X-Git-Url: https://scm.cri.minesparis.psl.eu/git/GroupUserFolder.git/blobdiff_plain/e9d14b6b5cc9cd4775c60cb340b5c4c787536fc3..3e1ba4932c34812cf2f6f3569b0f0dbea97b7a0b:/Products/GroupUserFolder/dtml/GRUF_audit.zpt

diff --git a/Products/GroupUserFolder/dtml/GRUF_audit.zpt b/Products/GroupUserFolder/dtml/GRUF_audit.zpt
new file mode 100644
index 0000000..26dfdc0
--- /dev/null
+++ b/Products/GroupUserFolder/dtml/GRUF_audit.zpt
@@ -0,0 +1,236 @@
+  <h1 tal:define="global print request/pp | nothing"></h1>
+  <h1 tal:replace="structure here/manage_page_header">Header</h1>
+  <h2 tal:condition="not: print" tal:define="manage_tabs_message options/manage_tabs_message | nothing"
+    tal:replace="structure here/manage_tabs">Tabs</h2>
+
+  
+  <div tal:condition="request/doIt | nothing">
+    <h4>Audit results</h4>
+
+    <table 
+           border="1"
+           class="list-item"
+           tal:define="
+      global users_and_roles here/listUsersAndRoles;
+      site_tree here/getSiteTree;
+      table_cache python:here.computeSecuritySettings(site_tree, users_and_roles, [('R', request.read_permission), ('W', request.write_permission)]);
+      "
+      tal:condition="users_and_roles"
+      >
+      <tr tal:define="width python:int(100/len(users_and_roles))">
+        <td width="0" tal:attributes="width string:$width%"></td>
+        <td width="0" align="center"
+            tal:repeat="s users_and_roles"
+          tal:attributes="width string:$width%"
+          >
+          <span tal:define="color python:test(s[0] == 'user', here.user_color, test(s[0] == 'group', here.group_color, here.role_color))">
+            <font color="" tal:attributes="color color">
+              <tal:block tal:condition="not:request/use_legend|nothing">
+                <b tal:content="structure python:s[4]" /><br />
+              </tal:block>
+              <tal:block tal:condition="request/use_legend|nothing">
+                <b tal:content="python:s[3]" />
+              </tal:block>
+            </font>
+            <span tal:condition="not:request/use_legend|nothing">
+              (<font color="" tal:attributes="color color"><span tal:replace="python:s[0]" /></font>)
+            </span>
+          </span>
+        </td>
+      </tr>
+
+      <tr tal:repeat="folder site_tree">
+        <td nowrap="1">
+          <span tal:repeat="x python:range(0,folder[1])" tal:omit-tag="">-</span>
+          <a href=""
+             tal:attributes="href python:folder[2]"
+            tal:content="python:folder[0]"
+            />
+            <tal:block 
+              tal:define="state python:here.portal_workflow.getInfoFor(here.restrictedTraverse(folder[2]), 'review_state')"
+              tal:on-error="nothing"
+              >
+              <br />
+                <span tal:repeat="x python:range(0,folder[1])" tal:omit-tag="">-</span>
+                <span tal:replace="state" />
+            </tal:block>
+        </td>
+        <td 
+            tal:repeat="s users_and_roles" 
+          >
+          <tal:block
+            tal:define="
+            R python:table_cache[folder[2]][s[:2]].get('R', None);
+            W python:table_cache[folder[2]][s[:2]].get('W', None)"
+            >
+            <span tal:condition="R">R</span>
+            <span tal:condition="W">W</span>
+            <span tal:condition="python: (not R) and (not W)">&nbsp;</span>
+          </tal:block>
+        </td>
+      </tr>
+    </table>
+  </div>
+
+  <div tal:condition="request/use_legend|nothing">
+    <h4>Legend</h4>
+    <ol>
+      <table>
+        <tr class="list-header">
+          <th class="list-header">Id</th>
+          <th class="list-header">Label</th>
+          <th class="list-header">Kind</th>
+        </tr>
+        
+        <tr tal:repeat="actor users_and_roles">
+          <span tal:define="color python:test(actor[0] == 'user', here.user_color, test(actor[0] == 'group', here.group_color, here.role_color))">
+            <td class="list-item"><font color="" tal:attributes="color color" tal:content="python:actor[3]">Id</font></td>
+            <td class="list-item"><font color="" tal:attributes="color color" tal:content="structure python:actor[4]">Label</font></td>
+            <td class="list-item"><font color="" tal:attributes="color color" tal:content="python:actor[0]">Kind</font></td>
+          </span>
+        </tr>
+
+      </table>
+    </ol>
+  </div>
+
+  <div tal:condition="not: print" tal:omit-tag="">
+    <h4>Audit settings</h4>
+    <ol>
+      <p>
+        See help below if you do not understand those settings.
