1
# IVLE - Informatics Virtual Learning Environment
2
# Copyright (C) 2007-2008 The University of Melbourne
4
# This program is free software; you can redistribute it and/or modify
5
# it under the terms of the GNU General Public License as published by
6
# the Free Software Foundation; either version 2 of the License, or
7
# (at your option) any later version.
9
# This program is distributed in the hope that it will be useful,
10
# but WITHOUT ANY WARRANTY; without even the implied warranty of
11
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
# GNU General Public License for more details.
14
# You should have received a copy of the GNU General Public License
15
# along with this program; if not, write to the Free Software
16
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
18
# Module: Capabilities
22
# Provides a Role class which is used for the "rolenm" field of login rows
24
# This also provides a set of Caps (capabilities) and the ability to check if
25
# any given role has a given capability.
29
Role enumeration class. Provides values for "rolenm" fields, which are
30
enumerable and comparable. Immutable objects.
32
This allows you to check if a role has a certain capability by doing a
33
>= comparison on the lowest role with that capability.
35
Class Role has a capitalized member for each role, of type Role.
36
eg. Role.STUDENT is a Role object describing the "student" role.
38
_roles = ["anyone", "student", "marker", "tutor", "lecturer", "admin"]
39
_roles_to_int = {} # Will be written after class def
40
def __init__(self, role):
41
"""Creates a new Role object.
42
role may be any of the following types:
44
* str: Role of that name, as given by the str of a Role
45
(These correspond to the entries in the "rolenm" field of the DB).
46
Raises an Exception if the string is not a role.
47
* int: Role of that numeric index, as given by the fromEnum of a Role.
48
(This is the same as calling toEnum).
50
# Internally, stored as an int
51
if isinstance(role, Role):
52
self._role = role._role
53
elif isinstance(role, str):
55
self._role = Role._roles_to_int[role.lower()]
57
raise Exception("Not a valid role name: %s" % repr(role))
58
elif isinstance(role, int):
59
if role >= 0 and role < len(Role._roles):
62
raise Exception("Not a valid role ID: %d" % role)
64
return Role._roles[self._role]
66
return "Role.%s" % Role._roles[self._role].upper()
67
def __cmp__(self, other):
68
return cmp(self._role, other._role)
70
return hash(self._role)
73
"""Returns the int representation of this Role."""
77
"""Given an int, returns the Role for that role ID."""
80
def hasCap(self, capability):
81
"""Given a capability (which is a Role object), returns True if this
82
Role has that capability, False otherwise.
84
return self >= capability
86
# Role constants. These are actually members of the Role class, but they are
87
# defined here because they actually have the type Role.
88
for i in range(0, len(Role._roles)):
89
# XXX This is the only way I could find to write an attribute to a
90
# new-style class. It looks very dodgy.
91
type.__setattr__(Role, Role._roles[i].upper(), Role(i))
92
Role._roles_to_int[Role._roles[i]] = i
94
### CAPABILITIES LISTING ###
96
# Set of capabilities, which maps global variables onto Roles.
97
# This provides the minimum role level required in order to perform the given
99
# (So any role above the role specified can perform this cap).
101
# Create users (the users are able to log in and accept)
102
CAP_CREATEUSER = Role.ADMIN
103
# Get details about users
104
CAP_GETUSER = Role.LECTURER
105
# Change all details of a user
106
CAP_UPDATEUSER = Role.ADMIN
108
# Posting to subject blog for subjects you are teaching
109
CAP_BLOGPOST = Role.TUTOR
111
# Reading submissions (both tutorial and assignment) of student for whom you
113
CAP_READ_MY_STUDENTS_SUBMISSION = Role.TUTOR
114
# Reading all students' submissions (in subjects you have this cap for)
115
CAP_READ_SUBMISSION = Role.LECTURER
117
# Reading marks for your own students
118
CAP_READ_MY_STUDENTS_MARKS = Role.TUTOR
119
# Adding marks info for your own students (can't delete or edit, only add)
120
# (You can overwrite marks but old ones will be logged).
121
CAP_WRITE_MY_STUDENTS_MARKS = Role.TUTOR
122
# Reading marks for all students
123
CAP_READ_MARKS = Role.LECTURER
124
# Adding marks info for all students
125
CAP_WRITE_MARKS = Role.LECTURER
127
# Reading any student's svn (in subjects you have this cap for)
128
CAP_READ_SVN = Role.LECTURER
129
# Writing to any student's svn
130
CAP_WRITE_SVN = Role.LECTURER
132
# Create and modify projects and project sets
133
CAP_MANAGEPROJECTS = Role.LECTURER
134
# Create and modify project groups and assign logins to them
135
CAP_MANAGEGROUPS = Role.TUTOR
137
# "SuperUser" role - certain users are granted "sudo" powers on the Unix
138
# system, giving them abilities beyond what is granted here in IVLE.