2,25}\b', self.search_text), klass) else: matches = None - l = klass.filter(matches, filterspec, sort, group) + + # filter for visibility + check = self._client.db.security.hasPermission + userid = self._client.userid + l = [id for id in klass.filter(matches, filterspec, sort, group) + if check('View', userid, self.classname, itemid=id)] # return the batch object, using IDs only return Batch(self.client, l, self.pagesize, self.startwith,