With plone.autoform a field can be protected with a permission like this:
from plone.supermodel import model
from plone.autoform import directives as form
class IMySchema(model.Schema):
form.read_permission(secret='cmf.ManagePortal')
form.write_permission(secret='cmf.ManagePortal')
secret = schema.TextLine(
title = u'Secret',
)
But how can set the read and write permission for a behavior like IPublication.effective
?
At the moment i do this in my editform:
class MyCTEditForm(DefaultEditForm):
enable_form_tabbing = False
# hold all widget from all fieldsets
allWidgets = {}
def update(self):
super(MyCTEditForm, self).update()
self.collectWidgets()
# that is the relevant check
current_user = api.user.get_current()
is_manager = api.user.has_permission('Manage portal', user=current_user, obj=self.context)
if not is_manager:
self.allWidgets['IPublication.effective'].mode = DISPLAY_MODE
def updateFields(self):
super(MyCTEditForm, self).updateFields()
def updateWidgets(self):
super(MyCTEditForm, self).updateWidgets()
def collectWidgets(self):
# all widgets from the schema
# the default fieldset
for name, widget in self.widgets.items():
self.allWidgets.update({name:widget})
# all widgets from the behavior schemas
# additional fieldset
for group in self.groups:
for name, widget in group.widgets.items():
self.allWidgets.update({name:widget})
But it doesn't feel right. Is there another option? Any hints?