+++ /dev/null
- <h1 tal:define="global print request/pp | nothing"></h1>
- <h1 tal:replace="structure here/manage_page_header">Header</h1>
- <h2 tal:condition="not: print" tal:define="manage_tabs_message options/manage_tabs_message | nothing"
- tal:replace="structure here/manage_tabs">Tabs</h2>
-
-
- <div tal:condition="request/doIt | nothing">
- <h4>Audit results</h4>
-
- <table
- border="1"
- class="list-item"
- tal:define="
- global users_and_roles here/listUsersAndRoles;
- site_tree here/getSiteTree;
- table_cache python:here.computeSecuritySettings(site_tree, users_and_roles, [('R', request.read_permission), ('W', request.write_permission)]);
- "
- tal:condition="users_and_roles"
- >
- <tr tal:define="width python:int(100/len(users_and_roles))">
- <td width="0" tal:attributes="width string:$width%"></td>
- <td width="0" align="center"
- tal:repeat="s users_and_roles"
- tal:attributes="width string:$width%"
- >
- <span tal:define="color python:test(s[0] == 'user', here.user_color, test(s[0] == 'group', here.group_color, here.role_color))">
- <font color="" tal:attributes="color color">
- <tal:block tal:condition="not:request/use_legend|nothing">
- <b tal:content="structure python:s[4]" /><br />
- </tal:block>
- <tal:block tal:condition="request/use_legend|nothing">
- <b tal:content="python:s[3]" />
- </tal:block>
- </font>
- <span tal:condition="not:request/use_legend|nothing">
- (<font color="" tal:attributes="color color"><span tal:replace="python:s[0]" /></font>)
- </span>
- </span>
- </td>
- </tr>
-
- <tr tal:repeat="folder site_tree">
- <td nowrap="1">
- <span tal:repeat="x python:range(0,folder[1])" tal:omit-tag="">-</span>
- <a href=""
- tal:attributes="href python:folder[2]"
- tal:content="python:folder[0]"
- />
- <tal:block
- tal:define="state python:here.portal_workflow.getInfoFor(here.restrictedTraverse(folder[2]), 'review_state')"
- tal:on-error="nothing"
- >
- <br />
- <span tal:repeat="x python:range(0,folder[1])" tal:omit-tag="">-</span>
- <span tal:replace="state" />
- </tal:block>
- </td>
- <td
- tal:repeat="s users_and_roles"
- >
- <tal:block
- tal:define="
- R python:table_cache[folder[2]][s[:2]].get('R', None);
- W python:table_cache[folder[2]][s[:2]].get('W', None)"
- >
- <span tal:condition="R">R</span>
- <span tal:condition="W">W</span>
- <span tal:condition="python: (not R) and (not W)"> </span>
- </tal:block>
- </td>
- </tr>
- </table>
- </div>
-
- <div tal:condition="request/use_legend|nothing">
- <h4>Legend</h4>
- <ol>
- <table>
- <tr class="list-header">
- <th class="list-header">Id</th>
- <th class="list-header">Label</th>
- <th class="list-header">Kind</th>
- </tr>
-
- <tr tal:repeat="actor users_and_roles">
- <span tal:define="color python:test(actor[0] == 'user', here.user_color, test(actor[0] == 'group', here.group_color, here.role_color))">
- <td class="list-item"><font color="" tal:attributes="color color" tal:content="python:actor[3]">Id</font></td>
- <td class="list-item"><font color="" tal:attributes="color color" tal:content="structure python:actor[4]">Label</font></td>
- <td class="list-item"><font color="" tal:attributes="color color" tal:content="python:actor[0]">Kind</font></td>
- </span>
- </tr>
-
- </table>
- </ol>
- </div>
-
- <div tal:condition="not: print" tal:omit-tag="">
- <h4>Audit settings</h4>
- <ol>
- <p>
- See help below if you do not understand those settings.
