view data/plugin/security/bbb_access_data.snippet @ 598:9e82360a5592

bbb: security policy snippet for controlling who can use other actions than show for a readonly page.
author Reimar Bauer <rb.proj AT googlemail DOT com>
date Wed, 13 Jun 2012 14:44:05 +0200
children ba791ad6c846
line wrap: on
line source
# -*- coding: iso-8859-1 -*-
    MoinMoin - SecurityPolicy implementing limitation for bbb_create parser

    you have to copy this snippet below your Config definition in 
    or you add it to the main security folder and import it into your Config definition.

    @copyright: 2012 MoinMoin:ReimarBauer
    @license: GNU GPL, see COPYING for details.

from MoinMoin.Page import Page
from import Permissions

class SecurityPolicy(Permissions):
    def read(self, page_name):
        request = self.request
        page = Page(request, page_name)
        format = page.pi['format']
        if format == "bbb_create":
            if request.action == u"show" or request.user.may.write(page_name):
                return True
            return False
        return True