Changes between Version 1 and Version 2 of DeveloperGuidelines/Organisations


Ignore:
Timestamp:
03/21/11 07:17:57 (10 years ago)
Author:
Fran Boon
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • DeveloperGuidelines/Organisations

    v1 v2  
    2727
    2828The roles are created by the {{{shn_create_record_roles}}} function in {{{models/05_org.py}}}, which can be called from an org or site create_onaccept by configuring the model as following: 
    29 {{{ 
     29{{{
    3030# Create roles for each organisation / site instance 
    3131s3xrc.model.configure(table,  
    3232                       create_onaccept = shn_staff_join_onaccept_func(tablename))   
    33 }}} 
     33}}}
    3434(This code should be called after the resource table is defined in the model) 
    3535
    3636=== Enabling Staff Permissions === 
    3737 1. Set: 
    38  {{{ 
     38{{{
    3939deployment_settings.security.policy = 3 # Controller-ACLs. 4 & 5 will also work 
    4040deployment_settings.aaa.has_staff_permissions = True 
     
    4444    .... 
    4545    restricted = True, 
    46 }}} 
     46}}}
    4747 2. When a new organisation or site instance is created:  
    4848  i. New roles (staff & supervisor) are automatically created for that record (tablename_recordid Staff of recordname & tablename_recordid Supervisors of recordname). 
     
    5353=== Inheriting Permissions === 
    5454To allow other components inherit the same permissions as the primary resource, the following function can be called, to add a onaccept function which will copy the "owned_by_role" from the primary resource. This onaccept should be added to the onaccept for the component resource.  
    55 {{{ 
     55{{{
    5656# Update owned_by_role to the site's owned_by_role     
    5757s3xrc.model.configure( 
     
    6262                                            pk = "site_id") 
    6363)     
    64 }}} 
     64}}}
    6565
    6666The staff component resource itself currently inherit permissions from sites not organisations, because this is LESS permissive. This may need to become a deployment setting. 
     
    6969Inventories can be added to any site instance, by adding {{{shn_show_inv_tabs(r)}}} to the rheader tabs for that site instance.  
    7070
     71----
     72BluePrintOrganisationRegistry
     73
     74DeveloperGuidelines