- </p>
-
- <form action="manage_audit" method="GET">
- <input type="hidden" name="doIt" value="1">
- <table
- tal:define="default here/getDefaultPermissions"
- >
- <tr class="list-header">
- <th>Parameter</th>
- <th class="list-header">Setting</th>
- </tr>
- <tr>
- <td><div class="list-item">Read permission</div></td>
- <td>
- <select name="read_permission" size="1">
- <option
- selected=0
- value=""
- tal:repeat="perm here/listAuditPermissions"
- tal:attributes="
- value perm;
- selected python:perm == default['R'];
- "
- tal:content="perm"
- />
- </select>
- </td>
- </tr>
- <tr>
- <td><div class="list-item">Write permission</div></td>
- <td>
- <select name="write_permission" size="1">
- <option
- selected=0
- value=""
- tal:repeat="perm here/listAuditPermissions"
- tal:attributes="
- value perm;
- selected python:perm == default['W'];
- "
- tal:content="perm"
- />
- </select>
- </td>
- </tr>
- <tr>
- <td><div class="list-item">Displayed actors</div></td>
- <td>
- <div class="list-item">
- <input type="checkbox" name="display_roles" checked="" tal:attributes="checked request/display_roles|python:test(request.get('doIt',None), 0, 1)">
- <font color="" tal:attributes="color here/role_color">Roles</font><br />
- <input type="checkbox" name="display_groups" checked="" tal:attributes="checked request/display_groups|python:test(request.get('doIt',None), 0, 1)">
- <font color="" tal:attributes="color here/group_color">Groups</font><br />
- <input type="checkbox" name="display_users" checked="" tal:attributes="checked request/display_users|python:test(request.get('doIt',None), 0, 0)">
- <font color="" tal:attributes="color here/user_color">Users</font>
- </div>
- </td>
- </tr>
- <tr>
- <td valign="top"><div class="list-item">Use a legend</div></td>
- <td>
- <div class="list-item">
- <input type="checkbox" name="use_legend" checked="" tal:attributes="checked request/use_legend|nothing">
- (Use this feature to display actors names outside the table. This will reduce the table width, which may be useful for printing, for example.)
- </div>
- </td>
- </tr>
- <tr>
- <td><div class="list-item">Printable page</div></td>
- <td>
- <div class="list-item">
- <input type="checkbox" name="pp" checked="" tal:attributes="checked request/pp|nothing">
- </div>
- </td>
- </tr>
- <tr>
- <td></td>
- <td><input type="submit" value="View"></td>
- </tr>
- </table>
- </form>
- </ol>
- </div>
-
-
- <div tal:condition="not: print" tal:omit-tag="">
- <div tal:condition="not:request/doIt | nothing">
-
- <h4>About the audit table</h4>
- <ol>
- <p>
- This management tab allows one to check how the site security is applied for the most useful cases.<br />
- This allows you to have a precise abstract of the security settings for a little set of permissions as
- if it simply were "Read" and "Write" permissions.
- </p>
-
- <p>
- <strong>
- This management tab won't change anything in your security settings. It is just intended to show information and not to modify anything.
- </strong>
- </p>
-
- <p>
- Select, in the form below, the permissions you want to monitor and the kind of actors (roles, groups or users) you want to display.
- </p>
-
- <ol>
- <h4>Hint</h4>
- <p>
- Usually, for a regular Zope site, the
- permission set would be mapped this way:
- </p>
-
- <ul>
- <li>Read: View</li>
- <li>Write: Change Images and Files</li>
- </ul>
- <p>
- For a Plone site, the
- permission set would be mapped this way:
- </p>
-
- <ul>
- <li>Read: View</li>
- <li>Write: Modify portal content</li>
- </ul>
- <p>
- If you have <strong>a lot of users</strong>, rendering this audit can be very time-consuming.<br />
- In such conditions, you can select only "roles" to make things a lot faster.
- </ol>
- </ol>
- </div>
- </div>
-
- <h1 tal:replace="structure here/manage_page_footer">Footer</h1>