+      </p>
+
+      <form action="manage_audit" method="GET">
+        <input type="hidden" name="doIt" value="1">
+          <table
+                 tal:define="default here/getDefaultPermissions"
+            >
+            <tr class="list-header">
+              <th>Parameter</th>
+              <th class="list-header">Setting</th>
+            </tr>
+            <tr>
+              <td><div class="list-item">Read permission</div></td>
+              <td>
+                <select name="read_permission" size="1">
+                  <option
+                          selected=0
+                          value=""
+                          tal:repeat="perm here/listAuditPermissions"
+                    tal:attributes="
+                    value perm;
+                    selected python:perm == default['R'];
+                    "
+                    tal:content="perm"
+                    />
+                </select>
+              </td>
+            </tr>
+            <tr>
+              <td><div class="list-item">Write permission</div></td>
+              <td>
+                <select name="write_permission" size="1">
+                  <option 
+                          selected=0
+                          value=""
+                          tal:repeat="perm here/listAuditPermissions"
+                    tal:attributes="
+                    value perm;
+                    selected python:perm == default['W'];
+                    "
+                    tal:content="perm"
+                    />
+                </select>
+              </td>
+            </tr>
+            <tr>
+              <td><div class="list-item">Displayed actors</div></td>
+              <td>
+                <div class="list-item">
+                  <input type="checkbox" name="display_roles" checked="" tal:attributes="checked request/display_roles|python:test(request.get('doIt',None), 0, 1)">
+                    <font color="" tal:attributes="color here/role_color">Roles</font><br />
+                      <input type="checkbox" name="display_groups" checked="" tal:attributes="checked request/display_groups|python:test(request.get('doIt',None), 0, 1)">
+                        <font color="" tal:attributes="color here/group_color">Groups</font><br />
+                      <input type="checkbox" name="display_users" checked="" tal:attributes="checked request/display_users|python:test(request.get('doIt',None), 0, 0)">
+                        <font color="" tal:attributes="color here/user_color">Users</font>
+                </div>
+              </td>
+            </tr>
+            <tr>
+              <td valign="top"><div class="list-item">Use a legend</div></td>
+              <td>
+                <div class="list-item">
+                  <input type="checkbox" name="use_legend" checked="" tal:attributes="checked request/use_legend|nothing">
+                    (Use this feature to display actors names outside the table. This will reduce the table width, which may be useful for printing, for example.)
+                </div>
+              </td>
+            </tr>
+            <tr>
+              <td><div class="list-item">Printable page</div></td>
+              <td>
+                <div class="list-item">
+                  <input type="checkbox" name="pp" checked="" tal:attributes="checked request/pp|nothing">
+                </div>
+              </td>
+            </tr>
+            <tr>
+              <td></td>
+              <td><input type="submit" value="View"></td>
+            </tr>
+          </table>
+      </form>
+    </ol>
+  </div>
+
+
+  <div tal:condition="not: print" tal:omit-tag="">
+    <div tal:condition="not:request/doIt | nothing">
+
+      <h4>About the audit table</h4>
+      <ol>
+        <p>
+          This management tab allows one to check how the site security is applied for the most useful cases.<br />
+            This allows you to have a precise abstract of the security settings for a little set of permissions as
+            if it simply were "Read" and "Write" permissions.
+        </p>
+
+        <p>
+          <strong>
+            This management tab won't change anything in your security settings. It is just intended to show information and not to modify anything.
+          </strong>
+        </p>
+        
+        <p>
+          Select, in the form below, the permissions you want to monitor and the kind of actors (roles, groups or users) you want to display.
+        </p>
+        
+        <ol>
+          <h4>Hint</h4>
+          <p>
+            Usually, for a regular Zope site, the
+            permission set would be mapped this way:
+          </p>
+          
+          <ul>
+            <li>Read: View</li>
+            <li>Write: Change Images and Files</li>
+          </ul>
+          <p>
+            For a Plone site, the
+            permission set would be mapped this way:
+          </p>
+          
+          <ul>
+            <li>Read: View</li>
+            <li>Write: Modify portal content</li>
+          </ul>
+          <p>
+            If you have <strong>a lot of users</strong>, rendering this audit can be very time-consuming.<br />
+              In such conditions, you can select only "roles" to make things a lot faster.
+        </ol>
+      </ol>
+    </div>
+  </div>
+
+  <h1 tal:replace="structure here/manage_page_footer">Footer</h1>